sinn3r
e5dc6a9911
Update exploit checks
...
Progress group 1: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
2014-01-20 14:26:10 -06:00
jvazquez-r7
7f9f4ba4db
Make gsubs compliant with the new indentation standard
2013-12-31 11:06:53 -06:00
Tod Beardsley
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
Tod Beardsley
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
Tab Assassin
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
Tod Beardsley
11e9cca855
Spelling and description touch ups.
2013-07-29 10:57:19 -05:00
Sean Verity
dff35c0820
Minor update to Target Selection. Refer to comments on #2128 .
2013-07-24 19:02:47 -04:00
Sean Verity
f16ed32848
Added '2003 R2 SP2' to target selection
2013-07-19 09:57:09 -04:00
sinn3r
1a01d6d033
Fix scrutinizer checks
2013-01-31 14:48:54 -06:00
egypt
5332e80ae9
Fix errant use of .to_s instead of .path
2013-01-31 14:18:42 -06:00
sinn3r
690ef85ac1
Fix trailing slash problem
...
These modules require the target URI to be a directory path. So
if you remove the trailing slash, the web server might return a
301 or 404 instead of 200.
Related to: [SeeRM: #7727 ]
2013-01-28 13:19:31 -06:00
sinn3r
5bc1066c69
Change how modules use the mysql login functions
2013-01-07 16:12:10 -06:00
Tod Beardsley
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
Christian Mehlmauer
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
Christian Mehlmauer
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00
sinn3r
31e2a164a9
MySQL file priv gets a ref from OSVDB
2012-12-10 12:15:44 -06:00
sinn3r
23d0ffa3ab
Dang it, grammar fail.
2012-12-09 01:39:24 -06:00
jvazquez-r7
6d3d4c1d84
Added support for FileDropper
2012-12-06 12:03:17 +01:00
sinn3r
18f4df0a38
Fix weird indent prob
2012-12-06 03:58:16 -06:00
sinn3r
a90ed82413
Correct CVE format
2012-12-06 03:57:46 -06:00
sinn3r
2b96c4e2a5
Add Kingcope's MySQL 'Stuxnet' technique exploit
...
Because why not. One more trick to a pentest + coverage = better.
2012-12-06 03:56:23 -06:00
Chris John Riley
f88ec5cbc8
Add normalize_uri to modules that may have
...
been missed by PULL 1045.
Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)
ref --> https://github.com/rapid7/metasploit-framework/pull/1045
2012-11-08 17:42:48 +01:00
sinn3r
799c22554e
Warn user if a file/permission is being modified during new session
2012-10-24 00:54:17 -05:00
sinn3r
b4b860f356
Correct MC's name
2012-08-08 14:16:02 -05:00
sinn3r
7221420267
When it hangs, it's actually the correct behavior, not a failure.
2012-08-07 15:00:08 -05:00
sinn3r
0f37c1704d
Add vendor's name in there fore better searching
2012-08-07 12:17:41 -05:00
sinn3r
5f4297a68a
I tested it 9.5.2 too
2012-08-07 11:01:08 -05:00
sinn3r
3ba73c4f7f
Fix check() function
2012-08-07 11:00:12 -05:00
sinn3r
6b4ae94dce
Add CVE-2012-3951 Scrutinizer NetFlow and sFlow Analyzer exploit
...
This uses a default MySQL admin credential to write a php file to
the web directory, extracts our malicious executable, and then
finally execute it. We get SYSTEM.
2012-08-07 03:19:44 -05:00
HD Moore
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
Tod Beardsley
3c36b0c975
Msftidy: knocking out all those trailing spaces. Screw those guys.
...
git-svn-id: file:///home/svn/framework3/trunk@13967 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:49:49 +00:00
James Lee
c412a836ed
add VERBOSE option to all modules and vprint_* methods to use it
...
git-svn-id: file:///home/svn/framework3/trunk@13183 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 15:33:35 +00:00
David Rude
a8b6c43636
reverting the disclosure dates for now need to clean up the patch
...
git-svn-id: file:///home/svn/framework3/trunk@12540 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 20:43:19 +00:00
David Rude
3b7ea08f6a
Fixes a ton of Disclosure Date discrepencies in various modules, thanks a ton to Michael Baker for spending the time to ensure accuracy
...
git-svn-id: file:///home/svn/framework3/trunk@12539 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:17:31 +00:00
Tod Beardsley
42531e097f
Fixes #3916 . Adds a module for mysql delivery of a payload via a UDF, using Bernardo's quite excellent UDF libraries.
...
git-svn-id: file:///home/svn/framework3/trunk@11899 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-08 22:42:26 +00:00
Joshua Drake
128e0515ef
stop perpetuating the ambiguity!
...
git-svn-id: file:///home/svn/framework3/trunk@9262 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-09 17:45:00 +00:00
Joshua Drake
0ea6eca4bc
big module whitespace/formatting cleanup pass
...
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 08:40:19 +00:00
Joshua Drake
31949c4343
svn keywords fixups
...
fixed a bunch of $Id$ and $Revision$ typos
added keywords property to files missing it
git-svn-id: file:///home/svn/framework3/trunk@8242 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-26 20:12:13 +00:00
Joshua Drake
ff83f1cd2f
add ranking to every exploit module, pfew!
...
git-svn-id: file:///home/svn/framework3/trunk@7724 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:50:37 +00:00
HD Moore
f8c2a203fd
OSVDB references updates from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@6812 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-16 16:02:24 +00:00
kris
37c2e301ed
replacing defunct framework URL in header comments in most modules and pcap_log
...
git-svn-id: file:///home/svn/framework3/trunk@6479 4d416f70-5f16-0410-b530-b9f4589650da
2009-04-13 14:33:26 +00:00
Ramon de C Valle
f124597a56
Code cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 21:03:39 +00:00
HD Moore
fd256ec4a1
This massive commit changes the metasploit 3 module format. The new syntax allows for greater scalability and future improvements to the metasploit module loader. This change also makes it easier for users to add new modules, since the class name no longer needs to match the directory structure.
...
git-svn-id: file:///home/svn/framework3/trunk@5709 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-02 05:23:59 +00:00
Mario Ceballos
d41a814ed5
added exploit modules mysql_yassl(win32/linux) and realplayer_console from EB.
...
git-svn-id: file:///home/svn/framework3/trunk@5463 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-01 11:22:32 +00:00