jvazquez-r7
51b3d164f7
Move the DoS module to the correct location
2014-01-17 09:30:51 -06:00
Tod Beardsley
e737b136cc
Minor grammar/caps fixup for release
2013-12-09 14:01:27 -06:00
jvazquez-r7
fdebfe3d2f
Add references
2013-12-07 14:25:58 -06:00
sinn3r
adc241faf8
Last one, I say
2013-12-06 15:52:42 -06:00
sinn3r
17193e06a9
Last commit, I swear
2013-12-06 15:49:44 -06:00
sinn3r
58a70779ac
Final update
2013-12-06 15:48:59 -06:00
sinn3r
9f5768ae37
Another update
2013-12-06 14:53:35 -06:00
sinn3r
af16f11784
Another update
2013-12-06 14:39:26 -06:00
sinn3r
87e77b358e
Use the correct URI
2013-12-06 12:08:19 -06:00
sinn3r
5d4acfa274
Plenty of changes
2013-12-06 11:57:02 -06:00
sinn3r
c07686988c
random uri
2013-12-05 18:07:24 -06:00
sinn3r
8e9723788d
Correct description
2013-12-04 17:25:58 -06:00
sinn3r
fb2fcf429f
This one actually works
2013-12-04 17:22:42 -06:00
sinn3r
d0071d7baa
Add CVE-2013-6414 Rails Action View DoS
2013-12-04 14:57:30 -06:00
Tod Beardsley
23448b58e7
Remove timeout checkers that are rescued anyway
2013-11-25 12:37:23 -06:00
Tod Beardsley
f311b0cd1e
Add user-controlled verbs.
...
GET, HEAD, POST, and PROPFIND were tested on WebRick, all successful.
2013-11-25 12:29:05 -06:00
Tod Beardsley
6a28aa298e
Module for CVE-2013-4164
...
So far, just a DoS. So far, just tested on recent Rails with Webrick and
Thin front ends -- would love to see some testing on ngix/apache with
passenger/mod_rails but I don't have it set up at the moment.
2013-11-22 16:51:02 -06:00
jvazquez-r7
f963f960cb
Update title
2013-11-18 15:07:59 -06:00
jvazquez-r7
274247bfcd
Land #2647 , @jvennix-r7's module for Gzip Memory Bomb DoS
2013-11-18 15:06:46 -06:00
joev
589660872e
Kill FILEPATH datastore option.
2013-11-18 14:13:25 -06:00
joev
8e889c61f7
Update description.
2013-11-17 15:48:27 -06:00
joev
f7820139dc
Add a content_type datastore option.
2013-11-17 15:38:55 -06:00
joev
43d2711b98
Default to 1 round compression.
2013-11-17 15:35:35 -06:00
joev
1e3860d648
Add gzip bomb dos aux module.
2013-11-17 14:44:33 -06:00
William Vu
2c485c509e
Fix caps on module titles (first pass)
2013-11-15 00:03:42 -06:00
William Vu
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
Tod Beardsley
9045eb06b0
Various title and description updates
2013-10-28 14:00:19 -05:00
jvazquez-r7
6989f16661
Land #2548 , @titanous's aux module for CVE-2013-4450
2013-10-22 15:02:54 -05:00
jvazquez-r7
bdf07456ba
Last cleanup for nodejs_pipelining
2013-10-22 15:00:58 -05:00
Jonathan Rudenberg
db447b65f9
Add exploit for Node.js HTTP Pipelining DoS
2013-10-22 15:12:14 -04:00
sinn3r
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
Tod Beardsley
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
Tod Beardsley
ed0b84b7f7
Another round of re-splatting.
2013-10-15 14:14:15 -05:00
Tod Beardsley
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
Tod Beardsley
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
darknight007
7b82c64983
ms12-020 stack print resolve
2013-10-12 16:49:03 +05:00
darknight007
e1b9f1a3c4
modified ms12-020 module to resolve stack print
2013-10-12 16:36:37 +05:00
darknight007
291b90405d
Merge branch 'master' of https://github.com/darknight007/metasploit-framework
...
Conflicts:
modules/auxiliary/dos/windows/rdp/ms12_020_maxchannelids.rb
2013-10-12 16:23:09 +05:00
darknight007
602fd276bc
using theirs
2013-10-12 16:20:26 +05:00
darknight007
4e50c574c5
Update ms12_020_maxchannelids.rb
...
ms12_020_maxchannelids.rb produces a call stack when the connection is timed out.
To reproduct, just run the module against a system having no RDP enabled.
2013-10-12 15:39:13 +05:00
Meatballs
c460f943f7
Merge branch 'master' into data_dir
...
Conflicts:
modules/exploits/windows/local/always_install_elevated.rb
plugins/sounds.rb
scripts/meterpreter/powerdump.rb
scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
darknight007
f1ab7b51b1
Update ms12_020_maxchannelids.rb
...
ms12_020_maxchannelids.rb produces a call stack when the connection is timed out.
To reproduct, just run the module against a system having no RDP enabled.
2013-09-30 13:43:26 +05:00
Meatballs
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
FireFart
09fa7b7692
remove rport methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:50:34 +02:00
FireFart
84ec2cbf11
remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:42:44 +02:00
Tod Beardsley
b4b7cecaf4
Various minor desc fixes, also killed some tabs.
2013-09-16 15:50:00 -05:00
jvazquez-r7
a40e0ba704
Clean up read_nttrans_ea_list
2013-09-07 16:11:00 -05:00
Tab Assassin
597f337d1b
Retab changes for PR #2298
2013-09-05 13:52:10 -05:00
Tab Assassin
acfef429c2
Merge for retab
2013-09-05 13:52:05 -05:00
Boris
a23c1f1ad4
added additional "include"
2013-09-03 19:34:37 +04:00
Boris
9a33c674aa
RHOST, RPORT removed, Tries option added
2013-09-01 22:58:22 +04:00
Boris
28ca62d60f
New option added. Names now random. Dos check added
2013-08-31 13:18:22 +04:00
Tab Assassin
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
Boris
b3ec8f741f
File moved to auxiliary with some bug fixes
2013-08-29 00:11:34 +04:00
Tod Beardsley
bc24f99f8d
Various description and title updates
2013-07-01 15:37:37 -05:00
sinn3r
6168eb7590
Land #1981 - Canon Wireless Printer Denial of Service
2013-06-18 19:04:48 -05:00
sinn3r
7d15dc379d
Make msftidy happy
2013-06-18 19:04:03 -05:00
Matt Andreko
0533ca68dc
Added DoS result checking
...
Lowered the http timeout
2013-06-18 19:48:21 -04:00
Matt Andreko
8c28631d4b
Fixed the date format
...
Removed the rport option
These are items that were code-review for my other related module, so
I figured they should be done here too
2013-06-18 12:17:50 -04:00
jvazquez-r7
6c2d99c2bc
Land #1972 , @wchen-r7's patch for [FixRM:#4704]
2013-06-17 23:17:22 -05:00
Tod Beardsley
4ca9a88324
Tidying up grammar and titles
2013-06-17 16:49:14 -05:00
Matt Andreko
d877e4d489
Added CVE and disclosure date
2013-06-17 17:41:50 -04:00
sinn3r
8bdd89f68b
[FixRM:#4704] - Fix EOFError in filezilla_server_port
...
If login fails, the module shouldn't continue sending commands to
the server, otherwise this causes an EOF.
2013-06-17 14:24:01 -05:00
Matt Andreko
3923bbeee9
Update
2013-06-15 18:28:58 -04:00
Matt Andreko
0494ac9218
Added Canon Wireless Printer DoS module
2013-06-15 18:23:04 -04:00
jvazquez-r7
fd74390952
Clean monkey_headers
2013-06-13 18:07:35 -05:00
sinn3r
73aff97053
Land #1950 - Monkey HTTPD Header Parsing Denial-of-Service
...
This is the reviewed/updated version of pull request #1950 . We're
landing this one instead because the other one has a lot of
unnecessary commit messages.
2013-06-13 15:56:34 -05:00
Tod Beardsley
f58e279066
Cleanup on module names, descriptions.
2013-06-10 10:52:22 -05:00
jvazquez-r7
3fbbe3e7b3
Make msftidy happy
2013-06-10 08:16:15 -05:00
jvazquez-r7
3c05cf4382
Land #1842 , @viris DoS module for cve-2013-0229
2013-06-10 08:15:45 -05:00
Dejan Lukan
154894bda6
Added comments and merged jvazquez-r7-miniupnp_dos_clean branch.
2013-06-10 10:18:26 +02:00
jvazquez-r7
ec52795182
Clean for miniupnp_dos.rb
2013-06-06 11:19:26 -05:00
Dejan Lukan
2fe704ce38
Deleted undeeded comments and spaces.
2013-06-04 09:00:53 +02:00
William Vu
055e0a222c
Land #1902 , OSVDB reference for memcached
2013-06-03 14:57:43 -05:00
Tod Beardsley
4cf682691c
New module title and description fixes
2013-06-03 14:40:38 -05:00
sinn3r
b087951118
Add OSVDB reference 92867 for Memcached DoS module
2013-06-03 12:41:33 -05:00
sinn3r
116e2bb418
Landing #1782 - Added Memcached Remote Denial of Service module
2013-06-03 12:30:37 -05:00
sinn3r
3d9dcbf5bd
Add a check to see if the host is down
2013-06-03 12:26:57 -05:00
Dejan Lukan
217b263af7
Moved the module to different location and make it msftidy.rb compliant.
2013-06-03 10:35:10 +02:00
Tod Beardsley
e3384439ed
64-bit, not '64 bits'
2013-05-13 15:40:17 -05:00
jvazquez-r7
d37d211ecc
Fix short escape sequences error
2013-05-09 17:29:55 -05:00
jvazquez-r7
b18a98259b
Modify default rport
2013-05-09 16:24:54 -05:00
jvazquez-r7
3e1d1a3f98
Land #1659 , @nmonkee's sap_soap_rfc_eps_delete_file module
2013-05-09 16:22:54 -05:00
jvazquez-r7
7b960a4f18
Add OSVDB reference
2013-05-06 00:54:00 -05:00
jvazquez-r7
a17062405d
Clean up for sap_soap_rfc_eps_delete_file
2013-05-06 00:53:07 -05:00
jvazquez-r7
5adc2879bf
Change module filename
2013-05-06 00:51:23 -05:00
jvazquez-r7
66a5eb74c5
Move file to auxiliary/dos/sap
2013-05-06 00:50:50 -05:00
Gregory Man
76e70adcff
Added Memcached Remote Denial of Service module
...
https://code.google.com/p/memcached/issues/detail?id=192
2013-04-30 17:45:09 +03:00
sinn3r
a09b3b8023
Lands #1169 - Adds a check
...
[Closes #1169 ]
Conflicts:
modules/auxiliary/dos/http/apache_range_dos.rb
2013-04-22 15:50:15 -05:00
sinn3r
882b084cba
Changes the default action
2013-04-22 15:47:38 -05:00
sinn3r
7e28a4ddb0
Uses "ACTIONS" keys instead of datastore options
...
It's better to use ACTIONS instead of datastore in this case. Also,
did some cleanup.
2013-04-22 15:41:47 -05:00
jvazquez-r7
225342ce8f
final cleanup for sysax_sshd_kexchange
2013-04-08 20:28:37 +02:00
jvazquez-r7
5bc454035c
Merge remote-tracking branch 'origin/pr/1710' into landing-pr1710
2013-04-08 20:20:11 +02:00
Matt Andreko
f96baa7e7e
Code Review Feedback
...
made the CLIENTVERSION always include the "SSH-2.0-OpenSSH_5.1p1 " to trigger DoS
2013-04-08 10:58:35 -04:00
Matt Andreko
4c8e19ad1a
Added reference
...
Removed final debug print statement
2013-04-08 08:28:53 -04:00
James Lee
9086c53751
Not an HttpClient, so doesn't have normalize_uri
...
[FixRM #7851 ]
2013-03-28 13:16:21 -05:00
Matt Andreko
fd5bd52e6d
Added some error handling if the connection dies.
2013-03-18 17:26:40 -04:00
Matt Andreko
66dcbca562
Sysax Multi-Server SSHD DoS
...
This exploit affects Sysax Multi-Server version 6.10. It causes a
Denial of Service by sending a specially crafted Key Exchange, which
causes the service to crash.
2013-03-18 17:16:12 -04:00
jvazquez-r7
02f90b5bbd
cleanup for dopewars
2013-03-14 15:53:19 +01:00
jvazquez-r7
4d9f2bbb06
Merge branch 'master' of https://github.com/dougsko/metasploit-framework into dougsko-master
2013-03-14 15:51:47 +01:00
James Lee
2f11796dfa
Fix typo
...
[SeeRM #7800 ]
2013-03-13 16:10:20 -05:00
Doug P
22133ba8ff
removed version number
2013-03-12 16:36:14 -04:00
Doug P
70da739666
fixed errors in dopewars.rb shown by msftidy
2013-03-12 15:47:31 -04:00
Doug P
c8c50a6407
cleaned up dopewars module
2013-03-12 12:56:12 -04:00
doug
a199c397e4
...
2013-03-11 17:09:17 -04:00
doug
4d6e19b40b
small edits to dopewars.rb
2013-03-11 17:07:05 -04:00
doug
0e607f8252
added dopewars module
2013-03-11 16:52:49 -04:00
James Lee
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
jvazquez-r7
781132b1cf
cleanup for openssl_aesni
2013-03-05 22:41:16 +01:00
Wolfgang Ettlinger
867875b445
Beautified OpenSSL-AESNI module
...
Modifed the CVE-2012-2686 module to follow
suggestions by @jvazquez-r7:
* Added description for all fields in the
SSL packets
* MAX_TRIES now required
* use get_once instead of timeout
2013-03-04 19:09:50 +01:00
Wolfgang Ettlinger
e7015985e7
Added CVE-2012-2686
...
Added Module for a DoS issue in OpenSSL (pre 1.0.1d). Can be exploited
with services that use TLS >= 1.1 and AES-NI. Because of improper
length computation, an integer underflow occurs leading to a
segmentation fault. This module brute-forces serveral encrypted
messages - when the decrypted message coincidentally specifies a
certain value for the size, the integer underflow occurs. Though this
could be accomplished more effectively (e.g. implementing or
maninpulating and TLS implementation), this module still does what it
should do.
2013-02-27 22:57:53 +01:00
sinn3r
92093cd7d8
There's no HttpClient, so it shouldn't be using normalize_uri
2013-02-19 15:04:18 -06:00
sinn3r
c174e6a208
Correctly use normalize_uri()
...
normalize_uri() should be used when you're joining URIs. Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
Tod Beardsley
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
Christian Mehlmauer
e4a6669927
msftidy: remove $Revision$
2013-01-03 01:05:45 +01:00
Christian Mehlmauer
4d8a2a0885
msftidy: remove $Revision$
2013-01-03 01:01:18 +01:00
Christian Mehlmauer
95948b9d7c
msftidy: remove $Revision$
2013-01-03 00:58:09 +01:00
Christian Mehlmauer
ca890369b1
msftidy: remove $Id$
2013-01-03 00:54:48 +01:00
T0X1C-1
1714fa21b1
adjusted DOS part to use HttpClient
2012-12-17 15:46:39 +01:00
T0X1C-1
a48c14124b
added CHECK functionality to the existing module
2012-12-13 16:54:50 +01:00
sinn3r
64a8b59ff9
Change CVE forma
...
Although the original text should work perfectly, for better
consistency, it's best to remove the "CVE" part. This may not
be a big deal in framework, but stands out a lot in Pro.
2012-12-09 01:09:21 -06:00
HD Moore
93a69ea62e
Fix instances of invalid lower-case datastore use
2012-11-29 00:05:36 -06:00
Tod Beardsley
6b4c131cf5
Avoiding a future conflict with release
2012-11-20 13:24:19 -06:00
jvazquez-r7
e8fe6031e9
Let default timeout for send_request_cgi
2012-11-16 18:09:47 +01:00
jvazquez-r7
51f238ec38
up to date
2012-11-16 16:03:09 +01:00
Chris John Riley
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
sinn3r
2c4273e478
Correct some modules with res nil
2012-10-29 04:41:30 -05:00
Michael Schierl
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
Michael Schierl
39e81d3e53
Arch/Platform cleanup: aux modules need neither
2012-10-22 20:28:02 +02:00
David Maloney
f75ff8987c
updated all my authour refs to use an alias
2012-09-19 21:46:14 -05:00
sinn3r
9d97dc8327
Add Metasploit blogs as references, because they're useful.
2012-09-03 15:57:27 -05:00
sinn3r
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
sinn3r
e5dd6fc672
Update milw0rm references.
...
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links. Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
HD Moore
e31a09203d
Take into account an integer-normalized datastore
2012-06-24 22:59:14 -05:00
HD Moore
c388cba421
Fix up modules calling report_vuln() to use new syntax
2012-06-17 23:39:20 -05:00
sinn3r
3f0431cf51
Massive whitespace destruction
...
Remove whitespace found at the end of the line
2012-06-06 00:36:17 -05:00
sinn3r
b282901b08
Correct emails for aux and exploit modules
2012-06-04 21:58:01 -05:00
sinn3r
0fcc53b0a2
Handle nil for get_once
2012-06-04 15:31:10 -05:00
Christian Mehlmauer
6ae17db7d3
Adding FireFart's hashcollision DoS module
...
Have some minor edits below, looks like it all works now though.
Squashed commit of the following:
commit b7befd4889f12105f36794b1caca316d1691b335
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Jun 1 14:31:32 2012 -0500
Removing ord in favor of unpack.
Also renaming a 'character' variable to 'c' rather than 'i' which is
easy to mistake for an Integer counter variable.
commit e80f6a5622df2136bc3557b2385822ba077e6469
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Jun 1 14:24:41 2012 -0500
Cleaning up print msgs
commit 5fd65ed54cb47834dc646fdca8f047fca4b74953
Author: Tod Beardsley <todb@metasploit.com>
Date: Fri Jun 1 14:19:10 2012 -0500
Clean up hashcollision_dos description
Caps, mostly. One sentence I still don't get but it's not really a show
stopper.
commit bec0ee43dc9078d34a328eb416970cdc446e6430
Author: Christian Mehlmauer <FireFart@gmail.com>
Date: Thu May 24 19:11:32 2012 +0200
Removed RPORT, ruby 1.8 safe, no case insensitive check, error handling
commit 20793f0dfd9103c4d7067a71e81212b48318d183
Author: Christian Mehlmauer <FireFart@gmail.com>
Date: Tue May 22 23:11:53 2012 +0200
Hashcollision Script (again)
2012-06-01 14:51:11 -05:00
Tod Beardsley
4772c1258e
Removing hashcollision_dos module due to license violation
...
The description text is a copy-paste of
http://www.ocert.org/advisories/ocert-2011-003.html , which has a
specific creative commons liscence prohibiting derivative works.
Since I have no idea what else in this module is a license violating,
I'm pulling it completely. I suspect a lot, though -- there are weird
all-caps methods in the module that look like copy-pastes as well.
Next time, please contribute original work, or at least work that is not
encumbered by restrictive licensing.
2012-05-21 11:28:58 -05:00
Tod Beardsley
eea20e773b
Capitalization fixups on hashcollision_dos
2012-05-21 11:06:18 -05:00
sinn3r
8428d16db3
Format correction
2012-05-15 19:21:16 -05:00
Christian Mehlmauer
19e32c210a
Added more references
2012-05-15 23:59:30 +02:00
Christian Mehlmauer
46e58f8618
Ruby naming style
2012-05-15 23:53:33 +02:00
Christian Mehlmauer
5f0075e24f
Revert API change
2012-05-15 23:28:51 +02:00
Christian Mehlmauer
b298597218
Switched to Http Library, Code formatting issues
2012-05-15 19:43:28 +02:00
Christian Mehlmauer
dc10fac885
Ported my Hashcollision Script to Ruby
2012-05-13 20:59:42 +02:00
sinn3r
f77efbf89e
Change the rest of print_*
2012-04-25 14:24:17 -05:00
Tod Beardsley
9c8e6ac9da
Ruby 1.8 compat for the SCADA modules.
...
But really, you should be using Ruby 1.9 by now.
2012-04-05 17:05:03 -05:00
Tod Beardsley
14d9953634
Adding DigitalBond SCADA modules
2012-04-05 12:35:48 -05:00
Tod Beardsley
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
Tod Beardsley
8f17cc3f5c
MS12-020 not MS12-002
2012-03-21 13:58:18 -05:00
Tod Beardsley
4391c24d2f
Trivial touchups on RDP DoS module.
...
Dropping a line about what it can't do, adding freenode comment.
2012-03-19 14:27:27 -05:00
sinn3r
3a851ef2c2
Fix typo
2012-03-19 13:20:59 -05:00
sinn3r
3d72d52625
Add reporting to MS12-020
2012-03-19 13:18:51 -05:00
sinn3r
fa4504e1f6
Let's make this clear, it's just a DoS
2012-03-19 13:00:29 -05:00
sinn3r
13f16daca7
Actually, that date is way off. Corrected.
2012-03-19 12:58:52 -05:00
sinn3r
d8be328b89
Ported Daniel/Alex/jduck's MS12-020 PoC as a Metasploit module
2012-03-19 12:53:34 -05:00
sinn3r
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
HD Moore
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
HD Moore
af56807668
Cleanup the titles of many exploit modules
2012-02-20 19:25:55 -06:00
Tod Beardsley
f6a6963726
Msftidy run over the recent changed+added modules
2012-01-24 15:52:41 -06:00
sinn3r
be906023dc
one register_options() should be fine.
2012-01-20 13:02:54 -06:00
sinn3r
d6566aa818
Add CVE-2011-4050 7-Technologies IGSS 9 IGSSdataServer.exe DoS module (Feature #6267 )
2012-01-20 12:57:13 -06:00
sinn3r
b202c29153
Correct e-mail format
2011-12-29 11:27:10 -06:00
Rob Fuller
c411c216c0
Solved most of msftidy issues with the /modules directory
2011-11-28 17:10:29 -06:00
sinn3r
b7950a752e
Add feature #4929 (MS09-053)
2011-11-26 13:30:35 -06:00
James Lee
67120d4263
msftidy on aux modules, see #5749
2011-11-20 13:12:07 +11:00
Tod Beardsley
a5ef33305f
Fixes #5609 , thanks David!
...
git-svn-id: file:///home/svn/framework3/trunk@14052 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 21:57:42 +00:00
Joshua Drake
62c8c6ea9f
big msftidy pass, ping me if there are issues
...
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
Wei Chen
975cc52bac
Fix spelling errors
...
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
Tod Beardsley
c336d063da
Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip.
...
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 04:20:53 +00:00
Tod Beardsley
30ac88694f
More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
...
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:58:53 +00:00
Tod Beardsley
e9461c766e
Msftidy run against a bunch of whitespace violations, a few line too longs.
...
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:42:01 +00:00
Tod Beardsley
f0ee05eece
Moving dos modules to manual ranking.
...
git-svn-id: file:///home/svn/framework3/trunk@13940 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:20:04 +00:00
Tod Beardsley
c45add4199
Moving an old unnamed Microsoft exploit to the proper named exploit.
...
git-svn-id: file:///home/svn/framework3/trunk@13939 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:16:13 +00:00
HD Moore
0ff7f17cba
Cosmetic module and service name fixes
...
git-svn-id: file:///home/svn/framework3/trunk@13917 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 00:52:15 +00:00
Wei Chen
8f2c87fb5e
Add Beckhoff TwinCAT SCADA PLC dos module (Feature #5524 )
...
git-svn-id: file:///home/svn/framework3/trunk@13865 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 23:41:15 +00:00
David Rude
4d850c1ee6
Adds Apache Range DoS aka Apache Killer
...
git-svn-id: file:///home/svn/framework3/trunk@13781 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 16:38:35 +00:00
Wei Chen
835c5938d5
Fix typo. Thx mubix for spotting it.
...
git-svn-id: file:///home/svn/framework3/trunk@13687 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 04:39:47 +00:00
HD Moore
e4f74b75f8
Add a module for the rsyslog DoS (not triggerable on many platforms)
...
git-svn-id: file:///home/svn/framework3/trunk@13681 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-02 15:55:54 +00:00
Tod Beardsley
df52bfaa4f
Ensure that we check for pcaprub before doing much anything else for those modules that actually require it. In some cases, that means moving open_pcap() up to be the first method call, in others, insert check_pcaprub_loaded first. Also removes a few cases of redundant checking (the Capture mixin does all this already anyway).
...
git-svn-id: file:///home/svn/framework3/trunk@13381 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 20:21:47 +00:00
Tod Beardsley
b22ca615c7
Fixes #5038 , missed a couple mentions of Racket. Excised now for sure.
...
git-svn-id: file:///home/svn/framework3/trunk@13371 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 17:44:36 +00:00
Tod Beardsley
c54e18d757
Fixes #5038 . Removes all instances of Racket objects, as far as I can tell. If I missed any through my mighty grep -ril racket . statement, please reopen!
...
git-svn-id: file:///home/svn/framework3/trunk@13342 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 01:29:21 +00:00
Wei Chen
5fdf482a8b
Add MSB reference
...
git-svn-id: file:///home/svn/framework3/trunk@13331 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:50:56 +00:00
Wei Chen
e115e78f8d
Fix CVE
...
git-svn-id: file:///home/svn/framework3/trunk@13327 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:20:02 +00:00
Wei Chen
410d124ec5
Change name for consistency
...
git-svn-id: file:///home/svn/framework3/trunk@13294 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 05:56:04 +00:00
Wei Chen
465f3f2739
Update metadata
...
git-svn-id: file:///home/svn/framework3/trunk@13293 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 05:45:46 +00:00
Steve Tornio
46451acec5
add/fix some cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@13270 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-21 01:10:40 +00:00
Wei Chen
0fd6c8880e
Added DoS module for kaillera, and a new 'games' folder under windows
...
git-svn-id: file:///home/svn/framework3/trunk@13118 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-07 19:33:55 +00:00
Steve Tornio
7e02e7abd6
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13038 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-27 11:43:54 +00:00
Joshua Drake
2e4fd81740
add CVE-2011-0657 DoS module
...
git-svn-id: file:///home/svn/framework3/trunk@13037 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-27 01:17:07 +00:00
HD Moore
e2e27341be
Rename this thing
...
git-svn-id: file:///home/svn/framework3/trunk@12668 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 19:50:11 +00:00
James Lee
554ebd7040
make author field consistent, fixes #4336
...
git-svn-id: file:///home/svn/framework3/trunk@12636 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 17:21:59 +00:00
David Rude
3b5cf3826a
Added TheLightCosines OpenSSL ChangeCipherSpec DoS aux module
...
git-svn-id: file:///home/svn/framework3/trunk@12538 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:08:28 +00:00
James Lee
2a06f2b70c
remove extraneous options, fixes #4146 . note that INTERFACE is not extraneous (since the user needs to be able to specify which iface to inject on)
...
git-svn-id: file:///home/svn/framework3/trunk@12398 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 21:05:17 +00:00
Steve Tornio
6dc526f22b
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12295 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 18:12:17 +00:00
David Rude
5e89b22aae
Added ISC DHCP Zero Length ClientID DoS Module thx TheLightCosine
...
git-svn-id: file:///home/svn/framework3/trunk@12293 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 15:56:39 +00:00
Wei Chen
8efd5ce82c
Added denial-of-service module for HP Data Protector's RDS service
...
git-svn-id: file:///home/svn/framework3/trunk@12278 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 07:56:48 +00:00
Patrick Webster
1c2e08d95d
Added SonicWall SSL-VPN format string module.
...
git-svn-id: file:///home/svn/framework3/trunk@12261 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 03:56:35 +00:00