jvazquez-r7
8ac01d3b8e
Fix description and make it aggressive
2013-08-12 11:19:25 -05:00
David Maloney
c9bd791ff6
fix smart_migrate choice order
...
was trying winlogon first
should do explorer first
2013-08-12 11:02:27 -05:00
Nathan Einwechter
7854c452d2
Added more payload padding
2013-08-12 11:10:10 -04:00
Nathan Einwechter
9f33a59dc2
Fix target ret
2013-08-12 11:04:55 -04:00
Nathan Einwechter
6f96445b42
Change target ret/cleanup
2013-08-12 10:13:48 -04:00
Nathan Einwechter
a35d548979
Use HttpClient
2013-08-12 10:01:01 -04:00
sinn3r
c87db60d2a
Land #2207 - HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
2013-08-12 01:19:01 -05:00
bcoles
d63d7bc7da
Add Open-FTPD 1.2 Writable Directory Traversal Execution
2013-08-12 08:49:49 +09:30
Nathan Einwechter
896320ed42
fix typo
2013-08-11 16:48:43 -04:00
Nathan Einwechter
4b14fa53e0
tidy debugs
2013-08-11 16:39:41 -04:00
Nathan Einwechter
90ef224c46
Implement CVE-2012-5019
2013-08-11 16:33:40 -04:00
jvazquez-r7
f2e5092fd5
Add module for ZDI-13-179
2013-08-10 18:44:33 -05:00
Nathan Einwechter
185ef2ecae
msftidy
2013-08-10 16:01:44 -04:00
Nathan Einwechter
6fe4e3dd0e
Added Intrasrv 1.0 BOF
2013-08-10 15:56:07 -04:00
jvazquez-r7
6a196d0a40
Land #2205 , @wchen-r7 and @m-1-k-3's change for dlink_dir300_exec_telnet
2013-08-09 15:58:07 -05:00
jvennix-r7
8278808a37
Merge pull request #2204 from todb-r7/bug/undo-optstring-validator
...
Revert "OptString specs and better validation"
2013-08-09 13:42:46 -07:00
sinn3r
5436ec7dd3
Title change for dlink_dir300_exec_telnet
...
Title change for dlink_dir300_exec_telnet. Also correct the email
format.
2013-08-09 15:41:50 -05:00
Tod Beardsley
81defe8113
Add the string_list.txt fixture back
2013-08-09 15:39:40 -05:00
Tod Beardsley
02f460287b
Revert "OptString specs and better validation"
...
This reverts commit d66779ba4c
.
Specifically, this commit was causing trouble when a datastore was
getting an Integer. For some reason (as yet undiscovered), the option
normalizer wasn't trying to Integer#to_s such arguments.
This kind of thing is going to happen a lot. For now, I'd rather just
end up with the ducktype, and attack the normalizer in a seperate fix.
2013-08-09 15:30:42 -05:00
sinn3r
4558aca7ca
Land #2136 - Removed requirement for note.data to be present
2013-08-09 15:29:25 -05:00
sinn3r
5128458c90
Land #2201 - Better check for ppr_flatten_rec
2013-08-09 14:44:23 -05:00
sinn3r
021c358159
Land #2203 - Fix regex for x64 detection
2013-08-09 13:23:38 -05:00
Tod Beardsley
6c0b067d7c
Land #2163 , known secret session cookie for RoR
...
From @joernchen, leverages an infoleak to gain a shell on rails
applications. There is no patch, since you are expected to keep your
secrets, well, secret.
2013-08-09 12:30:37 -05:00
Tod Beardsley
969b380d71
More explicit title, grammar check on description
2013-08-09 12:27:45 -05:00
Tod Beardsley
13ea8aaaad
VALIDATE_COOKIE better grammar on fail message
2013-08-09 12:26:12 -05:00
Tod Beardsley
94e7164b01
Allow user to choose to validate the cookie or not
2013-08-09 12:22:28 -05:00
joernchen of Phenoelit
376c37d4cc
Two more fixes, Arch and unneeded include.
2013-08-09 09:23:50 +02:00
Sagi Shahar
7178633140
Fixed architecture detection in bypassuac modules
2013-08-09 03:42:02 +02:00
Tod Beardsley
155c121cbb
More spacing between ends
2013-08-08 16:35:38 -05:00
Tod Beardsley
f4fc0ef3fb
Moved classes into the Metasploit3 space
...
I'm just worried about all those naked classes just hanging around in
the top namespace. This shouldn't impact functionality at all.
While most modules don't define their own classes (this is usually the
job of Msf::Exploit and Rex), I can't think of a reason why you
shouldn't (well, aside from reusability). And yet, very rarely do
modules do it. It's not unknown, though -- the drda.rb capture module
defines a bunch of Constants, and the
post/windows/gather/credentials/bulletproof_ftp.rb module defines some
more interesting things.
So, this should be okay, as long as things are defined in the context of
the Metasploit module proper.
2013-08-08 16:22:34 -05:00
Tod Beardsley
4e166f3da4
Adding more blank lines between methods
...
For readability
2013-08-08 16:20:38 -05:00
jvazquez-r7
567873f3cc
Use normalize_uri a little better
2013-08-08 15:12:51 -05:00
jvazquez-r7
4a609504e3
Land #2199 , @jlee-r7's exploit for CVE-2013-4211
2013-08-08 14:57:28 -05:00
jvazquez-r7
06ebc686c4
Land #2194 , @CharlieEriksen exploit for CVE-2013-5036
2013-08-08 14:50:28 -05:00
jvazquez-r7
40a61ec654
Do minor cleanup
2013-08-08 14:47:46 -05:00
Meatballs
318280fea7
Add 7/2k8 RTM versions
2013-08-08 20:02:14 +01:00
Meatballs
d64352652f
Adds unsupported Vista versions
2013-08-08 19:58:40 +01:00
Meatballs
08c32c250f
File versions
2013-08-08 19:42:14 +01:00
sinn3r
a03d71d60e
Land #2181 - More targets for hp_sys_mgmt_exec
...
Thanks mwulftange!
2013-08-08 13:35:33 -05:00
sinn3r
a73f87eaa5
No autodetect. Allow the user to manually select.
2013-08-08 13:34:25 -05:00
Charlie Eriksen
28b36ea29b
Removing a space at EOL I missed.
2013-08-08 14:30:53 -04:00
Charlie Eriksen
1c6e994fe8
Adding improvements based on Juan's feedback
2013-08-08 14:29:35 -04:00
sinn3r
84090b73b1
Land #2197 - Tabassassin msftidy
2013-08-08 13:15:32 -05:00
James Lee
080ca0b1b1
Use fail_with when failing instead of print_error
2013-08-08 13:12:39 -05:00
jvazquez-r7
a7c80ebfc2
Land #2185 , @bmerinofe's post module for dns cache dumping
2013-08-08 12:49:37 -05:00
jvazquez-r7
5d0e868701
Land #2192 after cleanup
2013-08-08 08:44:17 -05:00
jvazquez-r7
74eeacf9f2
Fix regex
2013-08-08 08:40:45 -05:00
James Lee
ca7c0defe1
No need to rescue if we're just re-raising
2013-08-07 17:36:07 -05:00
James Lee
c808930f15
Add module for CVE-2013-4211, openx backdoor
2013-08-07 17:24:47 -05:00
root
3a24765585
Adding CVE ID
2013-08-07 18:11:43 -04:00