sinn3r
5de7fff685
Credit
2013-06-21 21:38:40 -05:00
sinn3r
339f2a5c83
Hmmm, one extra ','
2013-06-21 21:29:17 -05:00
sinn3r
8d422c9a39
Forgot to randomize the fake pass and remove the payload during testing
2013-06-21 21:27:11 -05:00
sinn3r
e7d75d6d16
Add OSVDB-94038: ZPanel htpasswd Module Username Command Execution
2013-06-21 21:03:10 -05:00
Markus Wulftange
afa0e6c42a
Use CmdStagerVBS instead of CmdStagerTFTP
...
By using `php.exe` as stager, the bad characters can be completely
bypassed. This allows the use of the CmdStagerVBS, which should be
working on all supported Windows systems.
2013-06-22 01:13:03 +02:00
jvazquez-r7
f106b6db50
Add comment with the component version
2013-06-21 17:38:30 -05:00
jvazquez-r7
5fe9a80bf0
Add module for OSVDB 46578
2013-06-21 17:31:40 -05:00
jvazquez-r7
469d7b968f
Land #1997 , @wchen-r7's brute forcer login for HP SMH
2013-06-20 23:56:24 -05:00
salcho
36c3460911
changed reference
2013-06-20 18:02:25 -05:00
salcho
c1994db2a7
shorter title, included msf::post mixins, added reference and overall readability
2013-06-20 17:42:38 -05:00
William Vu
589b4be384
Land #1999 , zsh bind shell
2013-06-20 13:51:48 -05:00
William Vu
51abae1085
Land #1998 , zsh reverse shell
2013-06-20 13:51:33 -05:00
sinn3r
86fc101c1f
Add payload module bind zsh
...
For #1984
2013-06-20 13:45:02 -05:00
sinn3r
660c97f512
Add module for reverse zsh payload
...
For #1985
2013-06-20 13:40:17 -05:00
sinn3r
64cfda8dad
Final
2013-06-20 13:28:12 -05:00
sinn3r
bfb78e001a
Add HP System Management Homepage Login Utility
2013-06-20 12:54:03 -05:00
William Vu
4cc1f2440d
Land #1996 , references for several modules
2013-06-20 11:32:55 -05:00
Steve Tornio
322ba27f0f
re-order refs
2013-06-20 11:17:23 -05:00
William Vu
22026352e6
Land #1995 , OSVDB reference for Gitorious
2013-06-20 10:51:51 -05:00
William Vu
e4cbd4b174
Land #1994 , OSVDB reference for JBoss
2013-06-20 10:51:28 -05:00
Steve Tornio
66f4424202
fix formatting
2013-06-20 10:41:14 -05:00
jvazquez-r7
526b82ef63
Land #1992 , @wchen-r7's exploit for HP System Management Hompage
2013-06-20 10:34:58 -05:00
Cristiano Maruti
f78b4d8874
modified according to jvazquez-r7 feedback
2013-06-20 16:29:42 +02:00
Cristiano Maruti
4846a680db
modified according to jvazquez-r7 feedback
2013-06-20 16:19:43 +02:00
Cristiano Maruti
8e64bf3d16
modified according to jvazquez-r7 feedback
2013-06-20 16:15:28 +02:00
Steve Tornio
a3a5dec369
add osvdb ref 94441
2013-06-20 08:03:34 -05:00
Steve Tornio
abea7e6a47
add osvdb ref 76389
2013-06-20 07:55:50 -05:00
Steve Tornio
cab20062a4
add osvdb ref 84706
2013-06-20 07:38:34 -05:00
Steve Tornio
a824a0583e
add osvdb ref 89059
2013-06-20 07:34:15 -05:00
Steve Tornio
89f649ab99
add osvdb ref 89026
2013-06-20 07:28:29 -05:00
Steve Tornio
2b55e0e0a6
add osvdb ref 64171
2013-06-20 07:17:22 -05:00
Steve Tornio
d19bd7a905
add osvdb 85739, cve 2012-5159, edb 21834
2013-06-20 07:01:59 -05:00
Steve Tornio
6cc7d9ccae
add osvdb ref 85446 and edb ref 20500
2013-06-20 06:54:06 -05:00
Steve Tornio
ee21120c04
add osvdb ref 85509
2013-06-20 06:47:10 -05:00
Steve Tornio
ade970afb8
add osvdb ref 89322
2013-06-20 06:44:22 -05:00
Steve Tornio
42690a5c48
add osvdb ref 77492
2013-06-20 06:38:47 -05:00
Steve Tornio
0dca5ede7e
add osvdb ref 78480
2013-06-20 06:07:08 -05:00
Steve Tornio
29bc169507
add osvdb ref 64171
2013-06-20 06:00:05 -05:00
Cristiano Maruti
a5332e5ed2
Module was updated to support WebSphere AS running seam-2.
...
msf auxiliary(jboss_seam_exec) > run
[*] Found right index at [0] - getRuntime
[*] Index [1]
[*] Index [2]
[*] Index [3]
[*] Index [4]
[*] Index [5]
[*] Found right index at [6] - exec
[*] Index [7]
[*] Index [8]
[*] Index [9]
[*] Index [10]
[*] Index [11]
[*] Index [12]
[*] Index [13]
[*] Index [14]
[*] Index [15]
[*] Index [16]
[*] Index [17]
[*] Index [18]
[*] Index [19]
[*] Index [20]
[*] Index [21]
[*] Index [22]
[*] Index [23]
[*] Index [24]
[*] Target appears VULNERABLE!
[*] Sending remote command:pwd
[*] Exploited successfully
[*] Auxiliary module execution completed
2013-06-20 12:17:07 +02:00
sinn3r
8dfe9b5318
Add login feature
2013-06-20 04:16:23 -05:00
sinn3r
ebde05b783
Improve check
2013-06-20 03:18:33 -05:00
sinn3r
20621d17de
Add CVE-2013-3576 - HP System Management Homepage exploit
2013-06-20 03:08:42 -05:00
William Vu
df27e3e76c
Land #1991 , OSVDB reference for Canon
2013-06-19 23:17:30 -05:00
Steve Tornio
55312529d2
add osvdb ref 94417
2013-06-19 23:13:45 -05:00
jvazquez-r7
494ee160af
Fix indent
2013-06-19 23:12:12 -05:00
jvazquez-r7
2d99c46414
Land #1990 , @wchen-r7's exploit for Libretto CMS
2013-06-19 23:11:34 -05:00
sinn3r
079477c57d
Commit final version
2013-06-19 20:35:24 -05:00
salcho
db935498ab
admin_me modified according to msftidy
2013-06-19 18:14:32 -05:00
salcho
8afbcd6931
added admin_me.rb as post->manage script
2013-06-19 17:54:13 -05:00
sinn3r
eec65346cb
Land #1988 - Fix requires for PhpEXE
2013-06-19 17:01:23 -05:00