Commit Graph

946 Commits (97c3159293fdda15baa55c1f14f241be5457cf1d)

Author SHA1 Message Date
HD Moore 86bc12940a Fix tabstops for weblogic module
git-svn-id: file:///home/svn/framework3/trunk@6405 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-28 06:00:23 +00:00
HD Moore a5125c6c87 Update the module description
git-svn-id: file:///home/svn/framework3/trunk@6404 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-28 05:52:40 +00:00
natron 3b704ecf46 Add support for Reader 8.1.2, increase heapspray reliability
git-svn-id: file:///home/svn/framework3/trunk@6400 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-28 02:40:27 +00:00
pusscat 41960b0300 Add jsessionid exploit
git-svn-id: file:///home/svn/framework3/trunk@6399 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-27 19:03:39 +00:00
natron bee2e44254 Remove debug messages, fix nops.
git-svn-id: file:///home/svn/framework3/trunk@6398 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-27 02:34:40 +00:00
natron 989a0bf88f Backed off the heapspray, will hopefully work on low and high RAM systems now.
git-svn-id: file:///home/svn/framework3/trunk@6397 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-27 02:32:13 +00:00
natron 8784ee930f Adobe JBIG2Decode Exploit (CVE-2009-0658)
git-svn-id: file:///home/svn/framework3/trunk@6395 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-27 00:08:19 +00:00
Mario Ceballos a036178737 added exploit module orbit_connecting.rb
git-svn-id: file:///home/svn/framework3/trunk@6348 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-17 01:24:16 +00:00
kris 804ff61df6 big svn:keywords run
git-svn-id: file:///home/svn/framework3/trunk@6345 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-15 18:12:33 +00:00
Mario Ceballos f7dafe0156 added exploit module belkin_bulldog.rb.
git-svn-id: file:///home/svn/framework3/trunk@6334 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-11 22:33:51 +00:00
Patrick Webster 7209271870 Added exploit module apache_mod_rewrite_ldap.
git-svn-id: file:///home/svn/framework3/trunk@6327 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-10 06:42:11 +00:00
Patrick Webster 2df5dc3204 Added exploit module ebook_flipviewer_fviewerloading from LSO.
git-svn-id: file:///home/svn/framework3/trunk@6281 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-02 23:14:54 +00:00
Patrick Webster a71b3e8c22 Added exploit module efs_easychatserver_username from LSO.
git-svn-id: file:///home/svn/framework3/trunk@6280 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-02 06:57:00 +00:00
natron b6731747c4 added ie_unsafe_scripting exploit module
git-svn-id: file:///home/svn/framework3/trunk@6260 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-27 22:35:50 +00:00
Patrick Webster d5c625b803 Added exploit module dlink_long_filename from LSO.
git-svn-id: file:///home/svn/framework3/trunk@6256 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-26 08:19:01 +00:00
Patrick Webster c902c035aa Typo in vendor name. Steamcast.
git-svn-id: file:///home/svn/framework3/trunk@6255 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-25 11:50:24 +00:00
Patrick Webster 415b4c2593 Added exploit module streamcast_useragent.rb from LSO.
git-svn-id: file:///home/svn/framework3/trunk@6254 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-25 11:35:36 +00:00
Mario Ceballos 7118ef0a2c added aux module osb_execqr.rb and exploit module osb_ndmp_auth.rb.
git-svn-id: file:///home/svn/framework3/trunk@6248 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-23 16:26:00 +00:00
cg 8fe4bf88b9 MS09-002 coverage by dean
git-svn-id: file:///home/svn/framework3/trunk@6238 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-20 17:46:52 +00:00
Mario Ceballos 092db8229c added exploit module fdm_auth_header.rb
git-svn-id: file:///home/svn/framework3/trunk@6205 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-02 18:27:36 +00:00
Mario Ceballos b321790c04 added exploit module license_gcr.rb.
git-svn-id: file:///home/svn/framework3/trunk@6183 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-25 02:22:18 +00:00
Mario Ceballos 9637e98cc4 added exploit module hp_nnm_toolbar.rb
git-svn-id: file:///home/svn/framework3/trunk@6167 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-19 23:07:28 +00:00
Mario Ceballos 7ef0ddeec5 added exploit module symantec_appstream_unsafe.rb
git-svn-id: file:///home/svn/framework3/trunk@6162 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-18 02:19:26 +00:00
Mario Ceballos 430d7cb424 fixed BID number.
git-svn-id: file:///home/svn/framework3/trunk@6145 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-13 14:41:14 +00:00
Mario Ceballos bc1f2da254 added exploit module winzip_fileview.rb from dean.
git-svn-id: file:///home/svn/framework3/trunk@6144 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-13 14:04:53 +00:00
James Lee 288075f7a0 add report_auth_info to some modules that authenticate. thanks, tebo
git-svn-id: file:///home/svn/framework3/trunk@6118 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-11 05:52:07 +00:00
Mario Ceballos 3ee6eaede8 added exploit module nis2004_antispam.rb that makes use of egypts newly added heap spray stuff.
git-svn-id: file:///home/svn/framework3/trunk@6109 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-10 14:00:49 +00:00
Patrick Webster 2de1dc9947 No need for string cast. thanks kris/raif.
git-svn-id: file:///home/svn/framework3/trunk@6094 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-09 03:22:04 +00:00
Mario Ceballos ddafdad942 added support for 2k3.
git-svn-id: file:///home/svn/framework3/trunk@6092 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-09 00:39:08 +00:00
Patrick Webster a41e16ded3 Added ursoft_w32dasm.rb file format module.
git-svn-id: file:///home/svn/framework3/trunk@6083 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-07 11:18:44 +00:00
Mario Ceballos ee86b19834 added tns mixin to support oracle8i listener overflow and other tns
related stuff.


git-svn-id: file:///home/svn/framework3/trunk@6082 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-07 03:07:01 +00:00
Patrick Webster 204ebd411f Updated with changes from raif.
git-svn-id: file:///home/svn/framework3/trunk@6080 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-07 00:15:55 +00:00
Mario Ceballos fa950d64ef updated with the authors email address.
git-svn-id: file:///home/svn/framework3/trunk@6076 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-05 13:09:18 +00:00
Mario Ceballos e132179b2d added exploit modules djvu_imageurl.rb, msworks_wkspictureinterface.rb and
sascam_get.rb from dean.


git-svn-id: file:///home/svn/framework3/trunk@6074 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-05 00:55:29 +00:00
Mario Ceballos 33940517c5 added exploit modules ca_brightstor_addcolumn.rb and verypdf_pdfview.rb from dean.
git-svn-id: file:///home/svn/framework3/trunk@6073 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-04 21:51:04 +00:00
Mario Ceballos f1093ee6a9 added exploit module realtek_playlist.rb.
git-svn-id: file:///home/svn/framework3/trunk@6029 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-20 01:49:40 +00:00
kris 248f1e9fc3 Remove "#{xxx.to_s}" redundancies ('s/\(#{[^}]*\)\.to_s}/\1}/g')
git-svn-id: file:///home/svn/framework3/trunk@6022 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-19 07:11:08 +00:00
HD Moore 45c08a9011 Fallback to heap spray if the .NET DLL does not load
git-svn-id: file:///home/svn/framework3/trunk@6015 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-17 04:19:54 +00:00
Mario Ceballos aa53df6535 add exploit module adobe_utilprintf.rb, browser based.
git-svn-id: file:///home/svn/framework3/trunk@6014 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-15 15:44:02 +00:00
HD Moore 5822ab75a7 Adds an exploit module (universal) for the new internet explorer xml bug. This module shows off the .NET memory techniques discovered by Alexander Sotirov and Mark Dowd. This code should bypass DEP, ASLR, and NX :-)
git-svn-id: file:///home/svn/framework3/trunk@6012 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-12 01:45:00 +00:00
HD Moore 42da7926ba See #263. Testing post-commit hook
git-svn-id: file:///home/svn/framework3/trunk@6010 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-11 03:56:52 +00:00
HD Moore c838c7ef2f See #263. Testing post-commit hook
git-svn-id: file:///home/svn/framework3/trunk@6009 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-11 03:55:12 +00:00
HD Moore d64cf0f22f See #263. Testing post-commit hook
git-svn-id: file:///home/svn/framework3/trunk@6008 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-11 03:53:52 +00:00
HD Moore cb8230f817 Fixes #263. Correct the max read() size for DCERPC over SMB
git-svn-id: file:///home/svn/framework3/trunk@6007 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-11 03:50:30 +00:00
Mario Ceballos 1485e0564e updated with some awesome stuff from Didier Stevens.
git-svn-id: file:///home/svn/framework3/trunk@6006 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-08 13:16:54 +00:00
Mario Ceballos 6df3ed8b25 git-svn-id: file:///home/svn/framework3/trunk@6001 4d416f70-5f16-0410-b530-b9f4589650da 2008-12-07 15:02:20 +00:00
Mario Ceballos 29c94ece40 removed hardcoded length for xrefPosition. thanks Didier Stevens.
git-svn-id: file:///home/svn/framework3/trunk@5999 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-05 13:13:57 +00:00
Mario Ceballos 103e507635 newer version breaks..
git-svn-id: file:///home/svn/framework3/trunk@5998 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-04 21:57:54 +00:00
Mario Ceballos d47511baf2 updated target.
git-svn-id: file:///home/svn/framework3/trunk@5996 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-03 20:20:39 +00:00
Mario Ceballos 381f6da682 added exploit module adobe_utilprintf.rb
git-svn-id: file:///home/svn/framework3/trunk@5995 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-03 16:19:25 +00:00
Mario Ceballos e1e1f5d6a4 added fileformat mixin, fileformat exploit videolan_tivo.rb, and network based exploit videolan_tivo.rb
git-svn-id: file:///home/svn/framework3/trunk@5993 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-03 01:23:27 +00:00
kris 85926eb4ff fix svn keywords
git-svn-id: file:///home/svn/framework3/trunk@5923 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-16 03:09:22 +00:00
Patrick Webster e14bf65099 Added domino_sametime_stmux module.
git-svn-id: file:///home/svn/framework3/trunk@5919 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-14 11:04:33 +00:00
Patrick Webster 547f01f84a Added new target.
git-svn-id: file:///home/svn/framework3/trunk@5911 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-13 08:31:04 +00:00
HD Moore 435ea807a4 Update the description and references to reflect (hah) MS08-068
git-svn-id: file:///home/svn/framework3/trunk@5890 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-11 20:46:21 +00:00
HD Moore b665212b35 Make 2003 target universal
git-svn-id: file:///home/svn/framework3/trunk@5888 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-11 15:22:24 +00:00
HD Moore 54cd265f82 Purging the ms08-067 check. The check method results in memory corruption and there are still concerns about the source of the technique. We can reimplement this later when there is some free time and less angry people involved ;-)
git-svn-id: file:///home/svn/framework3/trunk@5887 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-11 15:01:45 +00:00
kris 7b002d4288 remove unused exception variables
git-svn-id: file:///home/svn/framework3/trunk@5882 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-11 06:00:54 +00:00
HD Moore 95d5624a96 Correct scratch/scratch typo
git-svn-id: file:///home/svn/framework3/trunk@5847 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-06 14:56:06 +00:00
HD Moore 308a90a01d Complete international support for XP SP2 / XP SP3
git-svn-id: file:///home/svn/framework3/trunk@5846 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-06 06:08:45 +00:00
HD Moore 0881649f14 The psexec and smb_relay module now automatically cleanup. The ms08-06 module now supports all languages of XP SP3.
git-svn-id: file:///home/svn/framework3/trunk@5841 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-04 22:27:59 +00:00
HD Moore b53695f7db The psexec module now uses a service-compatible exe, shellcode is spawned in a subprocess and the service cleans up properly
git-svn-id: file:///home/svn/framework3/trunk@5829 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-03 23:06:37 +00:00
HD Moore 133d7ce658 Adds an automatic default target to ms08-067, autodetects OS, SP, and language now.
git-svn-id: file:///home/svn/framework3/trunk@5827 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-03 20:37:51 +00:00
HD Moore 4b30f3ef1a Update the check() comments to reflect new information >:(
git-svn-id: file:///home/svn/framework3/trunk@5825 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-03 15:29:51 +00:00
Mario Ceballos 97b2adcc46 added the connect()/smb_login()
git-svn-id: file:///home/svn/framework3/trunk@5824 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-03 13:14:06 +00:00
HD Moore f1789fc1b2 Adds the check() method and scanner module to ms08-067, massively upgrades the smb/version scanner, with better SP detection and remote language pack detection.
git-svn-id: file:///home/svn/framework3/trunk@5823 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-03 09:17:08 +00:00
HD Moore d9ffc23128 Adds 0x40 to the badchars list, fixes a weird issue, found by Ramon
git-svn-id: file:///home/svn/framework3/trunk@5822 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-02 02:35:57 +00:00
HD Moore 4f45818a0f The prefix change makes ms08-067 more reliable vs windows 2000
git-svn-id: file:///home/svn/framework3/trunk@5820 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-31 21:10:45 +00:00
HD Moore de6c726e0a New french targets from Antoine
git-svn-id: file:///home/svn/framework3/trunk@5818 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-31 15:34:17 +00:00
HD Moore c5ad82fb68 Add SP2 German
git-svn-id: file:///home/svn/framework3/trunk@5817 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-31 14:15:16 +00:00
HD Moore d366e8342a Spanish target is SP3 not SP2
git-svn-id: file:///home/svn/framework3/trunk@5816 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-31 14:07:58 +00:00
Ramon de C Valle 7427d913c0 Added targets for Portuguese (Brazil) (NX) SP2/SP3 to ms08_067_netapi.rb
git-svn-id: file:///home/svn/framework3/trunk@5815 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-31 11:45:52 +00:00
HD Moore 571d577bbd Adds Windows XP SP0/SP1 targets for English
git-svn-id: file:///home/svn/framework3/trunk@5814 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-31 06:12:49 +00:00
HD Moore e784bcd515 Adds Windows 2003 SP1 (NO NX and NX(is this needed)).
git-svn-id: file:///home/svn/framework3/trunk@5813 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-31 05:55:57 +00:00
HD Moore 7fcf5b3dc2 Lots of new targets merged in for MS08-067 including Brett Moore's 2003 SP2 DEP bypass
git-svn-id: file:///home/svn/framework3/trunk@5812 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-31 05:16:02 +00:00
HD Moore dfbc35da3c Patch for ms08-067 from antoine, fixes braindead bug on my part, should increase reliability
git-svn-id: file:///home/svn/framework3/trunk@5805 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 17:21:07 +00:00
HD Moore e9d133e9aa Remove the while(true) which snuck into this module
git-svn-id: file:///home/svn/framework3/trunk@5803 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-30 07:21:53 +00:00
HD Moore f9f6c8d3e6 Adds an initial exploit for MS08-067, support for XP SP2/SP3 DEP, 2003 SP0/SP2 no-DEP.
git-svn-id: file:///home/svn/framework3/trunk@5798 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-28 07:35:17 +00:00
Mario Ceballos e700980288 update the return. thanks jacop.
git-svn-id: file:///home/svn/framework3/trunk@5793 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-27 20:50:44 +00:00
Ramon de C Valle c66d6c4e46 Set property 'svn:keywords'
git-svn-id: file:///home/svn/framework3/trunk@5783 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-23 02:43:21 +00:00
pusscat 16612cacba Rename
git-svn-id: file:///home/svn/framework3/trunk@5778 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-22 17:51:12 +00:00
pusscat 822234771f Initial import of the bea oracle weblogic apache plugin
git-svn-id: file:///home/svn/framework3/trunk@5777 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-22 17:44:57 +00:00
Ramon de C Valle f124597a56 Code cleanups
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 21:03:39 +00:00
Mario Ceballos 3de5bab19b added exploit module zenturiprogramchecker_unsafe.rb
git-svn-id: file:///home/svn/framework3/trunk@5769 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 13:15:53 +00:00
Mario Ceballos 727f893ad8 added exploit module quick_tftp_pro_mode.rb from Patrik Wellsly.
git-svn-id: file:///home/svn/framework3/trunk@5756 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-15 11:21:06 +00:00
Mario Ceballos fd95f81cd6 added exploit module systemrequirementslab_unsafe.rb
git-svn-id: file:///home/svn/framework3/trunk@5754 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-14 19:19:39 +00:00
Mario Ceballos b508358132 added exploit modules lpviewer_url.rb and softartisans_getdrivename.rb
git-svn-id: file:///home/svn/framework3/trunk@5750 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-14 13:41:52 +00:00
HD Moore a7a7da9e28 Newer mercury module, more reliable using 0x0c0c0c0c return
git-svn-id: file:///home/svn/framework3/trunk@5742 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-12 17:11:14 +00:00
Patrick Webster 7d85b1d198 Added Medal of Honor module from Jacopo Cervini.
git-svn-id: file:///home/svn/framework3/trunk@5721 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-07 12:03:12 +00:00
Mario Ceballos 2965f3b238 updated with better coverage.
git-svn-id: file:///home/svn/framework3/trunk@5712 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-04 12:00:43 +00:00
Mario Ceballos 6ad1a82101 fixed tabbing.
git-svn-id: file:///home/svn/framework3/trunk@5710 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-02 15:48:25 +00:00
HD Moore fd256ec4a1 This massive commit changes the metasploit 3 module format. The new syntax allows for greater scalability and future improvements to the metasploit module loader. This change also makes it easier for users to add new modules, since the class name no longer needs to match the directory structure.
git-svn-id: file:///home/svn/framework3/trunk@5709 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-02 05:23:59 +00:00
Mario Ceballos 67a25b6ce8 added exploit modules ms08_053_mediaencoder.rb, macrovision_unsafe.rb and
ms08_041_snapshotviewer.rb


git-svn-id: file:///home/svn/framework3/trunk@5707 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-01 22:40:57 +00:00
Mario Ceballos 12af69ed03 added exploit module realwin.rb
git-svn-id: file:///home/svn/framework3/trunk@5699 4d416f70-5f16-0410-b530-b9f4589650da
2008-09-30 13:32:29 +00:00
HD Moore b0225127cf Patch for Ruby 1.9 compat (not there yet)
git-svn-id: file:///home/svn/framework3/trunk@5674 4d416f70-5f16-0410-b530-b9f4589650da
2008-09-22 15:52:18 +00:00
Mario Ceballos 1ef66ec2ff added auxiliary/exploits modules for emc alphastor.
git-svn-id: file:///home/svn/framework3/trunk@5649 4d416f70-5f16-0410-b530-b9f4589650da
2008-09-01 11:28:55 +00:00
James Lee e203311af7 updated references for ms06_066
git-svn-id: file:///home/svn/framework3/trunk@5630 4d416f70-5f16-0410-b530-b9f4589650da
2008-08-15 15:46:47 +00:00
Mario Ceballos 33afd40526 added exploit module nowsms.rb
git-svn-id: file:///home/svn/framework3/trunk@5626 4d416f70-5f16-0410-b530-b9f4589650da
2008-08-11 23:48:45 +00:00
Patrick Webster 9159623ec2 Added ms00_094_pbserver.rb
git-svn-id: file:///home/svn/framework3/trunk@5622 4d416f70-5f16-0410-b530-b9f4589650da
2008-08-10 10:12:45 +00:00
Mario Ceballos 8fb167d7ff added exploit module lgserver_rxsuselicenseini.rb
git-svn-id: file:///home/svn/framework3/trunk@5614 4d416f70-5f16-0410-b530-b9f4589650da
2008-08-02 15:03:13 +00:00
James Lee a212bfba99 fix PrepenEncoder typo, replace it with 'StackAdjustment' => -3500
git-svn-id: file:///home/svn/framework3/trunk@5613 4d416f70-5f16-0410-b530-b9f4589650da
2008-08-01 20:04:42 +00:00
James Lee a97dbb0106 fix missing semicolon in js
git-svn-id: file:///home/svn/framework3/trunk@5612 4d416f70-5f16-0410-b530-b9f4589650da
2008-08-01 02:48:32 +00:00
Mario Ceballos ee0f6ed5cc module update from Elazar Broad.
git-svn-id: file:///home/svn/framework3/trunk@5606 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-27 11:23:42 +00:00
James Lee 894606aab4 bug fix in javascript
git-svn-id: file:///home/svn/framework3/trunk@5570 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-23 00:55:21 +00:00
HD Moore 45f8b5502f Try 445 before 139 these days
git-svn-id: file:///home/svn/framework3/trunk@5554 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-14 05:37:07 +00:00
James Lee d9331e8754 Make browser exploits identify themselves for use with browser_autopwn
git-svn-id: file:///home/svn/framework3/trunk@5551 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-13 01:36:27 +00:00
Mario Ceballos 2401799e72 added 2.0 target.
git-svn-id: file:///home/svn/framework3/trunk@5548 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-04 11:47:38 +00:00
Mario Ceballos 255ee89873 added exploit module groupwisemessenger_client.rb
git-svn-id: file:///home/svn/framework3/trunk@5547 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-03 18:59:29 +00:00
James Lee 8800372e46 initial commit of browser_autopwn;
revamp php payloads;
socks5 for IPv6 (untested)



git-svn-id: file:///home/svn/framework3/trunk@5546 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-01 01:44:56 +00:00
Mario Ceballos 13859c23d9 added exploit module novelliprint_getdriversettings.rb.
git-svn-id: file:///home/svn/framework3/trunk@5533 4d416f70-5f16-0410-b530-b9f4589650da
2008-06-19 00:06:18 +00:00
Mario Ceballos 8e7ac6c9ac added exploit module creative_software_cachefolder.rb
git-svn-id: file:///home/svn/framework3/trunk@5531 4d416f70-5f16-0410-b530-b9f4589650da
2008-06-17 15:11:17 +00:00
Patrick Webster 8414b5bc6a Added asus module from Jacopo Cervini.
git-svn-id: file:///home/svn/framework3/trunk@5529 4d416f70-5f16-0410-b530-b9f4589650da
2008-06-09 05:13:44 +00:00
HD Moore dd643436ee Module typo correction
git-svn-id: file:///home/svn/framework3/trunk@5527 4d416f70-5f16-0410-b530-b9f4589650da
2008-06-06 04:41:05 +00:00
HD Moore 06c6ad6acd Add riot's DoubleTake exploit. Set the svn:keywords properties where it was missing
git-svn-id: file:///home/svn/framework3/trunk@5526 4d416f70-5f16-0410-b530-b9f4589650da
2008-06-06 04:39:44 +00:00
HD Moore 3f519b6d9b Brightstor module from toto
git-svn-id: file:///home/svn/framework3/trunk@5525 4d416f70-5f16-0410-b530-b9f4589650da
2008-06-06 04:30:56 +00:00
Patrick Webster 777095f572 added winvnc_http_get.rb module.
git-svn-id: file:///home/svn/framework3/trunk@5516 4d416f70-5f16-0410-b530-b9f4589650da
2008-06-03 14:56:10 +00:00
Mario Ceballos 4aad680752 added exploit module borland_starteam.rb
git-svn-id: file:///home/svn/framework3/trunk@5515 4d416f70-5f16-0410-b530-b9f4589650da
2008-06-01 11:42:31 +00:00
pusscat 2327063569 Added a fix
git-svn-id: file:///home/svn/framework3/trunk@5509 4d416f70-5f16-0410-b530-b9f4589650da
2008-05-20 20:55:01 +00:00
Mario Ceballos 9871f14f32 added exploit module bigant_server.rb
git-svn-id: file:///home/svn/framework3/trunk@5503 4d416f70-5f16-0410-b530-b9f4589650da
2008-05-15 00:58:44 +00:00
Mario Ceballos 477933a0a7 added exploit module lgserver_rxrlogin.rb
git-svn-id: file:///home/svn/framework3/trunk@5501 4d416f70-5f16-0410-b530-b9f4589650da
2008-05-05 23:27:33 +00:00
James Lee 899973b7ea Send 404 when we can't exploit a mozilla browser so client doesn't hang.
git-svn-id: file:///home/svn/framework3/trunk@5497 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-26 18:10:41 +00:00
James Lee faa5f7c967 randomize_space
git-svn-id: file:///home/svn/framework3/trunk@5496 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-25 05:29:29 +00:00
HD Moore 82330fff7e Importing two new wireless DoS modules, setting svn:keywords flags where needed.
git-svn-id: file:///home/svn/framework3/trunk@5482 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-21 05:27:06 +00:00
Mario Ceballos 46bcd7fa4f updated to support ca brightstor arcserv 11.5.
git-svn-id: file:///home/svn/framework3/trunk@5480 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-20 23:58:21 +00:00
HD Moore caa9619368 fix the source port for this exploit
git-svn-id: file:///home/svn/framework3/trunk@5479 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-20 20:46:11 +00:00
Patrick Webster b9f68f1bf9 Added sasser_ftpd_port module port.
git-svn-id: file:///home/svn/framework3/trunk@5478 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-19 12:40:50 +00:00
Patrick Webster 094333edce Updated targets, references.
git-svn-id: file:///home/svn/framework3/trunk@5476 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-16 13:08:11 +00:00
Patrick Webster 48957744d9 Added exploit module ca_igateway_debug
git-svn-id: file:///home/svn/framework3/trunk@5473 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-14 14:14:23 +00:00
Mario Ceballos c1555ac449 added exploit module etrust_itm_alert.rb
git-svn-id: file:///home/svn/framework3/trunk@5472 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-12 02:26:41 +00:00
Patrick Webster 4b51c4d616 Updated targets for BrightStor.
git-svn-id: file:///home/svn/framework3/trunk@5471 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-09 13:04:15 +00:00
Patrick Webster ade70d182c Added tumbleweed_filetransfer module.
git-svn-id: file:///home/svn/framework3/trunk@5470 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-07 07:57:10 +00:00
Patrick Webster 1f6a89b08a Exploit module from Jacopo Cervini
git-svn-id: file:///home/svn/framework3/trunk@5469 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-06 10:45:29 +00:00
Mario Ceballos d41a814ed5 added exploit modules mysql_yassl(win32/linux) and realplayer_console from EB.
git-svn-id: file:///home/svn/framework3/trunk@5463 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-01 11:22:32 +00:00
HD Moore 9c7f5d7130 Simple fix for bad calls to negotiate, remove useless disconnect call in the relay daemon
git-svn-id: file:///home/svn/framework3/trunk@5460 4d416f70-5f16-0410-b530-b9f4589650da
2008-03-26 22:36:42 +00:00
Patrick Webster ba9a415b8e Added sami_ftpd_user exploit module
git-svn-id: file:///home/svn/framework3/trunk@5448 4d416f70-5f16-0410-b530-b9f4589650da
2008-03-17 14:23:01 +00:00
Mario Ceballos 3e81678f93 added exploit modules winamp_ultravox.rb and
novelliprint_executerequest.rb.


git-svn-id: file:///home/svn/framework3/trunk@5423 4d416f70-5f16-0410-b530-b9f4589650da
2008-03-01 17:20:24 +00:00
Mario Ceballos 845af72226 New exploit module from EB.
git-svn-id: file:///home/svn/framework3/trunk@5422 4d416f70-5f16-0410-b530-b9f4589650da
2008-03-01 02:02:34 +00:00
HD Moore 6a3ccc2955 Fixes for the JS try/catch from EB.
git-svn-id: file:///home/svn/framework3/trunk@5420 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-20 16:45:03 +00:00
HD Moore 93d390e2da Replacement module (more reliable) from EB
git-svn-id: file:///home/svn/framework3/trunk@5416 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-14 16:15:20 +00:00
Mario Ceballos ffe2fa80d9 added exploit module badblue_passthru.rb.
git-svn-id: file:///home/svn/framework3/trunk@5412 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-11 15:18:22 +00:00
HD Moore 2dfb607b49 New exploit module from EB and MC
git-svn-id: file:///home/svn/framework3/trunk@5410 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-11 02:28:03 +00:00
Mario Ceballos 1ad44793bf added exploit module saplpd.rb.
git-svn-id: file:///home/svn/framework3/trunk@5409 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-10 01:48:30 +00:00
Mario Ceballos 806946b71a updated return to something more useful.
git-svn-id: file:///home/svn/framework3/trunk@5400 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-08 22:54:12 +00:00
Mario Ceballos f4708d774f added exploit modules wincomlpd_admin.rb and facebook_extractiptc.rb.
git-svn-id: file:///home/svn/framework3/trunk@5399 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-07 23:08:14 +00:00
HD Moore 3110b821b0 Merged revisions 5380-5381 via svnmerge from
svn+ssh://metasploit.com/home/svn/framework3/branches/framework-3.1

........
  r5381 | hdm | 2008-01-27 21:26:56 -0600 (Sun, 27 Jan 2008) | 3 lines
  
  Update msdns modules to reference the spanish target for 2003
........


git-svn-id: file:///home/svn/framework3/trunk@5382 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-28 03:27:38 +00:00
HD Moore 9b6b0990b1 Correct the cve reference format
git-svn-id: file:///home/svn/framework3/trunk@5364 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-27 02:13:54 +00:00
HD Moore eec19d108e Handling empty strings as a valid required option is tricky, just make the password option non-required
git-svn-id: file:///home/svn/framework3/trunk@5363 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-27 02:08:13 +00:00
HD Moore 557a7bad9c Set the defaults for psexec to Administrator/""
git-svn-id: file:///home/svn/framework3/trunk@5361 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-27 02:06:02 +00:00
HD Moore d931374844 Add -f to generate. Add SMBUser/SMBPass options to psexec (regular vs advanced)
git-svn-id: file:///home/svn/framework3/trunk@5354 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-25 23:24:06 +00:00
Mario Ceballos c07105c70a updated.
git-svn-id: file:///home/svn/framework3/trunk@5292 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-13 14:44:29 +00:00
Mario Ceballos be39365331 updated.
git-svn-id: file:///home/svn/framework3/trunk@5291 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-13 14:44:01 +00:00
Mario Ceballos f47d2660ec added exploit module ms07_064_sami.rb
git-svn-id: file:///home/svn/framework3/trunk@5290 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-12 14:11:31 +00:00
Mario Ceballos 22655fb651 added default RPORT.
git-svn-id: file:///home/svn/framework3/trunk@5269 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-06 14:46:01 +00:00
HD Moore 04a8a58ad9 Bugfix from h2h2
git-svn-id: file:///home/svn/framework3/trunk@5268 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-02 23:55:02 +00:00
fab 9994c385ee add french target
git-svn-id: file:///home/svn/framework3/trunk@5257 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-31 16:57:56 +00:00
fab 2d5be3df04 add french target
git-svn-id: file:///home/svn/framework3/trunk@5256 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-31 16:57:13 +00:00
Mario Ceballos 5eda38fa5f IE6...
git-svn-id: file:///home/svn/framework3/trunk@5225 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-27 01:29:04 +00:00
Mario Ceballos 29569b6689 added exploit module hploadrunner.rb.
git-svn-id: file:///home/svn/framework3/trunk@5224 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-27 00:34:33 +00:00
Mario Ceballos c09840e49e added exploit module macrovision_downloadandexecute.rb
git-svn-id: file:///home/svn/framework3/trunk@5223 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-26 12:17:05 +00:00
Mario Ceballos 8393f4fc38 added exploit module hp_nnm.rb.
git-svn-id: file:///home/svn/framework3/trunk@5219 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-17 23:47:14 +00:00
HD Moore cde3a61065 Calculate offset based on name length
git-svn-id: file:///home/svn/framework3/trunk@5218 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-12 22:50:54 +00:00
HD Moore 204d488778 Coverage for MS07_065
git-svn-id: file:///home/svn/framework3/trunk@5217 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-12 22:06:21 +00:00
Mario Ceballos f2103a4a93 added exploit module realplayer_import.rb
git-svn-id: file:///home/svn/framework3/trunk@5213 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-02 17:58:44 +00:00
Mario Ceballos 2c7b3a7bfd updated.. thanks grutz!
git-svn-id: file:///home/svn/framework3/trunk@5207 4d416f70-5f16-0410-b530-b9f4589650da
2007-11-26 23:43:23 +00:00
Mario Ceballos 2ab4819cd2 added exploit module apple_quicktime_rtsp_response.rb
git-svn-id: file:///home/svn/framework3/trunk@5200 4d416f70-5f16-0410-b530-b9f4589650da
2007-11-26 14:41:16 +00:00
Mario Ceballos 525a13acb8 added exploit module mercury_cram_md5.rb.
git-svn-id: file:///home/svn/framework3/trunk@5192 4d416f70-5f16-0410-b530-b9f4589650da
2007-11-07 18:42:19 +00:00
Mario Ceballos a985158a88 added exploit module sonicwall_addrouteentry.rb
git-svn-id: file:///home/svn/framework3/trunk@5191 4d416f70-5f16-0410-b530-b9f4589650da
2007-11-01 23:15:34 +00:00
Mario Ceballos e2835eec60 added exploit module gom_openurl.rb
git-svn-id: file:///home/svn/framework3/trunk@5189 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-30 21:48:56 +00:00
Patrick Webster d59235fe22 Fixed typo
git-svn-id: file:///home/svn/framework3/trunk@5188 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-30 13:32:59 +00:00
Mario Ceballos 96c56ab760 added exploit module ibm_tsm_cad.rb
git-svn-id: file:///home/svn/framework3/trunk@5185 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-27 23:48:34 +00:00
HD Moore af8cce2c74 Thanks for noticing this diaul!
git-svn-id: file:///home/svn/framework3/trunk@5184 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-25 15:50:31 +00:00
HD Moore 599aaff600 Correct the module title
git-svn-id: file:///home/svn/framework3/trunk@5183 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-24 16:07:08 +00:00
HD Moore a7626884f6 New module from Trirat Puttaraksa
git-svn-id: file:///home/svn/framework3/trunk@5182 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-24 13:56:18 +00:00
Patrick Webster 6130f7ed23 Rewrote exploit module mcafee_epolicy_source.
git-svn-id: file:///home/svn/framework3/trunk@5142 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-10 16:56:30 +00:00
Ramon de C Valle 5d1bf914bf Added InterBase/Firebird stuff.
git-svn-id: file:///home/svn/framework3/trunk@5136 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-04 03:03:13 +00:00
Mario Ceballos 66bd69097c added exploit module kazaa_altnet_heap.rb
git-svn-id: file:///home/svn/framework3/trunk@5135 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-03 16:09:53 +00:00
Patrick Webster 90c54f45de Added exploit module tftpdwin, fixed tabs and name for savant module.
git-svn-id: file:///home/svn/framework3/trunk@5134 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-03 12:17:37 +00:00
Mario Ceballos aebfc6cffa fixed typo.
git-svn-id: file:///home/svn/framework3/trunk@5130 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-01 13:12:55 +00:00
Mario Ceballos eb88fb1875 added exploit module yahoomessenger_fvcom.rb
git-svn-id: file:///home/svn/framework3/trunk@5129 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-01 10:58:50 +00:00
Patrick Webster e6a7184cf8 Fixed tab indents.
git-svn-id: file:///home/svn/framework3/trunk@5127 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-30 00:05:10 +00:00
Patrick Webster 3c6e385c17 Added Xitami module.
git-svn-id: file:///home/svn/framework3/trunk@5125 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-29 04:30:59 +00:00
Patrick Webster 09485b52e7 First commit. Added Netcat NT module.
git-svn-id: file:///home/svn/framework3/trunk@5123 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-26 13:44:25 +00:00
Mario Ceballos c4868b4cb3 added exploit module ask_shortformat.rb.
git-svn-id: file:///home/svn/framework3/trunk@5120 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-25 02:02:56 +00:00
HD Moore 06ab097c34 New module from Patrick
git-svn-id: file:///home/svn/framework3/trunk@5115 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-24 13:55:30 +00:00
HD Moore 4e666aca1c Updates from Patrick
git-svn-id: file:///home/svn/framework3/trunk@5103 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-13 14:02:16 +00:00
HD Moore e461a2c47f Updated references from Patrick
git-svn-id: file:///home/svn/framework3/trunk@5101 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-10 01:46:45 +00:00
HD Moore 04c6dbc748 Updated svn:keywords
git-svn-id: file:///home/svn/framework3/trunk@5100 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-10 01:01:20 +00:00
HD Moore eabc0b511d New module from toto
git-svn-id: file:///home/svn/framework3/trunk@5099 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-09 22:56:35 +00:00
HD Moore ce033a4336 New module from Jacopo Cervini
git-svn-id: file:///home/svn/framework3/trunk@5098 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-09 22:51:43 +00:00
HD Moore fa70a1ce4a New module from Patrick Webster
git-svn-id: file:///home/svn/framework3/trunk@5097 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-09 22:44:40 +00:00
HD Moore 22f154778d New module from Patrick Webster
git-svn-id: file:///home/svn/framework3/trunk@5096 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-09 22:44:33 +00:00
HD Moore d8a7f23714 New module from Patrick Webster
git-svn-id: file:///home/svn/framework3/trunk@5095 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-09 22:43:03 +00:00
HD Moore 140868ac74 New module from Patrick Webster
git-svn-id: file:///home/svn/framework3/trunk@5094 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-09 22:42:14 +00:00
HD Moore 9286b36884 New module from Patrick Webster
git-svn-id: file:///home/svn/framework3/trunk@5093 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-09 22:39:55 +00:00
HD Moore 2eaabf5c90 New module from Patrick Webster
git-svn-id: file:///home/svn/framework3/trunk@5092 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-09 22:38:53 +00:00
HD Moore e65056f477 New module from Patrick Webster
git-svn-id: file:///home/svn/framework3/trunk@5091 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-09 22:37:43 +00:00
Mario Ceballos 5c1c233c77 added exploit module trendmicro_serverprotect_createbinding.rb
git-svn-id: file:///home/svn/framework3/trunk@5087 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-08 13:42:59 +00:00
Mario Ceballos 8dcba76799 added exploit module trendmicro_officescan.rb
git-svn-id: file:///home/svn/framework3/trunk@5083 4d416f70-5f16-0410-b530-b9f4589650da
2007-08-31 11:58:31 +00:00
Mario Ceballos c1b03a8670 added exploit module hp_ovtrace.rb
git-svn-id: file:///home/svn/framework3/trunk@5080 4d416f70-5f16-0410-b530-b9f4589650da
2007-08-19 19:13:24 +00:00
Mario Ceballos 31f84d6d16 added module windows_rsh.rb
git-svn-id: file:///home/svn/framework3/trunk@5073 4d416f70-5f16-0410-b530-b9f4589650da
2007-08-10 16:25:05 +00:00
Mario Ceballos 3fc1b0923c updated.
git-svn-id: file:///home/svn/framework3/trunk@5064 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-29 20:57:13 +00:00
Mario Ceballos 69beed0fc9 added exploit module ipswitch_search.rb
git-svn-id: file:///home/svn/framework3/trunk@5063 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-29 14:38:47 +00:00
Mario Ceballos a0efef604e addex exploit module borland_interbase.rb
git-svn-id: file:///home/svn/framework3/trunk@5062 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-26 01:26:21 +00:00
Mario Ceballos 6deb8a18a4 added module enjoysapgui_preparetoposthtml.rb
git-svn-id: file:///home/svn/framework3/trunk@5058 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-18 21:49:44 +00:00
Mario Ceballos 2b4a3d88e3 added exploit module sapdb_webtools.rb
git-svn-id: file:///home/svn/framework3/trunk@5045 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-11 21:16:30 +00:00
Mario Ceballos c46cb1e466 updated ref.
git-svn-id: file:///home/svn/framework3/trunk@5038 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-08 02:31:17 +00:00
Mario Ceballos 7488351910 added exploit module mcafeevisualtrace_tracetarget.rb
git-svn-id: file:///home/svn/framework3/trunk@5037 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-08 02:24:22 +00:00
HD Moore 6c82ffbdc2 Minor bug fix (send 0xc0000022 for tree connects)
git-svn-id: file:///home/svn/framework3/trunk@5020 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-03 04:31:08 +00:00
HD Moore fb7291877d Fix for the crash error when a specific target is selected
git-svn-id: file:///home/svn/framework3/trunk@5016 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-03 04:21:44 +00:00
HD Moore d0b15d3d72 Lots of SMB fun, all preparation for Black Hat talk :-) More to come...
git-svn-id: file:///home/svn/framework3/trunk@5015 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-03 04:20:50 +00:00
Mario Ceballos 91f65449aa added exploit modules logitechvideocall_start.rb and
trendmicro_serverprotect_earthagent.rb


git-svn-id: file:///home/svn/framework3/trunk@5010 4d416f70-5f16-0410-b530-b9f4589650da
2007-07-01 16:04:22 +00:00
Matt Miller c844826266 use exploit base class method
git-svn-id: file:///home/svn/framework3/trunk@5007 4d416f70-5f16-0410-b530-b9f4589650da
2007-06-29 00:29:53 +00:00
HD Moore 2fc2baab0b Brand new ANI module from Solar Eclipse
git-svn-id: file:///home/svn/framework3/trunk@4996 4d416f70-5f16-0410-b530-b9f4589650da
2007-06-18 03:00:08 +00:00
Mario Ceballos 04f35ada87 added exploit module yahoomessenger_server.rb (SEH)
git-svn-id: file:///home/svn/framework3/trunk@4982 4d416f70-5f16-0410-b530-b9f4589650da
2007-06-07 21:32:23 +00:00
fab 8f8f5d799c Patch from Nicob
git-svn-id: file:///home/svn/framework3/trunk@4970 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-28 12:38:52 +00:00
HD Moore 0f70d5bdb0 Typo
git-svn-id: file:///home/svn/framework3/trunk@4964 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-23 15:51:55 +00:00
HD Moore 55d04baf33 Adding svn:keywords to new modules, adding identd/gamsoft modules
git-svn-id: file:///home/svn/framework3/trunk@4961 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-22 21:15:14 +00:00
HD Moore 44f4f9f55b New code from Nicob, thanks!
git-svn-id: file:///home/svn/framework3/trunk@4960 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-22 21:08:47 +00:00
HD Moore 26ccc3be69 Adds the first version of the new samba module. Adds keywords to MC's new modules.
git-svn-id: file:///home/svn/framework3/trunk@4953 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-21 20:51:13 +00:00
HD Moore d16aa226b1 Changed H D Moore -> hdm
git-svn-id: file:///home/svn/framework3/trunk@4951 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-21 20:44:34 +00:00
Mario Ceballos b47efb9d4b added exploit module nis2004_get.rb
git-svn-id: file:///home/svn/framework3/trunk@4928 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-18 04:19:21 +00:00
Mario Ceballos 00ea0f9932 added exploit module bearshare_setformatlikesample.rb
git-svn-id: file:///home/svn/framework3/trunk@4916 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-16 15:12:22 +00:00
HD Moore 7630941970 Fix typo
git-svn-id: file:///home/svn/framework3/trunk@4912 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-15 12:51:30 +00:00
HD Moore 5740a85c7c Adding the new MSB references
git-svn-id: file:///home/svn/framework3/trunk@4895 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-11 23:05:18 +00:00
HD Moore ff8d5e6ee3 Fixed a bug reported by Dan Faerch (typos)
git-svn-id: file:///home/svn/framework3/trunk@4892 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-09 12:47:47 +00:00
HD Moore d95a0d8d90 Updated svn:keywords, merging minor changes
git-svn-id: file:///home/svn/framework3/trunk@4886 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-07 04:48:45 +00:00
HD Moore 135e426d60 Updated prepend from topo
git-svn-id: file:///home/svn/framework3/trunk@4864 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-04 13:50:29 +00:00
HD Moore 3604c87c22 From topo:
1) It uses the rembo.exe Data section to prevent a crash
2) The prepend code has been modified to only disable NX on 2K3 SP1-2  
(else it crashes 2K3 SP0)



git-svn-id: file:///home/svn/framework3/trunk@4863 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-04 13:48:45 +00:00
HD Moore 56b74bb586 New module from toto
git-svn-id: file:///home/svn/framework3/trunk@4855 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-03 20:02:28 +00:00
HD Moore 4738f40b4b New module from toto, with crazy NX bypass ninjaness
git-svn-id: file:///home/svn/framework3/trunk@4848 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-03 13:04:01 +00:00
HD Moore df60900e34 Remove a duplicate target (thanks Ramon)
git-svn-id: file:///home/svn/framework3/trunk@4845 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-03 03:14:22 +00:00
Mario Ceballos 98c22b5754 added exploit module trendmicro_serverprotect.rb
git-svn-id: file:///home/svn/framework3/trunk@4834 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-01 23:22:35 +00:00
pusscat bf705e9dc8 Move exchange dos out of exploits
git-svn-id: file:///home/svn/framework3/trunk@4829 4d416f70-5f16-0410-b530-b9f4589650da
2007-05-01 13:31:11 +00:00
fab b279f69277 add german and italian targets for msdns_zonename
git-svn-id: file:///home/svn/framework3/trunk@4822 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-30 15:15:47 +00:00
fab adc6441d07 add italian target for Win2003 SP1-SP2
git-svn-id: file:///home/svn/framework3/trunk@4821 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-30 15:00:08 +00:00
HD Moore 7d7f244bf6 Fixes #87. Adds new targets to the ANI exploits, fixes Vista target for OE
git-svn-id: file:///home/svn/framework3/trunk@4795 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-28 18:32:36 +00:00
HD Moore daf5936870 Merging minor changes to HTTP, adding NX support to landesk from NP
git-svn-id: file:///home/svn/framework3/trunk@4786 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-25 02:51:49 +00:00
HD Moore f8760b1f6b Typo :(
git-svn-id: file:///home/svn/framework3/trunk@4782 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-24 13:47:18 +00:00
HD Moore 740c88e60a Resolve a typo
git-svn-id: file:///home/svn/framework3/trunk@4781 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-24 13:44:17 +00:00
HD Moore 69441ffc72 Merge minor changes
git-svn-id: file:///home/svn/framework3/trunk@4750 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-24 06:28:28 +00:00
Matt Miller 48823e61c6 typo
git-svn-id: file:///home/svn/framework3/trunk@4741 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-23 05:30:48 +00:00
fab ba6e319408 French targets
git-svn-id: file:///home/svn/framework3/trunk@4731 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-22 00:03:43 +00:00
fab 29f850131d add french target for win2003 SP0
git-svn-id: file:///home/svn/framework3/trunk@4724 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-21 15:30:36 +00:00
fab d1e876703f add french target for Win2000 SP0-SP4
git-svn-id: file:///home/svn/framework3/trunk@4723 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-21 11:56:27 +00:00
HD Moore 52eca4b049 fixes #83
git-svn-id: file:///home/svn/framework3/trunk@4716 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-20 23:47:00 +00:00
HD Moore 3c41dfccb9 Adding the SMB version of the MSDNS module
git-svn-id: file:///home/svn/framework3/trunk@4715 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-20 16:14:05 +00:00
Mario Ceballos e39dd847b9 fixed description.
git-svn-id: file:///home/svn/framework3/trunk@4714 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-20 14:52:14 +00:00
HD Moore 6896272645 New codes :)
git-svn-id: file:///home/svn/framework3/trunk@4710 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-19 17:43:30 +00:00
Mario Ceballos c319373649 added handler to landesk_aolnsrvr.rb
git-svn-id: file:///home/svn/framework3/trunk@4701 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-16 21:28:46 +00:00
HD Moore 55a1576ca5 Add the default target
git-svn-id: file:///home/svn/framework3/trunk@4696 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-16 02:11:33 +00:00
HD Moore 2612ad5f2f Cleanup, getting ready for stable
git-svn-id: file:///home/svn/framework3/trunk@4684 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-16 01:40:59 +00:00
HD Moore 17082dda1a Almost done...
git-svn-id: file:///home/svn/framework3/trunk@4683 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-15 21:43:30 +00:00
HD Moore 66a87c8802 Updated to use the SEH vs stack return
git-svn-id: file:///home/svn/framework3/trunk@4682 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-15 17:00:34 +00:00
Mario Ceballos be33707745 added exploit module landesk_aolnsrvr.rb
git-svn-id: file:///home/svn/framework3/trunk@4681 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-15 00:46:09 +00:00
HD Moore b5b4556ee7 Typo
git-svn-id: file:///home/svn/framework3/trunk@4680 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-14 07:59:13 +00:00
HD Moore 3c9007a7be Switch from pattern to alpha
git-svn-id: file:///home/svn/framework3/trunk@4679 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-14 07:56:32 +00:00
HD Moore a80b937638 Added svn:keywords
git-svn-id: file:///home/svn/framework3/trunk@4678 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-14 07:54:53 +00:00
HD Moore 1bb398de59 Adding the Microsoft DNS service exploit, targetting Windows 2000
git-svn-id: file:///home/svn/framework3/trunk@4677 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-14 07:16:33 +00:00
Matt Miller e0b8f5cb9e browser exploits auto inherit check dep and autofilter now
git-svn-id: file:///home/svn/framework3/trunk@4670 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-13 04:15:38 +00:00
Mario Ceballos 2f365ca59b added exploit module windvd7_applicationtype.rb
git-svn-id: file:///home/svn/framework3/trunk@4663 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-11 23:00:09 +00:00
Mario Ceballos 53a1d7e988 added exploit module hpmqc_progcolor.rb
git-svn-id: file:///home/svn/framework3/trunk@4661 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-06 20:37:30 +00:00
HD Moore f60785b2f5 Adds a target for French SP2
git-svn-id: file:///home/svn/framework3/trunk@4658 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-06 04:48:41 +00:00
HD Moore 0c8f9e96b5 Consistent use of handler(cli) after the payload is sent to the user
git-svn-id: file:///home/svn/framework3/trunk@4645 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-04 04:34:17 +00:00
Matt Miller a319b8e582 got rid of duplicated code in browser exploits, fixes #71
git-svn-id: file:///home/svn/framework3/trunk@4642 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-04 02:04:37 +00:00
Matt Miller 317f95d4a2 use the correct payload
git-svn-id: file:///home/svn/framework3/trunk@4640 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 07:50:02 +00:00
Matt Miller ddf9c8bac1 correct disclosure date
git-svn-id: file:///home/svn/framework3/trunk@4639 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 07:49:27 +00:00
Matt Miller ed030e4807 correct disclosure date
git-svn-id: file:///home/svn/framework3/trunk@4638 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 07:48:58 +00:00
Matt Miller 4abe720796 correct disclosure date
git-svn-id: file:///home/svn/framework3/trunk@4637 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 07:48:07 +00:00
Matt Miller b74311c71d initial integration of alex's heaplib, and a port of the keyframe exploit
git-svn-id: file:///home/svn/framework3/trunk@4635 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 07:35:54 +00:00
HD Moore 080300605a Fix KCODE in Rails (msfweb). Revert ANI exploits back after resolving the issue
git-svn-id: file:///home/svn/framework3/trunk@4633 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 04:10:09 +00:00
HD Moore e39233c32b Switch to a 40 byte block of null ptrs for the padding, required for reliability on XP
git-svn-id: file:///home/svn/framework3/trunk@4631 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-03 02:59:26 +00:00
HD Moore 4e1a79ada4 Merged in a patch from Matt for fixing Vista support
git-svn-id: file:///home/svn/framework3/trunk@4627 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 21:38:20 +00:00
HD Moore 97db1f3fd7 Two quick fixes
git-svn-id: file:///home/svn/framework3/trunk@4625 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 07:04:22 +00:00
HD Moore c6d5ac1968 Consistency between http/smtp modules
git-svn-id: file:///home/svn/framework3/trunk@4615 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:55:53 +00:00
HD Moore e2029b9d9c Merged in copy_to_stack feature from HTTP exploit
git-svn-id: file:///home/svn/framework3/trunk@4614 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:54:44 +00:00
Matt Miller 97b6cf3636 here we go
git-svn-id: file:///home/svn/framework3/trunk@4613 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:51:22 +00:00
HD Moore fd44163b37 Adding SVN keywords
git-svn-id: file:///home/svn/framework3/trunk@4612 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:48:11 +00:00
HD Moore 7e23cef93c Removed the extraneous sub esp, changed payload space to be 1024 on the http version
git-svn-id: file:///home/svn/framework3/trunk@4611 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:46:10 +00:00
HD Moore b2ff98b4e9 Fixed the copy-to-stack stub, should work great now
git-svn-id: file:///home/svn/framework3/trunk@4610 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:42:27 +00:00
HD Moore ac19614bb3 This adds the stack copy prefixer to the ANI code
git-svn-id: file:///home/svn/framework3/trunk@4609 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:27:41 +00:00
HD Moore dd2e9d87fb This adds SMTPDeliver exploit mixin, the SMTP version of the ANI exploit, accessor to Ole::Storage
git-svn-id: file:///home/svn/framework3/trunk@4608 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 05:27:19 +00:00
HD Moore b16fc9fd53 Minor updates for targetting
git-svn-id: file:///home/svn/framework3/trunk@4606 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-02 03:10:01 +00:00
Matt Miller aba1959d44 tab vs. space :)
git-svn-id: file:///home/svn/framework3/trunk@4605 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 22:24:42 +00:00
Matt Miller f9d8c4e820 modifications to support using an explicit target to regen payloads
git-svn-id: file:///home/svn/framework3/trunk@4602 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 21:21:10 +00:00
HD Moore 0c263cf036 Woops, forgot to change all references to the 'All Target's item
git-svn-id: file:///home/svn/framework3/trunk@4601 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 21:10:15 +00:00
HD Moore 775d8bc95b Automatic target detection based on the user agent
git-svn-id: file:///home/svn/framework3/trunk@4600 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 21:05:05 +00:00
Matt Miller f0fcedf728 raw encoder type wasn't being enforced
git-svn-id: file:///home/svn/framework3/trunk@4599 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 21:00:51 +00:00
Matt Miller 6cfab21bcb fixes for Vista, brute forcing
git-svn-id: file:///home/svn/framework3/trunk@4598 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 20:33:35 +00:00
HD Moore 86f4bfd514 This module should be ready for the stable tree...
git-svn-id: file:///home/svn/framework3/trunk@4597 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 19:00:32 +00:00
HD Moore 24ba17aceb This module now defaults to using all targets at once :-)
git-svn-id: file:///home/svn/framework3/trunk@4596 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 18:25:14 +00:00
HD Moore e707423987 Too early this morning...
git-svn-id: file:///home/svn/framework3/trunk@4595 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 18:02:22 +00:00
HD Moore 3a8d90bb62 Woops, introduced a typo
git-svn-id: file:///home/svn/framework3/trunk@4594 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 18:01:58 +00:00
HD Moore 0cc8db610b Merged in skape's Vista support, cleaned things up
git-svn-id: file:///home/svn/framework3/trunk@4593 4d416f70-5f16-0410-b530-b9f4589650da
2007-04-01 17:58:12 +00:00
HD Moore 3858b33e9c Comitting with a slightly better name and more information
git-svn-id: file:///home/svn/framework3/trunk@4592 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-31 15:26:23 +00:00
HD Moore 473c2c98f9 Rename 1
git-svn-id: file:///home/svn/framework3/trunk@4591 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-31 15:25:55 +00:00
HD Moore f8cdcb8ac8 This adds support for the new ANI exploit module and updates the apple/realplayer modules to include the proper svn:keywords
git-svn-id: file:///home/svn/framework3/trunk@4588 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-31 05:29:37 +00:00
Mario Ceballos c9de2f34b4 added exploit module easyfilesharing_pass.rb
git-svn-id: file:///home/svn/framework3/trunk@4579 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-26 21:20:27 +00:00
Mario Ceballos 179f08aee9 added exploit module wftpd_size.rb
git-svn-id: file:///home/svn/framework3/trunk@4578 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-26 21:18:44 +00:00
Mario Ceballos 7da1b8f473 module clean up.
git-svn-id: file:///home/svn/framework3/trunk@4577 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-26 21:17:40 +00:00
Mario Ceballos fcb4fb8832 added exploit module mercury_login.rb
git-svn-id: file:///home/svn/framework3/trunk@4576 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-26 21:16:26 +00:00
HD Moore d446bd2520 Remove incomplete exploit, fixes #46
git-svn-id: file:///home/svn/framework3/trunk@4562 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-25 05:26:48 +00:00
HD Moore 3e4434c650 Adds Windows 2003 SP0 support, fixes #57
git-svn-id: file:///home/svn/framework3/trunk@4532 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-12 13:19:28 +00:00
Mario Ceballos 87a49aba03 fixed some spacing.. sorry bout that!
git-svn-id: file:///home/svn/framework3/trunk@4530 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-12 01:15:45 +00:00
HD Moore f915504cfa Fix #53, use Author, not Authors
git-svn-id: file:///home/svn/framework3/trunk@4529 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-12 01:08:18 +00:00
Mario Ceballos 6c82219b81 module clean-up, fixes #36
git-svn-id: file:///home/svn/framework3/trunk@4528 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-12 01:07:57 +00:00
HD Moore 9408d89b79 Complete rewrite of nsiislog_post, fixes #41
git-svn-id: file:///home/svn/framework3/trunk@4514 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-10 07:23:25 +00:00
HD Moore db198485a4 This fixes #44. The XP string was missing NDR encoding and null termination.
git-svn-id: file:///home/svn/framework3/trunk@4511 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-10 03:28:05 +00:00
HD Moore 851328fbae Fixes a typo where an empty 'when' was used instead of an 'else', fixes #50
git-svn-id: file:///home/svn/framework3/trunk@4510 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-10 03:06:38 +00:00
HD Moore 539a8cdead Fix a typo
git-svn-id: file:///home/svn/framework3/trunk@4508 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-09 06:05:22 +00:00
HD Moore a978507ed6 Resolves a typo, fixes #45
git-svn-id: file:///home/svn/framework3/trunk@4505 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-08 13:54:11 +00:00
HD Moore ac66c2d0e3 Resolves a typo in the class name, fixes #47
git-svn-id: file:///home/svn/framework3/trunk@4504 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-08 13:46:33 +00:00
HD Moore 24a6597ff9 Includes another patch from solar, fixes #34, this should actually work for everyone else's system now :-)
git-svn-id: file:///home/svn/framework3/trunk@4502 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-06 13:29:17 +00:00
Mario Ceballos 36ae1a736e added exploit module nmap_stor.rb
git-svn-id: file:///home/svn/framework3/trunk@4499 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-01 12:44:47 +00:00
Matt Miller d42194e14a updated modules to use base class rand_xxx methods
git-svn-id: file:///home/svn/framework3/trunk@4498 4d416f70-5f16-0410-b530-b9f4589650da
2007-03-01 08:21:36 +00:00
HD Moore ac84768d8b This fixes #34 by using the appropriate field to calculate the seh offset.
git-svn-id: file:///home/svn/framework3/trunk@4487 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-27 09:38:47 +00:00
HD Moore 05bd9125ce This fixes #40 by defining the buf variable
git-svn-id: file:///home/svn/framework3/trunk@4486 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-27 09:33:26 +00:00
HD Moore 64a868ee46 Woops, forgot to remove some debugging information
git-svn-id: file:///home/svn/framework3/trunk@4485 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-27 09:32:19 +00:00
HD Moore 06899ee895 This should fix #39, the exploit will detect when the DLL is not installed
git-svn-id: file:///home/svn/framework3/trunk@4484 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-27 09:31:54 +00:00
HD Moore a99c6b4f22 Hopefully this fixes #38, I think it was just a dumb error during porting (missing / from the exploit uri)
git-svn-id: file:///home/svn/framework3/trunk@4482 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-27 09:16:40 +00:00
HD Moore 5858cbdc7e This fixes #37. This module needs an overhaul to match the new HTTP options.
git-svn-id: file:///home/svn/framework3/trunk@4480 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-27 08:58:45 +00:00
HD Moore 6fe02e7fd8 Use a default platform
git-svn-id: file:///home/svn/framework3/trunk@4475 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-26 10:46:52 +00:00
HD Moore 2602891506 Update the check method to use the new API, fixes #30
git-svn-id: file:///home/svn/framework3/trunk@4460 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-22 07:34:03 +00:00
HD Moore 819e24edd6 Fix a typo during port, this fixes #29.
git-svn-id: file:///home/svn/framework3/trunk@4458 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-22 07:19:41 +00:00
HD Moore 1795e6637d fixes #28 (thanks alex!)
git-svn-id: file:///home/svn/framework3/trunk@4451 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-21 03:34:41 +00:00
HD Moore a3030f2a01 fix #18
git-svn-id: file:///home/svn/framework3/trunk@4445 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-19 15:28:47 +00:00
HD Moore abbeb2e87e Adding an Id tag and a standard header to all modules
git-svn-id: file:///home/svn/framework3/trunk@4419 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-18 00:10:39 +00:00
Mario Ceballos 3b732cc4ba rm'd...
git-svn-id: file:///home/svn/framework3/trunk@4391 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-15 19:15:54 +00:00
Mario Ceballos baff366a9a rm'd..
git-svn-id: file:///home/svn/framework3/trunk@4390 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-15 19:15:31 +00:00
Mario Ceballos 9418e3d1bc renamed....
git-svn-id: file:///home/svn/framework3/trunk@4389 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-15 19:13:35 +00:00
Mario Ceballos 1985df06f5 renamed...
git-svn-id: file:///home/svn/framework3/trunk@4388 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-15 19:08:55 +00:00
HD Moore e67f32c9e5 slightly less stupidity (thanks solar!)
git-svn-id: file:///home/svn/framework3/trunk@4360 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-11 22:37:44 +00:00
HD Moore a0c125e118 A new port of my 2.x createobject exploit
git-svn-id: file:///home/svn/framework3/trunk@4345 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-10 19:41:54 +00:00
Mario Ceballos 011d3784b3 added exploit module lgserver.rb.
git-svn-id: file:///home/svn/framework3/trunk@4317 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-04 01:58:50 +00:00
Mario Ceballos 10a288240b added exploit module novell_netmail_auth.rb.
git-svn-id: file:///home/svn/framework3/trunk@4312 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-03 13:11:01 +00:00
Mario Ceballos fe2b668918 added exploit module realplayer_smil.rb.
git-svn-id: file:///home/svn/framework3/trunk@4311 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-03 13:10:31 +00:00
Mario Ceballos 4678cfc7b8 added exploit module apple_itunes_playlist.rb.
git-svn-id: file:///home/svn/framework3/trunk@4310 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-03 13:09:45 +00:00
Mario Ceballos 378101697e added support for BrightStor ARCserve r11.5 SP2 in messege_engine.rb.
git-svn-id: file:///home/svn/framework3/trunk@4306 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-31 23:36:24 +00:00
Mario Ceballos 5045de795a added some NDR stuff to messege_engine.rb
git-svn-id: file:///home/svn/framework3/trunk@4304 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-30 12:09:23 +00:00
Mario Ceballos 7e4484db77 added exploit module messege_engine.rb, much more reliable than the heap vector....
git-svn-id: file:///home/svn/framework3/trunk@4301 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-30 01:23:48 +00:00
Mario Ceballos b165dfb535 fixed the BID.
git-svn-id: file:///home/svn/framework3/trunk@4300 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-29 13:58:10 +00:00
Mario Ceballos 694a356509 added exploit module messege_engine_heap.rb
git-svn-id: file:///home/svn/framework3/trunk@4299 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-29 01:15:33 +00:00
HD Moore f8d730a9b7 Exploit port by Diaul
git-svn-id: file:///home/svn/framework3/trunk@4296 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-26 23:55:01 +00:00
Mario Ceballos a621971326 "Windows version and SP independent." ....
git-svn-id: file:///home/svn/framework3/trunk@4295 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-25 23:08:32 +00:00
Mario Ceballos 764cbc7a67 sorry about that, added EXITFUNC for exploit module tape_engine.rb.
git-svn-id: file:///home/svn/framework3/trunk@4282 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-18 12:58:31 +00:00
Mario Ceballos 9db5f3faff added exploit module tape_engine.rb
git-svn-id: file:///home/svn/framework3/trunk@4280 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-18 02:57:52 +00:00
Matt Miller 9dd4cbb337 port mailenable
git-svn-id: file:///home/svn/framework3/trunk@4273 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-07 23:33:03 +00:00
Matt Miller 9abd1353d6 ported privatewire
git-svn-id: file:///home/svn/framework3/trunk@4272 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-07 07:54:30 +00:00
Matt Miller 28ef83cbe3 blackice port
git-svn-id: file:///home/svn/framework3/trunk@4269 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-07 07:27:51 +00:00
Matt Miller 94348ea6c1 seattelab
git-svn-id: file:///home/svn/framework3/trunk@4267 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-07 06:27:17 +00:00
HD Moore b278bef22d Reference updates
git-svn-id: file:///home/svn/framework3/trunk@4266 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-05 14:44:09 +00:00
Mario Ceballos 2f5d44b91a added exploit module apple_quicktime_rtsp.rb
git-svn-id: file:///home/svn/framework3/trunk@4250 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-02 17:51:43 +00:00
Mario Ceballos d1a1086ab6 added exploit module novell_netmail_subscribe.rb
git-svn-id: file:///home/svn/framework3/trunk@4249 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-01 14:13:16 +00:00
Mario Ceballos c4060f2e51 added exploit module novell_netmail_status.rb
git-svn-id: file:///home/svn/framework3/trunk@4248 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-01 14:12:48 +00:00
Mario Ceballos ad5f37c5dd added exploit module novell_netmail_append.rb
git-svn-id: file:///home/svn/framework3/trunk@4247 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-01 14:12:22 +00:00
Mario Ceballos 84c7edbbc5 ported mercur_imap_select_overflow.pm, untested.
git-svn-id: file:///home/svn/framework3/trunk@4245 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-31 00:10:16 +00:00
HD Moore b221af7791 Integration of the new HTTP Client API
git-svn-id: file:///home/svn/framework3/trunk@4241 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-28 23:42:36 +00:00
Matt Miller 0a52601435 ported, untested
git-svn-id: file:///home/svn/framework3/trunk@4233 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-28 06:17:56 +00:00
Matt Miller 49567c1d0e ported, untested
git-svn-id: file:///home/svn/framework3/trunk@4231 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-28 05:57:39 +00:00
Mario Ceballos fb589f976d added exploit module mercur_login.rb. nice little pre-auth as a result of
porting the mercur_imap_select_overflow.pm module.


git-svn-id: file:///home/svn/framework3/trunk@4229 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-27 22:43:39 +00:00
Mario Ceballos 8a67eb81f9 port of wmailserver_smtp
git-svn-id: file:///home/svn/framework3/trunk@4227 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-23 18:32:21 +00:00
Mario Ceballos bc27c8707b port of badblue_ext_overflow
git-svn-id: file:///home/svn/framework3/trunk@4226 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-23 18:31:57 +00:00
HD Moore bac6d34ded Change the automatic target to be more consistent with the other modules
git-svn-id: file:///home/svn/framework3/trunk@4219 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-18 19:13:24 +00:00
HD Moore b2fbf8eb54 Addition of the isComponentInstalled() exploit and updates to the createTextRange() module
git-svn-id: file:///home/svn/framework3/trunk@4218 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-17 08:03:43 +00:00
HD Moore a8776d85df Renamed to match the new MSB number
git-svn-id: file:///home/svn/framework3/trunk@4209 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-17 02:37:45 +00:00
HD Moore 6fef5abeda Resolve a crash bug in the send_response_html() method
Add the MS06_013 CreateTextRange() exploit



git-svn-id: file:///home/svn/framework3/trunk@4208 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-17 02:34:27 +00:00
Mario Ceballos 0675398f2b more ports
git-svn-id: file:///home/svn/framework3/trunk@4206 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-15 15:28:00 +00:00
Mario Ceballos bd43475166 fixed spacing shizzle.
git-svn-id: file:///home/svn/framework3/trunk@4205 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-14 22:46:50 +00:00
Mario Ceballos 529b808fc9 module clean up for ultravnc_client.rb
git-svn-id: file:///home/svn/framework3/trunk@4204 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-14 22:39:58 +00:00
Mario Ceballos cfdd264f2d module clean up for realvnc_client.rb
git-svn-id: file:///home/svn/framework3/trunk@4203 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-14 22:39:36 +00:00
Mario Ceballos da040e19ad port of realvnc/ultravnc modules
git-svn-id: file:///home/svn/framework3/trunk@4201 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-14 19:41:37 +00:00
Mario Ceballos 4de57e8543 port 2.x to 3.0
git-svn-id: file:///home/svn/framework3/trunk@4199 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-14 13:50:59 +00:00
Matt Miller fb161fc3dd ported putty exploit, untested
git-svn-id: file:///home/svn/framework3/trunk@4198 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-14 02:20:21 +00:00
Mario Ceballos 6a4ffe6e60 fix variable name in ipswitch_wug_maincfgret.rb
git-svn-id: file:///home/svn/framework3/trunk@4194 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-14 01:03:47 +00:00
HD Moore 0a3dce3cd2 Modifications from diaul
git-svn-id: file:///home/svn/framework3/trunk@4188 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-13 05:46:13 +00:00
Mario Ceballos fafeb896c1 added yet another mailenable module. mailenable_login.rb
git-svn-id: file:///home/svn/framework3/trunk@4187 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-11 19:21:17 +00:00
Mario Ceballos 603f58a90c since i installed the previous stuff, thought i'd clean up another module.
git-svn-id: file:///home/svn/framework3/trunk@4185 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-10 22:21:47 +00:00
Mario Ceballos 6edfda8d62 port of freeftpd_key_exchange.pm to freeftpd_key_exchange.rb
git-svn-id: file:///home/svn/framework3/trunk@4183 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-10 16:58:05 +00:00
HD Moore ea204ee0ff API change for the HTML mixin, the send_response method is no longer overloaded, instead exploits must call send_response_html to enable HTML evasion. The old method caused problems when a exploit needed HTML and non-HTML response capabilities
git-svn-id: file:///home/svn/framework3/trunk@4173 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-10 03:26:53 +00:00
HD Moore 206683eebd Changed Html to HTML
git-svn-id: file:///home/svn/framework3/trunk@4169 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-10 02:55:02 +00:00
HD Moore c30219a7cb Use the right default port
git-svn-id: file:///home/svn/framework3/trunk@4165 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-04 14:07:31 +00:00
HD Moore 9c7cdef7de Fixes to "extra" commands provided by the auxiliary modules
git-svn-id: file:///home/svn/framework3/trunk@4161 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-03 17:46:34 +00:00
pusscat c619cc6a12 Much closer, but the egg hunter never seems to find the eggs :(
git-svn-id: file:///home/svn/framework3/trunk@4158 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-01 16:39:25 +00:00
pusscat dc0ad61c85 Done, but only works with a few payloads >.>
git-svn-id: file:///home/svn/framework3/trunk@4157 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-01 16:38:07 +00:00
HD Moore 20a0f0b86c self->self.class for the register_options function
git-svn-id: file:///home/svn/framework3/trunk@4156 4d416f70-5f16-0410-b530-b9f4589650da
2006-12-01 14:03:24 +00:00
Mario Ceballos 2244630b69 added bid id, and cleaned up exploit buffer for threectftpsvc_long_mode.rb.
git-svn-id: file:///home/svn/framework3/trunk@4155 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-29 13:46:14 +00:00
HD Moore 810f80612b Reference updates
git-svn-id: file:///home/svn/framework3/trunk@4154 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-28 17:18:43 +00:00
Mario Ceballos 84f7a28fc7 added exploit module threectftpsvc_long_mode.rb
git-svn-id: file:///home/svn/framework3/trunk@4153 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-28 14:41:35 +00:00
Mario Ceballos 55e0b973b1 removed XPSP1 target in xmplay_asx.rb and replaced it with an XPSP2
target. 


git-svn-id: file:///home/svn/framework3/trunk@4152 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-26 20:00:08 +00:00
Mario Ceballos 296144fa9c added exploit module xmplay_asx.rb
git-svn-id: file:///home/svn/framework3/trunk@4151 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-24 01:12:05 +00:00
HD Moore 7bf91d6760 Updates to the dlink exploit, shiny new netgear exploit
git-svn-id: file:///home/svn/framework3/trunk@4146 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-16 06:00:21 +00:00
HD Moore 5c0176e2dd Better credit to Gil in the comments, made ADDR_DST do something
git-svn-id: file:///home/svn/framework3/trunk@4141 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-15 21:23:03 +00:00
pusscat 2ce2ff8a3a Trying to add this again...
git-svn-id: file:///home/svn/framework3/trunk@4140 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-15 19:04:37 +00:00
pusscat 3c8315d2ad Boyahh muthahfuckers.
git-svn-id: file:///home/svn/framework3/trunk@4139 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-15 17:27:36 +00:00
Mario Ceballos 6117311fe0 fixed spacing...
git-svn-id: file:///home/svn/framework3/trunk@4138 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-15 01:04:34 +00:00
Mario Ceballos dbb3cf8482 fixed spacing...
git-svn-id: file:///home/svn/framework3/trunk@4137 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-15 01:02:04 +00:00
Mario Ceballos dd8c1d3ffe fixed spacing ...
git-svn-id: file:///home/svn/framework3/trunk@4136 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-14 01:44:57 +00:00
Mario Ceballos c2afef0978 fixed spacing..
git-svn-id: file:///home/svn/framework3/trunk@4135 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-14 01:43:42 +00:00
HD Moore 8863474c57 Release time :-)
git-svn-id: file:///home/svn/framework3/trunk@4134 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-13 17:03:34 +00:00
Mario Ceballos 313fb089fb added exploit module cesarftp_mkd.rb, with spacing fixed ;)
git-svn-id: file:///home/svn/framework3/trunk@4131 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-12 15:57:37 +00:00
Mario Ceballos e65978b86d added exploit module navicopa_get_overflow.rb, with spacing fixed ;)
git-svn-id: file:///home/svn/framework3/trunk@4130 4d416f70-5f16-0410-b530-b9f4589650da
2006-11-12 15:55:06 +00:00