Commit Graph

394 Commits (a1bc48ebc28171734d9db18bf87015744f0dd421)

Author SHA1 Message Date
jvazquez-r7 2df237b066 minor fixes 2012-06-18 22:44:17 +02:00
modpr0be d706199a83 fix all changes suggested by jvazquez-r7 2012-06-19 02:05:25 +07:00
jvazquez-r7 a8a4594cd4 Documenting esi alignment plus using target_uri.to_s 2012-06-16 09:26:22 +02:00
jvazquez-r7 1d121071f3 Prepend nops to raw payload in encoder if needed 2012-06-15 09:59:10 +02:00
jvazquez-r7 091b3bbbd9 Added module plus encoder for CVE-2012-2329 2012-06-15 00:29:52 +02:00
sinn3r a071d2805e Fix the rest of possible nil res bugs I've found 2012-06-04 14:56:27 -05:00
Christian Mehlmauer 3752c10ccf Adding FireFart's RPORT(80) cleanup
This was tested by creating a resource script to load every changed
module and displaying the options, like so:

````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````

...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.

Thanks FireFart!

Squashed commit of the following:

commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Fri May 25 22:09:42 2012 +0200

    Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
sinn3r 18c8314d79 Change unknown authors to "Unknown".
Since "Anonymous" has become a well known organization, the meaning of the
term also may cause confusion.  In order to clarify, we correct unknown
authors to simply "Unknown".
2012-05-26 15:23:09 -05:00
sinn3r 7b0fbaed23 Merge pull request #417 from wchen-r7/rabidhamster
Add OSVDB-79007 - RabidHamster R4 Log Entry BoF
2012-05-25 01:11:17 -07:00
sinn3r d595f908fc Add OSVDB-79007 2012-05-25 03:06:28 -05:00
Tod Beardsley 675dfe4e14 Don't keep the weblogi return codes secret 2012-05-21 11:27:24 -05:00
sinn3r f9bcb95952 Correct EDB references 2012-05-19 02:24:29 -05:00
jvazquez-r7 bedf010676 description modified 2012-05-18 01:23:09 +02:00
jvazquez-r7 e7f5bf132c trying to improve bea weblogic connector bof 2012-05-18 01:13:56 +02:00
sinn3r c0d17734ed Improve run-on sentences. 2012-05-17 15:00:00 -05:00
jvazquez-r7 c4ab521d7b better tab indentation 2012-05-17 21:41:31 +02:00
jvazquez-r7 a21e832336 fingerprinting bea connector with Transfer-Encoding 2012-05-17 19:21:16 +02:00
jvazquez-r7 9a5e4d6500 Added target BEA Weblogic 8.1 SP4 2012-05-17 11:07:22 +02:00
jvazquez-r7 445bd90afb Added module for CVE-2008-3257 2012-05-17 10:28:18 +02:00
Tod Beardsley 65800f7c6e Whitespace on solarwinds 2012-05-09 12:47:22 -05:00
HD Moore f6c88377f4 Fixes #362 by changing the exitfunction arguments to be the correct type 2012-05-07 02:41:08 -05:00
Steve Tornio ba4ae384d7 add osvdb ref 2012-05-05 10:14:07 -05:00
sinn3r d5d35551ab Add EDB reference 2012-05-04 00:11:29 -05:00
sinn3r 25b11a02b5 Update the comment for check() 2012-05-03 20:37:36 -05:00
sinn3r 4bf674ece6 Pff, and of course, I had to make a typo on that one 2012-05-03 20:34:52 -05:00
sinn3r 1a4d3f849c A little change to the description 2012-05-03 20:33:28 -05:00
sinn3r 7ca69f00b0 Add Solarwinds Storage Manager 5.1.0 SQL Injection (code execution) 2012-05-03 20:24:42 -05:00
sinn3r 4c72193922 Fix undefined method `[something]' for nil:NilClass 2012-04-24 01:46:03 -05:00
sinn3r 1e2203867c Repair 'no encoders encoded the buffer successfully' issues 2012-04-16 13:43:25 -05:00
sinn3r 05eba0ab4c Cosmetic changes, mostly :-) 2012-04-07 14:47:23 -05:00
juan 938d5d0a75 added references for cve-2012-1196 2012-04-07 20:22:59 +02:00
juan ee7bce5995 deletion of the ASP script 2012-04-07 20:19:45 +02:00
juan 8761d39190 exploit module added for CVE-2012-1195 2012-04-07 19:04:17 +02:00
Tod Beardsley 2f3bbdc00c Sed replacement of exploit-db links with EDB refs
This is the result of:

find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/\([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
sinn3r ecb1fda682 Add OSVDB-79651: NetDecision 4.5 HTTP Server Buffer Overflow 2012-03-14 05:13:22 -05:00
James Lee 70162fde73 A few more author typos 2012-03-05 13:28:46 -07:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
Tod Beardsley 829040d527 A bunch of msftidy fixes, no functional changes. 2012-02-10 19:44:03 -06:00
Jonathan Cran d9ee43d3dc add disclosure date 2012-01-31 20:38:05 -06:00
sinn3r 064a71fb1d Add CVE-2011-3167 HP OpenView NNM exploit (Feature #6245) 2012-01-18 12:05:18 -06:00
sinn3r 8eee54d1d0 Add e-mail addr for corelanc0d3r (found it in auxiliary/fuzzers/ftp/client_ftp.rb) 2012-01-09 14:23:37 -06:00
David Maloney 9cf2af6a94 Adds exploit/windows/htt/xampp_webdav_upload_php
This exploit abuses weak default passwords on XAMPP
for windows to uplaod a php payload and execute it.

Fixes #2170
2012-01-06 12:00:14 -08:00
Rob Fuller c411c216c0 Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
Patrick Webster f54b622ad3 Added BID ref for amlibweb module. 2011-11-11 12:04:40 +11:00
Wei Chen e767214411 Fix: whitespaces, svn propset, author e-mail format
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 22:02:26 +00:00
Mario Ceballos 0890cca02a much needed patch worked like a champ in my enviroment.
git-svn-id: file:///home/svn/framework3/trunk@14132 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 20:37:30 +00:00
Joshua Drake 32cde1d45a don't use the pattern creator
git-svn-id: file:///home/svn/framework3/trunk@14050 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 19:43:54 +00:00
Wei Chen fa2355a766 Damn comma
git-svn-id: file:///home/svn/framework3/trunk@14048 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 16:42:07 +00:00
Wei Chen 68286561f5 Add #5742
git-svn-id: file:///home/svn/framework3/trunk@14047 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 16:38:02 +00:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
Steve Tornio 27cba3d7ec add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@14020 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-21 11:50:59 +00:00
Wei Chen 06aa776a77 Bleh, fix BID reference
git-svn-id: file:///home/svn/framework3/trunk@14016 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 17:40:21 +00:00
Wei Chen e5f7bfceaf Add HP Power Manager module by ipax, thx!
git-svn-id: file:///home/svn/framework3/trunk@14015 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 17:29:48 +00:00
David Rude 091b9779e2 Add commas
git-svn-id: file:///home/svn/framework3/trunk@14007 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 20:41:09 +00:00
HD Moore e4290e40c4 Fix the check to not report empty user/pass
git-svn-id: file:///home/svn/framework3/trunk@13989 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:10:00 +00:00
Tod Beardsley 3c36b0c975 Msftidy: knocking out all those trailing spaces. Screw those guys.
git-svn-id: file:///home/svn/framework3/trunk@13967 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:49:49 +00:00
HD Moore cf8524b1b4 Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:53:53 +00:00
Tod Beardsley 020abd926b A handful of rankings changes, also converting whitespace.
git-svn-id: file:///home/svn/framework3/trunk@13941 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:58:20 +00:00
Wei Chen 14d7db1641 Add disclosure dates to all the exploit modules that didn't have one
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 21:09:17 +00:00
Wei Chen 2b746b3505 This module never got a ranking, adding one
git-svn-id: file:///home/svn/framework3/trunk@13934 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:07:59 +00:00
James Lee 6578874439 don't bother escaping a tick
git-svn-id: file:///home/svn/framework3/trunk@13887 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 01:45:10 +00:00
Steve Tornio 93f8d73b0c add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@13810 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-02 17:03:23 +00:00
Mario Ceballos 711bfa7d53 initial coverage for ca total defense sqli
git-svn-id: file:///home/svn/framework3/trunk@13809 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-02 15:53:44 +00:00
Mario Ceballos 6f28911d3d added patch from joshua taylor.
git-svn-id: file:///home/svn/framework3/trunk@13698 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-06 19:58:40 +00:00
Wei Chen 44ba7e80d5 This module still works against 2.5 (most current as of Sept 2 2011)
git-svn-id: file:///home/svn/framework3/trunk@13688 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 04:52:04 +00:00
Mario Ceballos aef764de08 working on moving things referenced in Feature #653. added different param for secure backup
git-svn-id: file:///home/svn/framework3/trunk@13591 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 18:35:29 +00:00
Wei Chen 950a4215a0 Fix a problem where resp.index() might return nil
git-svn-id: file:///home/svn/framework3/trunk@13521 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 09:03:19 +00:00
Wei Chen a0168d59a8 Minor fix to comply with the 100 columns per line guideline
git-svn-id: file:///home/svn/framework3/trunk@13467 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 21:20:29 +00:00
David Rude bee7fba3c8 Small typo fix and some minor formatting
git-svn-id: file:///home/svn/framework3/trunk@13466 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 19:34:01 +00:00
David Rude 118ca372b3 adding CA Arcserve D2D GWT Credential Information Disclosure module
git-svn-id: file:///home/svn/framework3/trunk@13465 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 14:40:52 +00:00
Wei Chen 6fc59d5287 Fill in BID reference
git-svn-id: file:///home/svn/framework3/trunk@13330 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:42:40 +00:00
Wei Chen f47a2c7565 Format dictatorship round 2: Fix author e-mail format for all exploit modules
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 20:17:58 +00:00
Wei Chen 681563adc9 Fix that extra tab in the description
git-svn-id: file:///home/svn/framework3/trunk@13194 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 05:21:20 +00:00
Wei Chen 2e93ba06ba Add HP NNM ToolBar.exe exploit aganist the OvOSLocale cookie parameter
git-svn-id: file:///home/svn/framework3/trunk@13193 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 05:14:33 +00:00
Wei Chen 86b40e894b Make room for another exploit against ToolBar.exe
git-svn-id: file:///home/svn/framework3/trunk@13192 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 04:45:21 +00:00
Wei Chen 5b69b52ec4 "InitialAutoRunScript" is more like it
git-svn-id: file:///home/svn/framework3/trunk@13142 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 07:28:12 +00:00
HD Moore d11e1f3294 Make all keywords consistent for modules.
git-svn-id: file:///home/svn/framework3/trunk@12936 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-13 03:38:31 +00:00
David Rude 04d280fdd0 minor fixes
git-svn-id: file:///home/svn/framework3/trunk@12925 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 00:04:55 +00:00
David Rude ee7454c5e6 Added IBM Tivoli Endpoint Manager HTTP POST query buffer overflow exploit
git-svn-id: file:///home/svn/framework3/trunk@12922 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 23:48:18 +00:00
David Rude a8b6c43636 reverting the disclosure dates for now need to clean up the patch
git-svn-id: file:///home/svn/framework3/trunk@12540 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 20:43:19 +00:00
David Rude 3b7ea08f6a Fixes a ton of Disclosure Date discrepencies in various modules, thanks a ton to Michael Baker for spending the time to ensure accuracy
git-svn-id: file:///home/svn/framework3/trunk@12539 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:17:31 +00:00
Patrick Webster e9e8026832 Fixed author name in modules for myself.
git-svn-id: file:///home/svn/framework3/trunk@12292 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 02:25:36 +00:00
David Rude 82f5206bc7 change the filename to reflect the vendor
git-svn-id: file:///home/svn/framework3/trunk@12281 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 14:06:10 +00:00
David Rude 53790c1afb Change Vendor name, forgot one target uri fixup
git-svn-id: file:///home/svn/framework3/trunk@12275 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 23:31:12 +00:00
David Rude 892e241853 Added Netflow Apps Manager Remote Code Execution exploit
git-svn-id: file:///home/svn/framework3/trunk@12272 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 21:01:34 +00:00
Wei Chen 904b02c44f Need to track who committed what
git-svn-id: file:///home/svn/framework3/trunk@12271 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 21:01:20 +00:00
Steve Tornio 5b79e6b4ec add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@12132 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 11:28:57 +00:00
Mario Ceballos c162c0f429 added exploit module hp_nnm_getnnmdata_hostname.rb. now 49 on the list.
git-svn-id: file:///home/svn/framework3/trunk@12131 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 00:46:59 +00:00
Wei Chen aa24f29a03 Fixed nops
git-svn-id: file:///home/svn/framework3/trunk@12124 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 13:51:13 +00:00
Wei Chen c9eef9ffe5 Fixed typo
git-svn-id: file:///home/svn/framework3/trunk@12123 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 13:31:58 +00:00
Wei Chen a05866385f Added target 7.50, provided by MC
git-svn-id: file:///home/svn/framework3/trunk@12122 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 02:48:04 +00:00
Steve Tornio d9dd2a3058 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@12121 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 00:49:33 +00:00
Mario Ceballos 342d55ac00 heh, a couple for the hp_nnm party. add exploit modules hp_nnm_getnnmdata_icount.rb hp_nnm_getnnmdata_maxage.rb
git-svn-id: file:///home/svn/framework3/trunk@12117 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 21:57:16 +00:00
Wei Chen 1a42a87a65 Added 2011-0267 (exploiting "schdParams" of HP NNM's nnmRptConfig.exe)
git-svn-id: file:///home/svn/framework3/trunk@12116 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 21:35:13 +00:00
Joshua Drake 6fa39eb32c merge my work on cve-2010-2703
git-svn-id: file:///home/svn/framework3/trunk@12101 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 16:04:45 +00:00
Joshua Drake efd7b84cc5 change rank / add http fingerprint
git-svn-id: file:///home/svn/framework3/trunk@12100 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 16:02:53 +00:00
Joshua Drake dd5e7f9286 merge in my wacky cve-2010-2709 work
git-svn-id: file:///home/svn/framework3/trunk@12099 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:55:52 +00:00
Joshua Drake 1460d161da add exploit for cve-2010-1552
git-svn-id: file:///home/svn/framework3/trunk@12098 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:47:20 +00:00
Joshua Drake 11e442ed47 add exploit for cve-2010-1964
git-svn-id: file:///home/svn/framework3/trunk@12097 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:45:48 +00:00