Commit Graph

4647 Commits (980cd4c8887c51c9784abd485912f04572d45982)

Author SHA1 Message Date
David Rude 521aec205b Return on error
git-svn-id: file:///home/svn/framework3/trunk@14006 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 19:55:04 +00:00
Carlos Perez 88dbc6adee Accidental assignment
git-svn-id: file:///home/svn/framework3/trunk@14005 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 13:04:40 +00:00
Steve Tornio 1f698e09c9 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@14004 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 11:19:59 +00:00
Carlos Perez f56f620222 Multi platform DNS Enumeration post modules, tested on OS X, Linux, Solaris and Windows
git-svn-id: file:///home/svn/framework3/trunk@14003 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 23:34:00 +00:00
Carlos Perez ee9be2d51e Multi platform post module for creating reverse tcp shells using scripting environments found on the target system, tested on Linux, OS X and Solaris
git-svn-id: file:///home/svn/framework3/trunk@14001 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 23:31:04 +00:00
Carlos Perez a5dc422f9a Windows Credential Store enumeration and decryption module by Kx499
git-svn-id: file:///home/svn/framework3/trunk@14000 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 23:25:28 +00:00
Joshua Drake ac916baac5 Fixes #5581: Stop hardcoding MIPS reverse shell IP/port
git-svn-id: file:///home/svn/framework3/trunk@13999 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 22:50:12 +00:00
David Rude 4209431355 Follow a consistent naming convention
git-svn-id: file:///home/svn/framework3/trunk@13996 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 20:42:59 +00:00
Wei Chen 973227933b Add CVE-2011-1290 as an aux module
git-svn-id: file:///home/svn/framework3/trunk@13994 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 16:30:28 +00:00
Wei Chen 0f1ba8dcf1 Change user agent check
git-svn-id: file:///home/svn/framework3/trunk@13993 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 15:48:03 +00:00
HD Moore 63d3fe2e9c Cosmetic
git-svn-id: file:///home/svn/framework3/trunk@13992 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:57:12 +00:00
HD Moore 5916a4afe3 Cosmetic
git-svn-id: file:///home/svn/framework3/trunk@13991 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:56:33 +00:00
HD Moore f2469fc23f Drop phpi to normal ranking, it eats too much time
git-svn-id: file:///home/svn/framework3/trunk@13990 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:10:45 +00:00
HD Moore e4290e40c4 Fix the check to not report empty user/pass
git-svn-id: file:///home/svn/framework3/trunk@13989 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:10:00 +00:00
Wei Chen 8e4f4a2672 Add CVE-2011-1774 (Safari libxslt arbitrary file creation)
git-svn-id: file:///home/svn/framework3/trunk@13987 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 07:39:50 +00:00
Wei Chen 0a661ec227 Add CVE-2011-3305 (#5673)
git-svn-id: file:///home/svn/framework3/trunk@13985 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 04:40:21 +00:00
Wei Chen fbbec1fa92 This exploit falls between NormalRanking to GoodRanking. I'll class it as Normal for now.
git-svn-id: file:///home/svn/framework3/trunk@13984 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 03:48:10 +00:00
Wei Chen 975cc52bac Fix spelling errors
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
Wei Chen 6e3b36e142 path could be nil but only checked using empty?. Defaulting value to ''
git-svn-id: file:///home/svn/framework3/trunk@13979 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 16:35:53 +00:00
Wei Chen d204f4027b Catch nil first before do .empty?
git-svn-id: file:///home/svn/framework3/trunk@13978 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 15:59:57 +00:00
Wei Chen 87ec1c390e We caught a problem with the module timing out (execution expired), this is an attempt to handle that more gracefully.
git-svn-id: file:///home/svn/framework3/trunk@13977 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 15:38:09 +00:00
Wei Chen 7dbf2e3fcd Apply fix by David, thx!
git-svn-id: file:///home/svn/framework3/trunk@13975 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 15:08:39 +00:00
Wei Chen 0304702b14 Mention where the getpc code is from, request by corelanc0d3r
git-svn-id: file:///home/svn/framework3/trunk@13974 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 14:56:44 +00:00
Jonathan Cran bbfbb38a5f wording fix.
git-svn-id: file:///home/svn/framework3/trunk@13973 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 08:56:07 +00:00
David Rude 8e88a3eaba fix gsub error in foreach dir api usage
git-svn-id: file:///home/svn/framework3/trunk@13972 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 05:54:20 +00:00
Tod Beardsley c336d063da Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip.
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 04:20:53 +00:00
Wei Chen 7ef8c16e75 Fix NoMethodERror undefined method 'each' for '[path]':String error.
paths might be a string instead of an array, because the function that does unix-based enumeration returns a string


git-svn-id: file:///home/svn/framework3/trunk@13970 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 04:15:58 +00:00
Wei Chen 0af43246a4 Fix bug #5688. Some distros might have a different location for command uname
git-svn-id: file:///home/svn/framework3/trunk@13969 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:55:05 +00:00
Tod Beardsley 94eb3ac14c Deleting a puts statement.
git-svn-id: file:///home/svn/framework3/trunk@13968 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:52:10 +00:00
Tod Beardsley 3c36b0c975 Msftidy: knocking out all those trailing spaces. Screw those guys.
git-svn-id: file:///home/svn/framework3/trunk@13967 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:49:49 +00:00
Wei Chen 4c6a1923e7 Fix bug #5687
git-svn-id: file:///home/svn/framework3/trunk@13966 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:32:43 +00:00
Wei Chen 6194486a4c Fix bug #5689 (it needs a 'rescue' in order to catch an exception)
git-svn-id: file:///home/svn/framework3/trunk@13965 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:27:58 +00:00
Wei Chen d159937df6 If you don't have a 'rescue', you're not really catching an exception
git-svn-id: file:///home/svn/framework3/trunk@13964 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:25:12 +00:00
Tod Beardsley 30ac88694f More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:58:53 +00:00
Tod Beardsley e9461c766e Msftidy run against a bunch of whitespace violations, a few line too longs.
git-svn-id: file:///home/svn/framework3/trunk@13962 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:42:01 +00:00
Tod Beardsley ea2c9d1a46 Adding missing Id and Rev SVN keywords.
git-svn-id: file:///home/svn/framework3/trunk@13961 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 01:27:28 +00:00
Wei Chen 6e6b5aa926 Apply fixes by jabra
git-svn-id: file:///home/svn/framework3/trunk@13960 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 00:21:37 +00:00
Wei Chen 7e1070c24e Fix "NoMethodError undefined method 'empty?' for nil:NilClass
git-svn-id: file:///home/svn/framework3/trunk@13959 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 23:23:57 +00:00
Wei Chen 39a4488da5 Patch #5740 for Firefox Array.reduceRight() exploit
git-svn-id: file:///home/svn/framework3/trunk@13958 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 20:28:15 +00:00
Wei Chen e6e8164843 Add CVE-2011-3230 - Safari File Policy vuln
git-svn-id: file:///home/svn/framework3/trunk@13956 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 19:31:09 +00:00
Tod Beardsley d059670d67 Fixes #5570, commits TecR0c's exploit module, after running through msftidy.rb. Thanks!
git-svn-id: file:///home/svn/framework3/trunk@13952 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 15:47:04 +00:00
HD Moore 594b0687c7 Fix CVE reference format
git-svn-id: file:///home/svn/framework3/trunk@13950 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:55:07 +00:00
HD Moore cf8524b1b4 Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:53:53 +00:00
David Rude be642faa81 stack trace fix and whitespace clean up
git-svn-id: file:///home/svn/framework3/trunk@13946 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 04:39:28 +00:00
David Rude 028fd4203b stack trace fix and whitespace clean up
git-svn-id: file:///home/svn/framework3/trunk@13945 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 04:36:08 +00:00
Tod Beardsley 020abd926b A handful of rankings changes, also converting whitespace.
git-svn-id: file:///home/svn/framework3/trunk@13941 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:58:20 +00:00
Tod Beardsley f0ee05eece Moving dos modules to manual ranking.
git-svn-id: file:///home/svn/framework3/trunk@13940 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:20:04 +00:00
Tod Beardsley c45add4199 Moving an old unnamed Microsoft exploit to the proper named exploit.
git-svn-id: file:///home/svn/framework3/trunk@13939 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:16:13 +00:00
Wei Chen 14d7db1641 Add disclosure dates to all the exploit modules that didn't have one
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 21:09:17 +00:00
Wei Chen 1a02a2199b These are considered as cmd exec and do not cause crashes, therefore received an ExcellentRanking
git-svn-id: file:///home/svn/framework3/trunk@13937 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:42:20 +00:00
Wei Chen 1adb31747d This module is missing a ranking. Adding one.
git-svn-id: file:///home/svn/framework3/trunk@13936 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:35:18 +00:00
Wei Chen f2d328d969 cmd exec module should receive ExcellentRanking
git-svn-id: file:///home/svn/framework3/trunk@13935 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:10:53 +00:00
Wei Chen 2b746b3505 This module never got a ranking, adding one
git-svn-id: file:///home/svn/framework3/trunk@13934 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:07:59 +00:00
HD Moore 142ae9288b Fix title
git-svn-id: file:///home/svn/framework3/trunk@13933 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 19:56:57 +00:00
HD Moore 6620476744 More consistency fixes for modules titles
git-svn-id: file:///home/svn/framework3/trunk@13932 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 19:41:40 +00:00
HD Moore 8fd0fdf979 Consistency for manage modules
git-svn-id: file:///home/svn/framework3/trunk@13931 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 19:40:23 +00:00
HD Moore bc986e82d4 Fix the title for consistency
git-svn-id: file:///home/svn/framework3/trunk@13930 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 19:39:30 +00:00
James Lee 77e9c9d973 whitespace and another typo
git-svn-id: file:///home/svn/framework3/trunk@13929 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 18:12:50 +00:00
James Lee 76bad7a4e4 typo
git-svn-id: file:///home/svn/framework3/trunk@13928 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 18:07:50 +00:00
Carlos Perez 89ab6c11a9 small logic error that made module in shell sessions only test odd elements in the IP array
git-svn-id: file:///home/svn/framework3/trunk@13926 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 01:37:50 +00:00
Chao Mu 4b9346e40e Switching my BSD modules to MSF_LICENSE to make life easier. Resistance is Futile! Assimilate!
git-svn-id: file:///home/svn/framework3/trunk@13925 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 23:29:52 +00:00
HD Moore 3c73c3c2f8 Pile of small bug fixes for the FTP server and mixin
git-svn-id: file:///home/svn/framework3/trunk@13924 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 23:07:09 +00:00
Carlos Perez c0910add22 keywords
git-svn-id: file:///home/svn/framework3/trunk@13920 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 02:44:30 +00:00
Carlos Perez e4ce0bcb42 Added additional product keys
git-svn-id: file:///home/svn/framework3/trunk@13919 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 02:42:54 +00:00
HD Moore 0ff7f17cba Cosmetic module and service name fixes
git-svn-id: file:///home/svn/framework3/trunk@13917 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 00:52:15 +00:00
Carlos Perez 445f694e47 Change platform
git-svn-id: file:///home/svn/framework3/trunk@13915 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 22:42:05 +00:00
Wei Chen 4f4c0bc0be Add CVE-2011-2371 Firefox Array.reduceRight() vuln
git-svn-id: file:///home/svn/framework3/trunk@13909 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 03:16:15 +00:00
Carlos Perez 0859c99940 Cisco post module for enumerating information from a SSH or Telnet session to a Cisco device, can try to bruteforce the enable password
git-svn-id: file:///home/svn/framework3/trunk@13907 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 01:54:07 +00:00
Carlos Perez bf0150941e typo
git-svn-id: file:///home/svn/framework3/trunk@13906 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 01:50:15 +00:00
Carlos Perez 742a72ef1f typo
git-svn-id: file:///home/svn/framework3/trunk@13905 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 01:49:53 +00:00
Carlos Perez 7ae1bbbb3f typo
git-svn-id: file:///home/svn/framework3/trunk@13904 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 01:49:36 +00:00
Carlos Perez a0c34d1c73 Sets a session platform when using ssh_login
git-svn-id: file:///home/svn/framework3/trunk@13903 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 01:48:42 +00:00
Carlos Perez fccda688a6 Multi Platform post module for performing DNS Reverse Lookups using the tools installed on the host and the DNS server configured on the host.
git-svn-id: file:///home/svn/framework3/trunk@13899 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 23:26:10 +00:00
Carlos Perez dbdabf8607 Multi Platform post module for performing IPv4 ping sweeps using host built in ping command
git-svn-id: file:///home/svn/framework3/trunk@13897 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 23:20:34 +00:00
Carlos Perez b019f70d72 Post Module for injecting Windows Payloads in to memory works with x86 and x64 payloads and processes.
git-svn-id: file:///home/svn/framework3/trunk@13896 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 23:18:07 +00:00
Carlos Perez ab8b8802b5 issue with none domain machines fixed and added host resolution and reporting on domain controller using some of Mubix railgun fu
git-svn-id: file:///home/svn/framework3/trunk@13895 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 23:15:07 +00:00
HD Moore cce4aafd9b Tweak the snmp_login code to actually only poll response packets every 10 sent and break out of infinite loop in the case of a target going crazy and continuously replying
git-svn-id: file:///home/svn/framework3/trunk@13891 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 20:14:58 +00:00
Wei Chen 90a426cec6 Add PcVue 10 LoadObject/SaveObject vuln (Feature #5647)
git-svn-id: file:///home/svn/framework3/trunk@13889 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 10:57:31 +00:00
James Lee 6578874439 don't bother escaping a tick
git-svn-id: file:///home/svn/framework3/trunk@13887 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 01:45:10 +00:00
Chao Mu 53b807abee Adding the "this file is part of" comment to the top of the module and proper comment formatting
git-svn-id: file:///home/svn/framework3/trunk@13886 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 00:36:55 +00:00
Chao Mu df56110dd9 Fixing $Id so that it is prefaced by a comment.
git-svn-id: file:///home/svn/framework3/trunk@13885 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 00:32:14 +00:00
Chao Mu 667c00161d Remembering to Propset and include $Id: $ this time. Also, switching from BSD_LICENSE to MSF_LICENSE.
git-svn-id: file:///home/svn/framework3/trunk@13884 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 00:30:25 +00:00
Wei Chen 460353fec4 Migrate to process what? :-)
git-svn-id: file:///home/svn/framework3/trunk@13883 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 00:01:25 +00:00
Wei Chen 9a00527114 Check nil
git-svn-id: file:///home/svn/framework3/trunk@13881 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 21:57:20 +00:00
Wei Chen 39049a71ca Chk nil for user in case it returns nil, but password doesn't
git-svn-id: file:///home/svn/framework3/trunk@13880 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 21:55:30 +00:00
Wei Chen f1f1d16f8b handle possible nil return value
git-svn-id: file:///home/svn/framework3/trunk@13879 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 21:01:22 +00:00
Wei Chen 4a73a21277 registry_getvaldata might return nil due to a RequestError. Need to handle those before printing the values.
git-svn-id: file:///home/svn/framework3/trunk@13878 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 20:27:52 +00:00
Wei Chen d49ffd3fc8 Fix naming style, and some other format problems.
git-svn-id: file:///home/svn/framework3/trunk@13877 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 20:08:11 +00:00
Wei Chen 60296e9cf2 Change naming style for consistency
git-svn-id: file:///home/svn/framework3/trunk@13876 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 20:03:40 +00:00
Wei Chen ea0392724e Check nil first, and then check empty
git-svn-id: file:///home/svn/framework3/trunk@13875 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 19:01:09 +00:00
Wei Chen 44761f8755 Fix bug #5675 (nil:NilClass error). Also, nil should be checked first, and then .empty?
git-svn-id: file:///home/svn/framework3/trunk@13874 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 18:58:44 +00:00
HD Moore 558894e100 Test cases don't live in the module directory
git-svn-id: file:///home/svn/framework3/trunk@13871 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 15:51:22 +00:00
Chao Mu 9414747945 jruby was barfing on super(a, b, c,), so I changed the syntax and wrote a very simple unit test for rewrite_proxy_bypass.
git-svn-id: file:///home/svn/framework3/trunk@13870 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 13:52:39 +00:00
Wei Chen 2d3a431fc2 FTP Navigator post module (Feature #5419)
git-svn-id: file:///home/svn/framework3/trunk@13869 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 05:45:03 +00:00
Wei Chen c1b1917dce Change correct name for Lincoln. Also, this is feature #5646
git-svn-id: file:///home/svn/framework3/trunk@13868 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 03:30:14 +00:00
Wei Chen e3111e0261 Add CVE-2008-4779
git-svn-id: file:///home/svn/framework3/trunk@13867 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 03:28:08 +00:00
Wei Chen be4f473cfa Rename meebo for consistency
git-svn-id: file:///home/svn/framework3/trunk@13866 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 00:38:50 +00:00
Wei Chen 8f2c87fb5e Add Beckhoff TwinCAT SCADA PLC dos module (Feature #5524)
git-svn-id: file:///home/svn/framework3/trunk@13865 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 23:41:15 +00:00
Chao Mu dcb6de2b58 Fixes #5667 this module scans for reverse proxy servers that exhibit a misconfiguration like the one detailed in www.contextis.com/research/blog/reverseproxybypass/. By default it requests a URI of @... and checks for a 502
git-svn-id: file:///home/svn/framework3/trunk@13864 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 22:34:50 +00:00
Wei Chen 50d4e85c57 "bug" #5583 - Dyn-DNS client password extractor
git-svn-id: file:///home/svn/framework3/trunk@13863 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 21:41:36 +00:00
HD Moore 43e6b3066b Fix errant spaces, closes #5666, thanks jjarmoc!
git-svn-id: file:///home/svn/framework3/trunk@13858 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 21:07:55 +00:00
Tod Beardsley 568bde7aa4 Fixes #5404
See #5350
See #5246
See #5241
See #5173

Adds password hash dumping as loot for Postgres, MSSQL, MySQL, and several Oracle flavors of RDBMS. Thanks TheLightCosine!



git-svn-id: file:///home/svn/framework3/trunk@13854 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 17:05:01 +00:00
Wei Chen f54939cda9 Change target name and description. The module works on multiple systems.
git-svn-id: file:///home/svn/framework3/trunk@13853 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 16:47:33 +00:00
Wei Chen 8488343e46 Add CVE-2011-2595 (Feature #5645)
git-svn-id: file:///home/svn/framework3/trunk@13852 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 16:11:05 +00:00
HD Moore 643223ff11 Fixes #5651 by applying patch
git-svn-id: file:///home/svn/framework3/trunk@13850 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 15:40:59 +00:00
Wei Chen 756aafd7f2 Add CVE and OSVDB refs
git-svn-id: file:///home/svn/framework3/trunk@13848 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 22:56:17 +00:00
Wei Chen 9ddfc122af Fix indentation, white spaces, add patch URL to reference
git-svn-id: file:///home/svn/framework3/trunk@13847 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 20:39:02 +00:00
Wei Chen 262b3bbe00 Use Rex to encode payload to base64
git-svn-id: file:///home/svn/framework3/trunk@13846 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 20:31:51 +00:00
Joshua Drake eab8a2434b fix typo in description
git-svn-id: file:///home/svn/framework3/trunk@13845 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 19:39:15 +00:00
Tod Beardsley 921549fc3d Adding OSVDB ref that just popped up for me.
git-svn-id: file:///home/svn/framework3/trunk@13844 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 15:49:02 +00:00
Wei Chen 98157272fd Fix indentation for exploit description
git-svn-id: file:///home/svn/framework3/trunk@13843 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 06:12:54 +00:00
Wei Chen d1b1b26d01 Add Feature #5499 (Snortreport module)
git-svn-id: file:///home/svn/framework3/trunk@13842 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 06:10:18 +00:00
Wei Chen 487ee5b46e Does not work against Win 7 SP0/SP1 and Windows Server 2003 SP2. Definitely not an universal target.
git-svn-id: file:///home/svn/framework3/trunk@13841 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 05:36:42 +00:00
Wei Chen a3cc25615d Add bug #5505 (scriptftp_list module)
git-svn-id: file:///home/svn/framework3/trunk@13839 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 04:17:03 +00:00
Tod Beardsley 3d9c94633d Adding MyBB backdoor exploit submitted by tdz. Thanks!
git-svn-id: file:///home/svn/framework3/trunk@13838 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 03:22:07 +00:00
HD Moore 3d8a18cfd1 Fix tab indent
git-svn-id: file:///home/svn/framework3/trunk@13836 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-08 18:39:23 +00:00
Joshua Drake 2e7edeff81 See #3585: Happy Third Birthday MS08-067!
Adds an AlwaysOn DEP bypass for XP SP2 and SP3

git-svn-id: file:///home/svn/framework3/trunk@13835 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-08 07:26:37 +00:00
Wei Chen e1e74de44a Add enum_ie.rb (feature #5251)
git-svn-id: file:///home/svn/framework3/trunk@13834 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 21:02:05 +00:00
Wei Chen 44ac9d67e0 svn propset
git-svn-id: file:///home/svn/framework3/trunk@13831 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 17:45:15 +00:00
Steve Tornio 9ec92ee603 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@13830 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 15:37:54 +00:00
HD Moore 9862987f45 Add a new module from joernchen
git-svn-id: file:///home/svn/framework3/trunk@13829 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 15:30:24 +00:00
Carlos Perez 15432fa2f5 Fix misspelled word
git-svn-id: file:///home/svn/framework3/trunk@13826 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 00:31:28 +00:00
Carlos Perez 1aa5deca43 Updated migrate post module for Meterpreter adding support automatically creating a process with the proper architecture to migrate to and added support to kill original process.
git-svn-id: file:///home/svn/framework3/trunk@13825 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 00:22:27 +00:00
Wei Chen c97fc2c683 Fix typo
git-svn-id: file:///home/svn/framework3/trunk@13816 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-04 21:05:37 +00:00
Wei Chen 6ffa61b314 Apply patch for bug #5212
git-svn-id: file:///home/svn/framework3/trunk@13815 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-04 19:10:33 +00:00
Wei Chen 37069a252c Support POST. Feature #5571
git-svn-id: file:///home/svn/framework3/trunk@13814 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-04 16:02:52 +00:00
Wei Chen 3398b9fa0b Add add_user_domain
git-svn-id: file:///home/svn/framework3/trunk@13813 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-04 15:50:12 +00:00
Wei Chen 5cf6ddc322 Add Windows enum domain post module
git-svn-id: file:///home/svn/framework3/trunk@13812 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-03 21:05:54 +00:00
Steve Tornio 93f8d73b0c add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@13810 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-02 17:03:23 +00:00
Mario Ceballos 711bfa7d53 initial coverage for ca total defense sqli
git-svn-id: file:///home/svn/framework3/trunk@13809 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-02 15:53:44 +00:00
Wei Chen d1a0a66a9d Add post module enum domain admin tokens (by jabra)
git-svn-id: file:///home/svn/framework3/trunk@13804 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-29 08:18:13 +00:00
Wei Chen f3d35a491c Bug fix #5542. Issue with String#each. Thx egyp7.
git-svn-id: file:///home/svn/framework3/trunk@13800 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-27 23:03:30 +00:00
Wei Chen 612cdc8c73 No need to check if version is 'unknown' if nothing else (other than default) is assigned to it
git-svn-id: file:///home/svn/framework3/trunk@13799 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-27 19:12:31 +00:00
David Rude 99d86fc9b7 Adds recording screenshots to disk in non-clobbering way
git-svn-id: file:///home/svn/framework3/trunk@13798 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-27 15:26:03 +00:00
Wei Chen 2b3a277124 Found an instance that causes the win 7 target to fail. This fix corrects it.
git-svn-id: file:///home/svn/framework3/trunk@13797 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-27 08:55:07 +00:00
Wei Chen 8d1763484d Fix metadata format
git-svn-id: file:///home/svn/framework3/trunk@13792 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-26 03:21:37 +00:00
Wei Chen 8bfdebeaf3 Handle the return value for send_request during the early stage
git-svn-id: file:///home/svn/framework3/trunk@13791 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-25 19:28:15 +00:00
Wei Chen 5d4b562e62 Add GlassFish BruteForce auxiliary module by Josh (See #5515)
git-svn-id: file:///home/svn/framework3/trunk@13790 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-25 19:24:53 +00:00
James Lee 565fd957fb whitespace
git-svn-id: file:///home/svn/framework3/trunk@13789 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-24 23:26:40 +00:00
Tod Beardsley d437c99919 Fixing what looks like a versioning mismatch for the XMAS scan (readreply vs probereply methods).
git-svn-id: file:///home/svn/framework3/trunk@13786 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-24 13:39:42 +00:00
James Lee 2cb5dbdb10 fix a silly output bug, thanks mezzendo for noticing
git-svn-id: file:///home/svn/framework3/trunk@13785 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 22:28:11 +00:00
James Lee cdead3da54 whitespace cleanup and fix some ArgumentErrors when a field is wide, fixes #5518, thanks Joshua Taylor
git-svn-id: file:///home/svn/framework3/trunk@13783 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 17:51:11 +00:00
David Rude 4d850c1ee6 Adds Apache Range DoS aka Apache Killer
git-svn-id: file:///home/svn/framework3/trunk@13781 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 16:38:35 +00:00
Matt Weeks de9e99bd3d Fix some TOCTOU confusion and database errors.
git-svn-id: file:///home/svn/framework3/trunk@13779 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 15:12:19 +00:00
Wei Chen db79d21f75 Apply patch for non-default logins by jabra
git-svn-id: file:///home/svn/framework3/trunk@13778 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 02:48:48 +00:00
Wei Chen ec6f290fbd Add Windows 7 target and all kinds of stuff.
git-svn-id: file:///home/svn/framework3/trunk@13775 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-22 17:40:35 +00:00
Patrick Webster 5c41385284 Added aux module trendmicro_dlp_traversal.
git-svn-id: file:///home/svn/framework3/trunk@13772 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-22 07:34:53 +00:00
amaloteaux 2d0d48a820 remove an Argument Error, Negative Number bug faced at Brucon
git-svn-id: file:///home/svn/framework3/trunk@13769 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-21 14:52:52 +00:00
Steve Tornio e93341f9f1 add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@13768 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-21 11:55:56 +00:00
Wei Chen 5d4f68a6f2 Fix JS
git-svn-id: file:///home/svn/framework3/trunk@13767 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-21 03:13:45 +00:00
Wei Chen 936f3de84c This simple math would do the trick
git-svn-id: file:///home/svn/framework3/trunk@13766 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-20 18:56:21 +00:00
Wei Chen 742edf1ad1 Add eSignal and eSignal Pro exploit
git-svn-id: file:///home/svn/framework3/trunk@13765 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-20 17:39:53 +00:00
James Lee 7163710bcf fix a typo and some whitespace, fixes #5480. Thanks Kurt!
git-svn-id: file:///home/svn/framework3/trunk@13764 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-20 17:17:20 +00:00
Wei Chen f9d74b0701 Printing res code for DELETE should be optional. It's not like we can always trust it anyway.
git-svn-id: file:///home/svn/framework3/trunk@13763 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-20 00:41:42 +00:00
Joshua Drake 7c74954461 remove silly comma
git-svn-id: file:///home/svn/framework3/trunk@13762 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 23:06:35 +00:00
Wei Chen 7f80ba939a Apparently I can't speaks engrish
git-svn-id: file:///home/svn/framework3/trunk@13760 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 21:18:48 +00:00
Wei Chen ec530955ce Checking response codes is a terrible way for HTTP modules. #5470.
git-svn-id: file:///home/svn/framework3/trunk@13759 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 20:36:09 +00:00
Jonathan Cran a1675bfbc6 replaced by http_put
git-svn-id: file:///home/svn/framework3/trunk@13758 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 20:14:26 +00:00
Joshua Drake 3318b132c8 add x90c's email address
git-svn-id: file:///home/svn/framework3/trunk@13757 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 19:40:48 +00:00
Steve Tornio ee09c028a0 add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@13756 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 11:38:49 +00:00
Jonathan Cran 8b1fd95f66 Add a module to check HTTP PUT / DELETE file access. Thanks CG! Resolves 5089.
git-svn-id: file:///home/svn/framework3/trunk@13755 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-19 01:18:23 +00:00
Matt Weeks 1d2ddc55e8 Add UI for PXE attack reset.
git-svn-id: file:///home/svn/framework3/trunk@13753 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 20:44:16 +00:00
James Lee f4be092ac1 include the CVE with more details that definitely applies to this bug, in addition to the ambiguous one that may or may not
git-svn-id: file:///home/svn/framework3/trunk@13751 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 03:57:27 +00:00
Wei Chen bf315b09ed Add DAQFactory bof
git-svn-id: file:///home/svn/framework3/trunk@13750 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-18 02:45:55 +00:00
Tod Beardsley 10c76f66ba Adding an extra print line to adobe_cooltype_sing that clearly displays the user-agent.
git-svn-id: file:///home/svn/framework3/trunk@13748 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-17 20:12:51 +00:00
Jonathan Cran 064255e910 fixup the payload encoding, per joernchen's comment in the #metasploit channel.
git-svn-id: file:///home/svn/framework3/trunk@13747 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-17 17:48:51 +00:00
Wei Chen 56025609f0 Add fix commit url to reference. Thx jduck!
git-svn-id: file:///home/svn/framework3/trunk@13745 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-17 06:48:33 +00:00
James Lee 7e4826bae4 silly patch fail
git-svn-id: file:///home/svn/framework3/trunk@13742 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-16 21:11:57 +00:00
James Lee c6c133673f add reverse_https support for java meterpreter, fixes #5288; thanks mihi!
git-svn-id: file:///home/svn/framework3/trunk@13741 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-16 21:10:11 +00:00
Wei Chen 2ebef435a0 Add CVE-2011-2950 Real Player heap overflow
git-svn-id: file:///home/svn/framework3/trunk@13738 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-16 19:22:29 +00:00
Wei Chen 6443ee024c Add Measuresoft ScadaPro exploit
git-svn-id: file:///home/svn/framework3/trunk@13737 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-16 08:23:59 +00:00
et 3dffd09875 Generic HTML data scraper
git-svn-id: file:///home/svn/framework3/trunk@13736 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-16 02:36:32 +00:00
Wei Chen 7569cad178 Correct variable use in heap spray js function
git-svn-id: file:///home/svn/framework3/trunk@13735 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-15 22:37:13 +00:00
Wei Chen 70fa0e630b Add Windows 7 + IE 8 target. Also use a different approach to get code execution.
git-svn-id: file:///home/svn/framework3/trunk@13734 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-15 20:51:01 +00:00
Steve Tornio de98758f2b add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@13728 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-13 20:10:28 +00:00
Wei Chen 9e5d07b201 Add ScadaTEC ScadaPhone bof
git-svn-id: file:///home/svn/framework3/trunk@13727 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-13 17:25:03 +00:00
HD Moore 85eb581c16 Quick fix to match service changes
git-svn-id: file:///home/svn/framework3/trunk@13726 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-13 06:48:07 +00:00
Carlos Perez c1446fa4d7 Migration of wmic script to post module
git-svn-id: file:///home/svn/framework3/trunk@13725 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-12 23:33:09 +00:00
Steve Tornio e6ce90c551 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@13724 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-12 21:42:36 +00:00
Joshua Drake f8eb9e5dd4 extraneous space typo
git-svn-id: file:///home/svn/framework3/trunk@13722 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-12 19:21:21 +00:00
Wei Chen 8b8388ed44 Add CVE-2011-3322 Procyon Core Server HMI
git-svn-id: file:///home/svn/framework3/trunk@13721 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-12 17:54:31 +00:00
Carlos Perez b7ed699abf Avoid using session.sock.peerhost to set host in reporting since this will return nil when working thru a pivot, use the address returned by session.tunnel_peer instead
git-svn-id: file:///home/svn/framework3/trunk@13716 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-11 03:10:14 +00:00
Matt Weeks acae5dcdc8 Killing puts.
Die, puts, die!!



git-svn-id: file:///home/svn/framework3/trunk@13715 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-11 02:42:39 +00:00
David Rude fafa615d46 Adds store_loot support for cached credentials
git-svn-id: file:///home/svn/framework3/trunk@13712 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-09 18:43:59 +00:00
Wei Chen e597891a1f Add support for DEP bypass
git-svn-id: file:///home/svn/framework3/trunk@13711 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-09 18:15:50 +00:00
James Lee e31acef6e9 whitespace cleanup
git-svn-id: file:///home/svn/framework3/trunk@13702 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-07 15:30:08 +00:00
Mario Ceballos 6f28911d3d added patch from joshua taylor.
git-svn-id: file:///home/svn/framework3/trunk@13698 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-06 19:58:40 +00:00
Wei Chen 819e673b88 Mention about the RSA attack in the description, also add a reference for it
git-svn-id: file:///home/svn/framework3/trunk@13697 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-06 17:22:00 +00:00
HD Moore 7fb4a3c571 Fix up the disablenops syntax
git-svn-id: file:///home/svn/framework3/trunk@13694 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-05 16:27:04 +00:00
Wei Chen eae3f97bfe Should have deleted this. The replacement for it is enum_devices.rb
git-svn-id: file:///home/svn/framework3/trunk@13692 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-04 17:22:50 +00:00
Mario Ceballos 2f2421badc initial coverage of the pnsize bug (fileformat)
git-svn-id: file:///home/svn/framework3/trunk@13691 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 21:17:58 +00:00
Wei Chen 44ba7e80d5 This module still works against 2.5 (most current as of Sept 2 2011)
git-svn-id: file:///home/svn/framework3/trunk@13688 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 04:52:04 +00:00
Wei Chen 835c5938d5 Fix typo. Thx mubix for spotting it.
git-svn-id: file:///home/svn/framework3/trunk@13687 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 04:39:47 +00:00
Wei Chen 3260721d6f Add post module that retrieves MS product key
git-svn-id: file:///home/svn/framework3/trunk@13686 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 04:16:42 +00:00
Wei Chen 91c5a15eb4 Actually, this is the right fix for bug #5363
git-svn-id: file:///home/svn/framework3/trunk@13685 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 02:20:22 +00:00
Wei Chen 14d2a45c5b This fix is to make sure BLANK_PASSWORDS functions properly. See bug #5363.
git-svn-id: file:///home/svn/framework3/trunk@13684 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 02:09:00 +00:00
HD Moore 400afbadf8 Fixes #5392 by closing the listener after accepting the connection. Fixes a number of formatting and api issues
git-svn-id: file:///home/svn/framework3/trunk@13682 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-02 16:19:28 +00:00
HD Moore e4f74b75f8 Add a module for the rsyslog DoS (not triggerable on many platforms)
git-svn-id: file:///home/svn/framework3/trunk@13681 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-02 15:55:54 +00:00
David Rude 8a070b81a2 Add the noobfuscation arg to the heaplib call
git-svn-id: file:///home/svn/framework3/trunk@13675 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-01 09:00:20 +00:00
Wei Chen 4e92190fa8 Add additional references, correct disclosure date
git-svn-id: file:///home/svn/framework3/trunk@13673 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-01 05:20:47 +00:00
Wei Chen 717b0eddee Add DVD X plf playlist buffer overflow
git-svn-id: file:///home/svn/framework3/trunk@13672 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-01 05:14:21 +00:00
Carlos Perez 6de16f055a Fix formating problem when saving to file
git-svn-id: file:///home/svn/framework3/trunk@13671 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-31 17:20:16 +00:00
Wei Chen 22dc0ed551 Fix disclosure date
git-svn-id: file:///home/svn/framework3/trunk@13670 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-31 00:15:46 +00:00
David Rude c5fe6ed503 Reset the target to allow for multiple client connections
git-svn-id: file:///home/svn/framework3/trunk@13669 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-30 22:29:14 +00:00
David Rude 70dffd6afb Adds Citrix Gateway ActiveX Stack Based Buffer Overflow module
git-svn-id: file:///home/svn/framework3/trunk@13666 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-30 22:22:32 +00:00
HD Moore 5fa7ddf5f4 Move this aux module out of the exploits tree
git-svn-id: file:///home/svn/framework3/trunk@13657 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 15:30:13 +00:00
David Rude cacc3f237c Added improvements to this module to use a wordlist of known sensitive files
git-svn-id: file:///home/svn/framework3/trunk@13654 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 03:13:22 +00:00
HD Moore 160e473943 Minor style tweaks
git-svn-id: file:///home/svn/framework3/trunk@13653 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 00:59:21 +00:00
HD Moore d2e0060417 Ruby is not Python
git-svn-id: file:///home/svn/framework3/trunk@13652 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 00:26:42 +00:00
David Rude 6146d0ab0f remove some extra whitespace
git-svn-id: file:///home/svn/framework3/trunk@13651 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-28 22:40:32 +00:00
David Rude 57814c4012 Add nbd_server post module and move forensics modules into a seperate directory
git-svn-id: file:///home/svn/framework3/trunk@13650 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-28 22:38:59 +00:00
Matt Weeks 6853221762 Fixes #5313 by adding logging support to pivoted PXE attacks, and displaying results as the module runs.
git-svn-id: file:///home/svn/framework3/trunk@13646 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-27 15:46:49 +00:00
Joshua Drake 496170eac1 aDjUsT tHe CaSe
git-svn-id: file:///home/svn/framework3/trunk@13644 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-26 23:46:49 +00:00
David Rude 052feebc29 Adds Google Picasa Password Extractor Post module
git-svn-id: file:///home/svn/framework3/trunk@13643 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-26 18:32:42 +00:00
David Rude ab11d3e3eb Fix the CVE reference
git-svn-id: file:///home/svn/framework3/trunk@13642 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-26 15:25:27 +00:00
David Rude 76f0226ff0 Adds the RealVNC Null Authentication Bypass exploit - gj thelightcosine =)
git-svn-id: file:///home/svn/framework3/trunk@13641 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-26 04:40:21 +00:00
Matt Weeks f9e651d382 Report to DB too.
git-svn-id: file:///home/svn/framework3/trunk@13640 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 22:56:22 +00:00
Matt Weeks 23b4f4ed98 Address #5313 for locally-launched PXE attacks.
git-svn-id: file:///home/svn/framework3/trunk@13639 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 22:48:33 +00:00
amaloteaux 9cfba23558 psexec: allow o upload payload in a subfolder
git-svn-id: file:///home/svn/framework3/trunk@13638 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 22:30:46 +00:00
HD Moore b5070f9cad Adds a utility module to close sessions
git-svn-id: file:///home/svn/framework3/trunk@13636 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 19:07:18 +00:00
Tod Beardsley 3b32e28e0f Converting the ACTION datastore to the CMD datastore to avoid confusion with an :action attribute.
git-svn-id: file:///home/svn/framework3/trunk@13635 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 15:56:10 +00:00
Matt Weeks 06c3dabe31 Fixes #5312 for pivoted PXE attacks.
git-svn-id: file:///home/svn/framework3/trunk@13634 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 02:07:35 +00:00
amaloteaux c8bb6a5fda mke this module more automatic and reliable
git-svn-id: file:///home/svn/framework3/trunk@13632 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-25 00:11:20 +00:00
amaloteaux a38aed075c correct some more packetfu migration bug
git-svn-id: file:///home/svn/framework3/trunk@13631 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 23:49:58 +00:00
amaloteaux 5e1dd48c72 correct some bug left after packetfu migration and make this module compatible with windows
git-svn-id: file:///home/svn/framework3/trunk@13626 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 20:44:39 +00:00
Tod Beardsley 6e2dfdee86 Oops, missing orequals.
git-svn-id: file:///home/svn/framework3/trunk@13620 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 19:47:37 +00:00
Tod Beardsley 628d950d98 See #5029. A reworked DTP spoofer module using PacketFu and some raw DTP bytes instead of Racket.
git-svn-id: file:///home/svn/framework3/trunk@13619 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 19:34:12 +00:00
Carlos Perez 110094de1b Post module for gathering Autologin User Credentials by Myo Soe
git-svn-id: file:///home/svn/framework3/trunk@13608 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-22 00:37:09 +00:00
David Rude 98d474c875 Add BNAT Router module to properly establish and route connections to BNAT implementations
git-svn-id: file:///home/svn/framework3/trunk@13606 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-21 23:40:09 +00:00
HD Moore 81cb99c7ab A better fix
git-svn-id: file:///home/svn/framework3/trunk@13605 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-21 19:26:41 +00:00
David Rude b39ed220ca remove the .strip call in banner check causes stack traces in some cases
git-svn-id: file:///home/svn/framework3/trunk@13604 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-21 06:50:51 +00:00
David Rude 3792a8f4b7 Added enum_dirperms post module
git-svn-id: file:///home/svn/framework3/trunk@13603 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-21 05:58:38 +00:00
David Rude adf5d7eb73 Adds the BNAT scan module for actively finding bad NAT implementations
git-svn-id: file:///home/svn/framework3/trunk@13602 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-21 04:46:57 +00:00
David Rude b331073851 cleaned up some column width issues, added on_new_session clean up code to remove files
git-svn-id: file:///home/svn/framework3/trunk@13599 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-20 17:47:03 +00:00
Joshua Drake 79c7fc7c70 fix up a typo
git-svn-id: file:///home/svn/framework3/trunk@13598 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-20 05:41:59 +00:00
James Lee a924910b86 add user profile fu for firefox_creds, see #4954
git-svn-id: file:///home/svn/framework3/trunk@13597 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-20 05:13:17 +00:00
Carlos Perez db57999246 Reverse lookup module using Railgun, written by Mubix
git-svn-id: file:///home/svn/framework3/trunk@13594 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-20 01:23:24 +00:00
Wei Chen 6723c7fb3e Minor metadata format fix
git-svn-id: file:///home/svn/framework3/trunk@13593 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-20 00:11:22 +00:00
Wei Chen 8fbd81a0f0 Add HP Easy Printer xmlsimpleaccessor exploit
git-svn-id: file:///home/svn/framework3/trunk@13592 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 23:49:45 +00:00
Mario Ceballos aef764de08 working on moving things referenced in Feature #653. added different param for secure backup
git-svn-id: file:///home/svn/framework3/trunk@13591 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 18:35:29 +00:00
Wei Chen fe53151324 fix tabs
git-svn-id: file:///home/svn/framework3/trunk@13590 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 16:58:50 +00:00
Wei Chen 056adf7063 Add Win 7 target
git-svn-id: file:///home/svn/framework3/trunk@13589 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 16:57:19 +00:00
James Lee 851bc8d7b8 add a single shell payload for java, partially reverts r13213
git-svn-id: file:///home/svn/framework3/trunk@13588 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 16:31:19 +00:00
Tod Beardsley 4c71b3f1fe More minor touchups to nbns_response. Dropping the unused FILTER option, making SPOOFIP an OptAddress, spelling.
git-svn-id: file:///home/svn/framework3/trunk@13587 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 14:34:17 +00:00
David Rude c78ba0e4d5 hehe remove debugging put call
git-svn-id: file:///home/svn/framework3/trunk@13586 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:59:32 +00:00
David Rude 63e2b759e7 require the URI option
git-svn-id: file:///home/svn/framework3/trunk@13585 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:54:58 +00:00
David Rude 402ca57bb4 Adds Struts2 Remote Code Execution exploit CVE-2010-1870
git-svn-id: file:///home/svn/framework3/trunk@13584 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:52:09 +00:00
Patrick Webster 392684736d Added aux module check_dir_file.
git-svn-id: file:///home/svn/framework3/trunk@13578 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-18 04:10:17 +00:00
Tod Beardsley a746067089 add a reminder to deal with this and all these other unstoppable while true; do stuff; end endless run() options.
git-svn-id: file:///home/svn/framework3/trunk@13575 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-17 21:02:20 +00:00
Tod Beardsley 7f45ed2f8d Fixes #5109.
Fixes #5198.

Removes the not actually required rhost (as well as other pcap-provided options that don't appear useful), fixes up the debug mode to not stacktrace when parsing back the recv'ed NBNS request. Thx Brandon and Steve!




git-svn-id: file:///home/svn/framework3/trunk@13574 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-17 21:00:10 +00:00