ca15d2d8e7
Added Pandora FMS RCE and SQLi module
2014-02-12 12:02:33 -05:00
79d559a0c9
Fix MIME message to_s
2014-02-10 22:23:23 -06:00
1236a4eb07
Fixup on description and some option descrips
2014-02-10 14:41:59 -06:00
c96116b193
Land #2949 - Add module Kloxo SQLi
2014-02-08 13:45:11 -06:00
c679b1001b
Make pring_warning verbose
2014-02-07 10:23:07 -06:00
4236abe282
Better SIGHUP handling
2014-02-06 15:21:54 -06:00
fdb954fdfb
Report credentials
2014-02-05 14:37:33 -06:00
631559a2e8
Add module for Kloco SQLi
2014-02-05 14:18:56 -06:00
50f860757b
Changes made to pandora_fms_exec module as requested
2014-02-03 14:10:27 +07:00
9a929e75e4
Added Pandora FMS RCE
2014-01-29 12:46:23 +07:00
a7fa4e312b
This module fails to load due to the missing end
2014-01-24 17:56:47 -06:00
cdc425e4eb
Update some checks
2014-01-24 12:08:23 -06:00
0a10c1297c
Address nil
2014-01-23 11:00:28 -06:00
333229ea7e
Throw Unknown if connection times out
2014-01-23 10:54:45 -06:00
c83053ba9b
Progress
2014-01-22 11:20:10 -06:00
646f7835a3
Saving progress
2014-01-21 17:14:55 -06:00
590547ebc7
Modify title to avoid versions
2014-01-07 13:01:10 -06:00
c34af35230
Add wrt100 to the description and title.
...
* The wrt110 and wrt100 share the same firmware, and are both vulnerable to this
bug.
2014-01-07 10:26:15 -06:00
7f9f4ba4db
Make gsubs compliant with the new indentation standard
2013-12-31 11:06:53 -06:00
5ce862a5b5
Add OSVDB
2013-12-26 10:33:46 -06:00
163a54f8b1
Do send_request_cgi final clean up
2013-12-20 17:00:57 -06:00
af13334c84
Revert gsub!
2013-12-20 11:39:49 -06:00
1da961343a
Do final (minor) cleanup
2013-12-20 11:20:29 -06:00
929f3ea35c
Turn Auxiliary module into Exploit module
2013-12-20 16:45:38 +01:00
ec64382efc
Fix cfme_manageiq_evm_upload_exec according to chat with @rcvalle
2013-12-18 11:53:30 -06:00
a28ea18798
Clean pull request
2013-12-18 11:32:34 -06:00
21661b168b
Add cfme_manageiq_evm_upload_exec.rb
...
This module exploits a path traversal vulnerability in the "linuxpkgs"
action of "agent" controller of the Red Hat CloudForms Management Engine
5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier).
2013-12-09 16:18:12 -02:00
bf3489203a
I missed this one
2013-12-03 13:13:14 -06:00
230db6451b
Remove @peer for modules that use HttpClient
...
The HttpClient mixin has a peer() method, therefore these modules
should not have to make their own. Also new module writers won't
repeat the same old code again.
2013-12-03 12:58:16 -06:00
55847ce074
Fixup for release
...
Notably, adds a description for the module landed in #2709 .
2013-12-02 16:19:05 -06:00
fc14a6c149
Land #2576 - NETGEAR ReadyNAS Perl Code Evaluation Vulnerability
2013-11-24 00:47:14 -06:00
36db6a4d59
Land #2616 , SuperMicro close_window BOF
2013-11-15 11:34:53 -06:00
2035983d3c
Fix a handful of msftidy warnings, and XXX SSL
...
Marked the SSL stuff as something that needs to be resolved in order to
fix a future bug in datastore manipulation. Also, fixed some whitespace
and exec complaints
[SeeRM #8498 ]
2013-11-11 21:23:35 -06:00
40f8e80775
Fix jlee-r7's feedback
2013-11-08 14:28:19 -06:00
b7e360922d
Update ranking
2013-11-07 15:10:26 -06:00
decf6ff6a0
Add module for CVE-2013-3623
2013-11-07 14:59:40 -06:00
c92e8ff98d
Delete extra space
2013-10-30 19:34:54 -05:00
9045eb06b0
Various title and description updates
2013-10-28 14:00:19 -05:00
dd094eee04
Use 443 by default with SSL
2013-10-24 16:30:26 -05:00
72f686d99a
Add module for CVE-2013-2751
2013-10-24 16:10:32 -05:00
2aed8a3aea
Update modules to use new ZDI reference
2013-10-21 15:13:46 -05:00
cacaf40276
Land #2542 - D-Link DIR-605L Captcha Handling Buffer Overflow
2013-10-21 12:03:07 -05:00
9bfd98b001
Change plate
2013-10-21 11:54:42 -05:00
7dd39ae5e6
Update ranking
2013-10-17 22:43:47 -05:00
a00a813649
Add real device libraries base addresses
2013-10-17 22:34:54 -05:00
3d3a7b3818
Add support for OSVDB 86824
2013-10-17 01:08:01 -05:00
ba2c52c5de
Fixed up some more weird splat formatting.
2013-10-16 16:25:48 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
63e40f9fba
Release time fixes to modules
...
* Period at the end of a description.
* Methods shouldn't be meth_name! unless the method is destructive.
* "Setup" is a noun, "set up" is a verb.
* Use the clunky post module naming convention.
2013-10-14 15:17:39 -05:00
a6f17c3ba0
Clean zabbix_sqli
2013-10-14 14:01:58 -05:00
171b70fa7c
Zabbix v2.0.8 SQLi and RCE Module
...
Conflicts:
modules/exploits/linux/http/zabbix_sqli.rb
Commit completed version of zabbix_sqli.rb
2013-10-10 22:50:02 -04:00
4ba001d6dd
Put my short name to prevent conflicts.
2013-10-07 14:10:47 -05:00
ec6516d87c
Deprecate misnamed module.
...
* Renames to a linux linksys module.
2013-10-07 14:06:13 -05:00
fcba424308
Kill off EOL spaces on astium_sqli_upload.
2013-10-03 11:01:27 -05:00
813bd2c9a5
Land #2379 , @xistence's exploit for OSVDB 88860
2013-09-26 13:52:15 -05:00
c2ff5accee
stability fixes to astium_sqli_upload
2013-09-26 10:23:33 +07:00
c547e84fa7
Prefer Ruby style for single word collections
...
According to the Ruby style guide, %w{} collections for arrays of single
words are preferred. They're easier to type, and if you want a quick
grep, they're easier to search.
This change converts all Payloads to this format if there is more than
one payload to choose from.
It also alphabetizes the payloads, so the order can be more predictable,
and for long sets, easier to scan with eyeballs.
See:
https://github.com/bbatsov/ruby-style-guide#collections
2013-09-24 12:33:31 -05:00
4bff8f2cdc
Update descriptions for clarity.
2013-09-23 13:48:23 -05:00
1fc849bdd5
Land #2188 , @m-1-k-3's module for OSVDB 90221
2013-09-23 11:44:43 -05:00
71d74655f9
Modify description
2013-09-23 11:44:04 -05:00
0eb838156b
Land #2390 - Use payload.encoded because BadChars are defined
2013-09-19 22:10:55 -05:00
1a00cce8a9
Clean up
2013-09-19 11:51:07 -05:00
926ddf35bc
Fix possible collisions on binding port and handle rex socket
2013-09-19 08:23:25 -05:00
accad24f31
Use payload.encoded because BadChars are defined
2013-09-18 13:03:35 -05:00
61ab0e245c
Add Context to rex sockets plus track them with add_socket
2013-09-18 12:39:08 -05:00
1988085a94
Fix possible port conflict
2013-09-18 12:24:36 -05:00
adc1bd9c65
changes made to astium_sqli_upload based on suggestions
2013-09-18 16:52:31 +07:00
82aa3f97b0
added Astium confweb 25399 RCE
2013-09-17 12:32:10 +07:00
b4b7cecaf4
Various minor desc fixes, also killed some tabs.
2013-09-16 15:50:00 -05:00
f89af79223
Correct OSVDB for sophos sblistpack exploit
2013-09-16 15:41:50 -05:00
c18c41d8ea
Don't hidde exceptions
2013-09-16 09:26:13 -05:00
86e5163cad
Fix Indentation and cleanup
2013-09-16 09:19:26 -05:00
62cf9cb07c
Retab changes for PR #2188
2013-09-16 09:09:16 -05:00
842dba20b9
Merge for retab
2013-09-16 09:08:36 -05:00
ac90cd1263
Land #2248 - Fix dlink upnp exec noauth
2013-09-12 15:10:20 -05:00
c3ff9a03d8
Add module for CVE-2013-4983
2013-09-09 23:26:10 -05:00
f780a41f87
Retab changes for PR #2248
2013-09-05 14:12:24 -05:00
554d1868ce
Merge for retab
2013-09-05 14:12:18 -05:00
84aaf2334a
Retab new material
2013-09-03 11:47:26 -05:00
0c1e6546af
Update from master
2013-09-03 11:45:39 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
0bfc12ada1
Fix the way to get a session over a telnet connection
2013-08-27 11:38:49 -05:00
7b555679e6
Really delete the telnet target
2013-08-19 15:06:47 -05:00
d64c8748e8
Fix descriptions and names
2013-08-19 15:05:27 -05:00
232289d500
Add new module to exploit to through telnet dlink_upnp_exec_noauth
2013-08-19 15:01:29 -05:00
846925e3ba
Delete telnet target from dlink_upnp_exec_noauth
2013-08-19 14:56:12 -05:00
c902b0ea4b
removed user and pass option
2013-08-19 18:07:11 +02:00
5fc806e3e0
little fixes
2013-08-18 16:18:27 +02:00
9ae977ec80
Merge branch 'raidsonic_telnet' of https://github.com/jvazquez-r7/metasploit-framework into raidsonic-ib5220-exec
...
Conflicts:
modules/exploits/linux/http/raidsonic_nas_ib5220_exec_noauth.rb
2013-08-18 15:56:39 +02:00
462ccc3d36
Missed these little devils
2013-08-15 16:50:13 -05:00
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
7a8bafd82c
Beautify
2013-08-14 13:50:08 -05:00
90aec6cff5
Fix telnet negotiation for the raidsonic case
2013-08-14 13:38:51 -05:00
178a7b0dbb
Fix author's email format
2013-08-14 11:56:47 -05:00
2a4b8e4a64
Add useful comment
2013-08-14 11:49:32 -05:00
e6c36864c4
Fix telnet related stuff
2013-08-14 11:47:57 -05:00
6b87240323
thx to juan ... session stuff looks better
2013-08-14 16:51:09 +02:00
5436ec7dd3
Title change for dlink_dir300_exec_telnet
...
Title change for dlink_dir300_exec_telnet. Also correct the email
format.
2013-08-09 15:41:50 -05:00
74eeacf9f2
Fix regex
2013-08-08 08:40:45 -05:00
821673c4d2
Try to fix a little description
2013-08-07 10:26:39 -05:00
33ac0c5c3f
Make exploit more print friendly
2013-08-07 10:21:14 -05:00
32436973e4
Land #2192 , @m-1-k-3's exploit for OSVDB-89861
2013-08-07 10:16:49 -05:00
ae685ac41d
Beautify description
2013-08-07 09:52:29 -05:00
afb8a95f0a
Land #2179 , @m-1-k-3's exploit for OSVDB-92698
2013-08-07 09:00:41 -05:00
885417c9d9
removing config file from target
2013-08-06 15:11:54 +02:00
dd35495fb8
dir 300 and 600 auxiliary module replacement
2013-08-05 22:28:59 +02:00
786f16fc91
feedback included
2013-08-05 21:55:30 +02:00
2efc2a79bf
fail with
2013-08-05 21:41:28 +02:00
e7206af5b5
OSVDB and comment doc fixes
2013-08-05 09:08:17 -05:00
34134b2e11
feedback included
2013-08-04 14:45:55 +02:00
b8ed364cb8
telnet user working
2013-08-03 15:07:10 +02:00
62e3c01190
raidsonic nas - command execution
2013-08-02 21:04:19 +02:00
a19afd163a
feedback included
2013-08-02 17:30:39 +02:00
15906b76db
dir300 and 615 command injection
2013-07-31 14:36:51 +02:00
6b514bb44a
dir300 and 615 command injection telnet session
2013-07-31 14:34:03 +02:00
5efcbbd474
Land #2167 - PineApp Mail-SeCure livelog.html Exec
2013-07-29 13:18:18 -05:00
7967426db1
Land #2166 - PineApp Mail-SeCure ldapsyncnow.php EXEC
2013-07-29 13:16:42 -05:00
a1d9ed300e
Add module for ZDI-13-184
2013-07-28 09:57:41 -05:00
f4e35b62ac
Add module for ZDI-13-185
2013-07-27 12:12:06 -05:00
fab9d33092
Fix disclosure date
2013-07-27 12:10:21 -05:00
ac7bb1b07f
Add module for ZDI-13-188
2013-07-27 03:25:39 -05:00
147d432b1d
Move from DLink to D-Link
2013-07-23 14:11:16 -05:00
af1bd01b62
Change datastore options names for consistency
2013-07-22 16:57:32 -05:00
5e55c506cd
Land #2140 , add CWS as a first-class reference.
2013-07-22 13:50:38 -05:00
164153f1e6
Minor updates to titles and descriptions
2013-07-22 13:04:54 -05:00
77e8250349
Add support for CWE
2013-07-22 12:13:56 -05:00
6158415bd3
Clean CWE reference, will ad in new pr
2013-07-22 12:03:55 -05:00
da4fda6cb1
Land #2110 , @rcvalle's exploit for Foreman Ruby Injection
2013-07-22 12:02:43 -05:00
04e9398ddd
Fix CSRF regular expressions as per review
2013-07-22 13:10:56 -03:00
de6e2ef6f4
Final cleanup for dlink_upnp_exec_noauth
2013-07-22 10:53:09 -05:00
c1c72dea38
Land @2127, @m-1-k-3's exploit for DLink UPNP SOAP Injection
2013-07-22 10:52:13 -05:00
11ef4263a4
Remove call to handler as per review
2013-07-22 12:49:42 -03:00
4beea52449
Use instance variables
2013-07-19 14:46:17 -05:00
6761f95892
Change print_error/ret to fail_with as per review
2013-07-19 12:19:29 -03:00
e93eef4534
fixing server header check
2013-07-19 08:00:02 +02:00
f26b60a082
functions and some tweaking
2013-07-19 07:57:27 +02:00
a1a6aac229
Delete debug code from mutiny_frontend_upload
2013-07-18 14:03:19 -05:00
8fd6dd50de
Check session and CSRF variables as per review
2013-07-16 14:30:55 -03:00
dc51c8a3a6
Change URIPATH option to TARGETURI as per review
2013-07-16 14:27:47 -03:00
3dbe8fab2c
Add foreman_openstack_satellite_code_exec.rb
...
This module exploits a code injection vulnerability in the 'create'
action of 'bookmarks' controller of Foreman and Red Hat
OpenStack/Satellite (Foreman 1.2.0-RC1 and earlier).
2013-07-16 12:07:31 -03:00
f594c4b128
small cleanup
2013-07-15 08:48:18 +02:00
393c1b2a99
session stuff
2013-07-15 07:57:30 +02:00
a6b48f3082
HTTP GET
2013-07-14 19:02:53 +02:00
9f65264af4
make msftidy happy
2013-07-14 15:45:14 +02:00
47ca4fd48f
session now working
2013-07-14 15:42:41 +02:00
9133dbac4a
some feedback included and some playing
2013-07-14 14:14:06 +02:00
49c70911be
dlink upnp command injection
2013-07-09 13:24:12 +02:00
4df943d1a2
CVE and OSVDB update
2013-06-25 02:06:20 -05:00
81b4efcdb8
Fix requires for PhpEXE
...
And incidentally fix some msftidy complaints
2013-06-19 16:27:59 -05:00
4d26299de3
add osvdb ref 93881 and edb ref 21191
2013-06-05 18:57:33 -05:00
c705928052
Landing #1899 - Add OSVDB ref 85462 for esva_exec.rb
2013-06-03 10:40:31 -05:00
76faba60b7
add osvdb ref 85462
2013-06-03 06:16:43 -05:00
e612a3d017
add osvdb ref 77183
2013-06-03 05:42:56 -05:00
e74c1d957f
Landing #1897 - Add OSVDB ref 93444 for mutiny_frontend_upload.rb
2013-06-03 02:15:35 -05:00
c2c630c338
add osvdb ref 93444
2013-06-02 21:03:44 -05:00
bc993b76fc
add osvdb ref 82925
2013-06-02 20:43:16 -05:00
e7a1f06fbc
Modules shouldn't be +x
2013-05-29 15:11:35 -05:00
75d6c8079a
Spelling, whitespace
...
Please be sure to run msftidy.rb on new modules. Thanks!
2013-05-28 10:03:37 -05:00
bfcd86022d
Add code cleanup for nginx_chunked_size.
2013-05-22 14:37:42 -05:00
81b690ae4b
Initial check in of nginx module
2013-05-22 13:52:00 -04:00
94bc3bf8eb
Fix msftidy warning
2013-05-20 10:35:59 -05:00
395aac90c2
Do minor cleanup for linksys_wrt160nv2_apply_exec
2013-05-20 10:34:39 -05:00
08b2c9db1e
Land #1801 , @m-1-k-3's linksys wrt160n exploit
2013-05-20 10:33:44 -05:00
1a904ccf7d
tftp download
2013-05-19 20:37:46 +02:00
dfa19cb46d
Do minor cleanup for dlink_dir615_up_exec
2013-05-19 12:43:01 -05:00
348705ad46
Land #1800 , @m-1-k-3's exploit for DLINK DIR615
2013-05-19 12:42:02 -05:00
f3a2859bed
removed user,pass in request
2013-05-19 18:50:12 +02:00
aee5b02f65
tftp download check
2013-05-19 18:45:01 +02:00
4816925f83
feeback included
2013-05-19 16:19:45 +02:00
649a8829d3
Add modules for Mutiny vulnerabilities
2013-05-15 09:02:25 -05:00
981cc891bc
description
2013-05-12 20:07:32 +02:00
09bf23f4d6
linksys wrt160n tftp download module
2013-05-06 16:18:15 +02:00
22d850533a
dir615 down and exec exploit
2013-05-06 15:33:45 +02:00
60e0cfb17b
Trivial description cleanup
2013-04-29 14:11:20 -05:00
2b4144f20f
Add module for US-CERT-VU 345260
2013-04-24 10:47:16 -05:00
0115833724
SyntaxError fixes
2013-04-21 20:22:41 +00:00
19a158dce9
Do final cleanup for netgear_dgn2200b_pppoe_exec
2013-04-19 15:50:23 -05:00
c1819e6ecc
Land #1700 , @m-1-k-3's exploit for Netgear DGN2200B
2013-04-19 15:49:30 -05:00
2713991c64
timeout and HTTP_Delay
2013-04-17 20:25:59 +02:00
59045f97fb
more testing, reworking of config restore, rework of execution
2013-04-17 18:10:27 +02:00
513b3b1455
Minor cleanup on DLink module
2013-04-15 13:27:47 -05:00
a1605184ed
Landing #1719 , @m-1-k-3 dlink_diagnostic_exec_noauth exploit module
2013-04-10 11:17:29 +02:00
4f2e3f0339
final cleanup for dlink_diagnostic_exec_noauth
2013-04-10 11:15:32 +02:00
8fbade4cbd
OSVDB
2013-04-10 10:45:30 +02:00
157f25788b
final cleanup for linksys_wrt54gl_apply_exec
2013-04-09 12:39:57 +02:00
b090495ffb
Landing pr #1703 , m-1-k-3's linksys_wrt54gl_apply_exec exploit
2013-04-09 12:38:49 +02:00
b93ba58d79
EDB, BID
2013-04-09 11:56:53 +02:00
cbefc44a45
correct waiting
2013-04-08 21:40:50 +02:00
955efc7009
final cleanup
2013-04-07 17:59:57 +02:00
9f89a996b2
final regex, dhcp check and feedback from juan
2013-04-07 17:57:18 +02:00
0e69edc89e
fixing use of regex
2013-04-07 11:39:29 +02:00
6a410d984d
adding get_config where I forgot
2013-04-06 19:13:42 +02:00
9a2f409974
first cleanup for linksys_wrt54gl_apply_exec
2013-04-06 01:05:09 +02:00
ecaaaa34bf
dlink diagnostic - initial commit
2013-04-05 19:56:15 +02:00
96b444c79e
ManualRanking
2013-04-04 17:40:53 +02:00
67f0b1b6ee
little cleanump
2013-04-04 17:33:46 +02:00
f07117fe7d
replacement of wrt54gl auxiliary module - initial commit
2013-04-04 17:30:36 +02:00
ce88d8473a
cleanup for netgear_dgn1000b_setup_exec
2013-04-03 12:44:04 +02:00
3c27678168
Merge branch 'netgear-dgn1000b-exec-exploit' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-netgear-dgn1000b-exec-exploit
2013-04-03 12:43:42 +02:00
a93ec3aea3
fix name
2013-04-03 10:40:52 +02:00
2ceecabede
make msftidy happy
2013-04-03 10:34:28 +02:00
91b0e5f800
netgear dgn2200b pppoe exec exploit - initial commit
2013-04-03 10:32:52 +02:00
642d8b846f
netgear_dgn1000b_setup_exec - initial commit
2013-04-02 14:41:50 +02:00
7f3c6f7629
netgear_dgn1000b_setup_exec - initial commit
2013-04-02 14:39:04 +02:00
1b27d39591
netgear dgn1000b mipsbe exploit
2013-04-02 14:34:09 +02:00
6a6fa5b39e
module filename changed
2013-04-02 10:50:50 +02:00
b3feb51c49
cleanup for linksys_e1500_up_exec
2013-04-02 10:49:09 +02:00
5e42b8472b
Merge branch 'linksys_e1500_exploit' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-linksys_e1500_exploit
2013-04-02 10:48:28 +02:00
579c499f43
Juans SRVHOST check included
2013-04-02 07:50:51 +02:00
c386d54445
check SRVHOST
2013-04-01 18:12:13 +02:00
0f965ddaa3
waiting for payload download on linksys_e1500_more_work
2013-03-31 16:07:14 +02:00
1d6184cd63
fixed author details
2013-03-30 12:41:31 +01:00
cd8bc2f87d
description, blind exploitation info on cmd payload
2013-03-30 12:03:14 +01:00
b0a61adc23
juans feedback included
2013-03-30 11:43:10 +01:00
5fd996f775
added osvdb reference
2013-03-30 10:42:58 +01:00
3bf0046e3e
Merge branch 'hp_system_management' of https://github.com/agix/metasploit-framework into agix-hp_system_management
2013-03-30 10:42:06 +01:00
7965f54890
juans feedback included
2013-03-30 08:40:42 +01:00
607b1c5c14
little cleanup for e1500_up_exec
2013-03-29 23:16:13 +01:00
1b563ad915
stop_service
2013-03-29 22:38:06 +01:00
813ff1e61e
removed payload stuff
2013-03-29 22:32:57 +01:00
c5e358c9c3
compatible payloads
2013-03-29 20:54:35 +01:00
0164cc34be
msftidy, generate exe, register_file_for_cleanup
2013-03-29 19:00:04 +01:00
c55a3870a8
cleanup for hp_system_management
2013-03-29 18:02:23 +01:00
cfeddf3f34
cmd payload working, most feedback included
2013-03-29 14:43:48 +01:00
139926a25b
Fix msftidy Warning
2013-03-28 13:22:26 +01:00
4bcadaabc1
hp system management homepage DataValidation?iprange buffer overflow
2013-03-28 12:00:17 +01:00
dfd451f875
make msftidy happy
2013-03-27 17:46:02 +01:00
6ccfa0ec18
cleanup for dreambox_openpli_shell
2013-03-14 15:02:21 +01:00
9366e3fcc5
last adjustment
2013-03-14 11:18:52 +01:00
0140caf1f0
Merge branch 'master' of git://github.com/rapid7/metasploit-framework into openpli-shell
2013-03-14 10:55:52 +01:00
4852f1b9f7
modify exploits to be compatible with the new netcat payloads
2013-03-11 18:35:44 +01:00
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
0ae489b37b
last of revert-merge snaffu
2013-02-19 23:16:46 -06:00
3ab5585107
make msftidy happy
2013-02-16 20:49:32 +01:00
121a736e28
initial commit
2013-02-16 20:42:02 +01:00
8ddc19e842
Unmerge #1476 and #1444
...
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.
First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.
FixRM #7752
2013-02-11 20:49:55 -06:00
4c1e630bf3
BasicAuth datastore cleanup
...
cleanup all the old BasicAuth datastore options
2013-02-04 13:02:26 -06:00
c174e6a208
Correctly use normalize_uri()
...
normalize_uri() should be used when you're joining URIs. Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
690ef85ac1
Fix trailing slash problem
...
These modules require the target URI to be a directory path. So
if you remove the trailing slash, the web server might return a
301 or 404 instead of 200.
Related to: [SeeRM: #7727 ]
2013-01-28 13:19:31 -06:00
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00
f5193b595c
Update references
2012-12-10 11:42:21 -06:00
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
799c22554e
Warn user if a file/permission is being modified during new session
2012-10-24 00:54:17 -05:00
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
52feae2dcd
Add missing require
...
[FixRM #7345 ]
2012-10-15 17:18:04 -05:00
db12413b09
Convert vcms_upload to use PhpEXE
...
Incidentally adds a Linux x86 target
2012-10-12 04:29:57 -05:00
25e6990dc7
added osvdb reference
2012-09-24 21:49:32 +02:00
pyoor
jvazquez-r7
Tod Beardsley
sinn3r
James Lee
xistence
Joe Vennix
Markus Wulftange
Ramon de C Valle
jvazquez-r7
William Vu
pyoor
Tab Assassin
m-1-k-3
HD Moore
Steve Tornio
LinuxGeek247
Antoine
Tod Beardsley
agix
David Maloney
sinn3r
Christian Mehlmauer
Chris John Riley
Michael Schierl