4df943d1a2
CVE and OSVDB update
2013-06-25 02:06:20 -05:00
5b0092ff39
Land #2006 - Ref updates
2013-06-23 18:26:48 -05:00
14850cd387
reference updates for multiple modules
2013-06-22 07:28:04 -05:00
339f2a5c83
Hmmm, one extra ','
2013-06-21 21:29:17 -05:00
8d422c9a39
Forgot to randomize the fake pass and remove the payload during testing
2013-06-21 21:27:11 -05:00
e7d75d6d16
Add OSVDB-94038: ZPanel htpasswd Module Username Command Execution
2013-06-21 21:03:10 -05:00
494ee160af
Fix indent
2013-06-19 23:12:12 -05:00
2d99c46414
Land #1990 , @wchen-r7's exploit for Libretto CMS
2013-06-19 23:11:34 -05:00
079477c57d
Commit final version
2013-06-19 20:35:24 -05:00
62b23bc594
Initial (incomplete) commit
2013-06-19 16:59:15 -05:00
81b4efcdb8
Fix requires for PhpEXE
...
And incidentally fix some msftidy complaints
2013-06-19 16:27:59 -05:00
d347be35e9
Land #1986 - Restores MoinMoin during exploitation
2013-06-19 12:14:10 -05:00
a894dc83c2
Try restore also at exploiting time
2013-06-19 11:35:52 -05:00
7b0977f897
Change base path
2013-06-19 11:33:45 -05:00
f0c81ed3cc
Correct disclosure date
2013-06-19 03:00:32 -05:00
67593d6ef4
Eh, PHP, not "php"
2013-06-19 02:34:49 -05:00
9c3bd12613
If I can't write, I want to know.
...
It's possible that the upload directory doesn't allow write, the
module should be aware of that. Other reasons may be possible.
2013-06-19 02:32:30 -05:00
19d868748d
Final version
2013-06-19 02:21:01 -05:00
5c1822ea17
Initial commit for havalite module
2013-06-18 19:00:42 -05:00
3223ea799c
An invalid WritablePage option can result the same message as well.
2013-06-17 22:30:44 -05:00
044bd2101f
Authenticate against the page to modify
2013-06-17 20:34:02 -05:00
0bd6ca2a6a
Add module for CVE-2012-6081
2013-06-17 16:13:55 -05:00
460542506d
changed to array
2013-05-16 19:01:20 +02:00
60e0cfb17b
Trivial description cleanup
2013-04-29 14:11:20 -05:00
6c76bee02f
Trying to make the description sound smoother
2013-04-26 16:02:28 -05:00
9b5e96b66f
Fix @jlee-r7's feedback
2013-04-25 14:53:09 -05:00
52b721c334
Update description
2013-04-25 14:47:35 -05:00
84e9f80ffa
Add check for WP-Super-Cache
2013-04-25 14:43:16 -05:00
15c8d92148
Fix version checked and add reference
2013-04-25 12:48:36 -05:00
7d317e5933
Switch from post to get on check
2013-04-25 07:51:28 -05:00
d55faa14d3
Add check function
2013-04-25 07:44:37 -05:00
51fd07a145
Add BID reference
2013-04-24 21:48:05 -05:00
378c2079a2
Add hdm also as author
2013-04-24 17:37:29 -05:00
b816dd569c
Update description
2013-04-24 17:34:25 -05:00
573e880a62
Use the correct post id when posting
2013-04-24 17:30:24 -05:00
ded0269ba0
Add POST ID bruteforcing capabality
2013-04-24 17:21:36 -05:00
fca4c3b8b2
Add sha1 sum check to allow execution
2013-04-24 16:10:49 -05:00
d2e29b846c
Add module for Wordpress Total Cache PHP Injection
2013-04-24 15:29:40 -05:00
1d95abc458
cleanup for joomla_comjce_imgmanager
2013-03-26 12:02:39 +01:00
9b3bbd577f
module moved to unix webapps
2013-03-26 12:02:08 +01:00
4852f1b9f7
modify exploits to be compatible with the new netcat payloads
2013-03-11 18:35:44 +01:00
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
c290bc565e
Merge branch 'master' into feature/http/authv2
2013-02-28 14:33:44 -06:00
0ae489b37b
last of revert-merge snaffu
2013-02-19 23:16:46 -06:00
6b1bb9e1e8
Added module for OSVDB 90222
2013-02-16 13:11:46 +01:00
8ddc19e842
Unmerge #1476 and #1444
...
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.
First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.
FixRM #7752
2013-02-11 20:49:55 -06:00
8d013d1034
Merge branch 'master' into http/auth_methods
2013-02-04 13:11:57 -06:00
4c1e630bf3
BasicAuth datastore cleanup
...
cleanup all the old BasicAuth datastore options
2013-02-04 13:02:26 -06:00
027ba28e70
Merge branch 'jvazquez-r7-datalife_template'
2013-02-01 16:27:18 -06:00
a63cf6977c
Fix 1.8 support
2013-02-01 14:39:32 -06:00
sinn3r
Steve Tornio
jvazquez-r7
James Lee
h0ng10
Tod Beardsley
David Maloney
Tod Beardsley
sinn3r
HD Moore