andurin
67e6c7b850
tomcat_mgr_deploy may report successful creds
...
Using following code for 'check' as 'exploit':
report_auth_info(
:host => rhost,
:port => rport,
:sname => (ssl ? "https" : "http"),
:user => datastore['BasicAuthUser'],
:pass => datastore['BasicAuthPass'],
:proof => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}",
:active => true
)
Resulting in:
Credentials
===========
host port user pass type active?
---- ---- ---- ---- ---- -------
192.168.x.xxx 8080 tomcat s3cret password true
2012-04-06 10:45:10 -05:00
Tod Beardsley
14e3cd75dc
Revert "tomcat_mgr_deploy may report successful creds"
...
This reverts commit 937f8f035a
.
2012-04-05 16:17:06 -05:00
sinn3r
8628991b1d
Merge pull request #305 from jlee-r7/bap-refactor
...
Bap refactor
2012-04-05 08:02:43 -07:00
andurin
937f8f035a
tomcat_mgr_deploy may report successful creds
2012-04-05 11:09:56 +02:00
James Lee
974d95b175
Both of these are obsoleted by java_atomicreferencearray
2012-04-03 18:23:42 -06:00
sinn3r
bd5f43c918
Add another good reference by @mihi42
2012-04-01 01:30:50 -05:00
sinn3r
bab4cddd83
Add Jeroen Frijters for finding/reporting the bug
2012-03-31 03:01:09 -05:00
James Lee
cc54a260f5
Merge remote branch 'upstream/master'
2012-03-30 14:31:12 -06:00
James Lee
0547369966
Add bap support for flash mp4 and new java bug
...
Also fixes a silly issue where adobe_flash_mp4_cprt was adding the
/test.mp4 resource after every request instead of just once at startup.
2012-03-30 12:59:07 -06:00
Steve Tornio
ae21c05e69
add osvdb ref
2012-03-30 07:26:07 -05:00
sinn3r
e018c6604f
Modify CVE-2012-0507
2012-03-30 02:06:56 -05:00
Tod Beardsley
f069a32223
Merge pull request #288 from wchen-r7/cve_2012_0507
...
Adding sinn3r and juan's exploit for CVE-2012-0507. Blog post coming soon.
2012-03-29 08:46:49 -07:00
sinn3r
791ebdb679
Add CVE-2012-0507 (Java)
2012-03-29 10:31:14 -05:00
Tod Beardsley
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
Tod Beardsley
23c9c51014
Fixing CVE format on sit_file_upload.
2012-03-21 09:59:20 -05:00
sinn3r
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
sinn3r
7c77fe20cc
Some variables don't need to be in a double-quote.
2012-03-17 20:37:42 -05:00
Tod Beardsley
e3f2610985
Msftidy run through on the easy stuff.
...
Still have some hits, but that requires a little more code contortion to
fix.
2012-03-15 17:06:20 -05:00
Tod Beardsley
9144c33345
MSFTidy check for capitalization in modules
...
And also fixes up a dozen or so failing modules.
2012-03-15 16:38:12 -05:00
sinn3r
5250b179c8
Add CVE and OSVDB ref
2012-03-15 04:40:27 -05:00
James Lee
8d93e3ad44
Actually use the password we were given...
2012-03-08 10:17:39 -07:00
James Lee
02ea38516f
Add a check method for tomcat_mgr_deploy
2012-03-06 23:22:44 -07:00
sinn3r
22a12a6dfc
Add Lotus CMS exploit (OSVDB-75095)
2012-03-06 11:36:28 -06:00
James Lee
464cf7f65f
Normalize service names
...
Downcases lots and standardizes a few. Notably, modules that reported a
service name of "TNS" are now "oracle". Modules that report http
now check for SSL and report https instead.
[Fixes #6437 ]
2012-02-21 22:59:20 -07:00
HD Moore
4932a9ca25
Dont dump an HTML document to the console
2012-02-21 23:45:25 -06:00
Tod Beardsley
4a631e463c
Module title normalization
...
Module titles should read like titles. For
capitalization rules in English, see:
http://owl.english.purdue.edu/owl/resource/592/01/
The only exceptions are function names (like 'thisFunc()') and specific
filenames (like thisfile.ocx).
2012-02-21 11:07:44 -06:00
HD Moore
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
HD Moore
af56807668
Cleanup the titles of many exploit modules
2012-02-20 19:25:55 -06:00
sinn3r
5bb9afe789
Correct disclosure date format
2012-02-16 18:15:51 -06:00
Joshua J. Drake
01a6b02c3e
Add exploit for CVE-2012-0209, thx eromang!
2012-02-16 03:10:55 -06:00
Joshua J. Drake
d2444e1cf6
fix a few typos
2012-02-16 03:10:22 -06:00
Tod Beardsley
829040d527
A bunch of msftidy fixes, no functional changes.
2012-02-10 19:44:03 -06:00
Jonathan Cran
c3bd151197
add a ranking
2012-01-31 20:43:32 -06:00
Steve Tornio
e392958d90
add osvdb ref
2012-01-31 07:06:33 -06:00
sinn3r
bfd4734cbf
Forgot to add CMD as a datastore option, here it is
2012-01-30 17:34:58 -06:00
sinn3r
08134ad600
Add Exploit-DB reference
2012-01-30 16:17:25 -06:00
sinn3r
f3c340a9ab
Add vBSEO proc_deutf() Remote Code Execution (Feature #6307 )
2012-01-30 16:15:27 -06:00
sinn3r
9e5d2ff60e
Improve URI, plus some other minor changes.
2012-01-19 13:26:25 -06:00
joernchen of Phenoelit
2199cd18d7
fine tuning thx to sinn3r
2012-01-19 19:50:30 +01:00
joernchen of Phenoelit
df9380500a
disclosure date added
2012-01-19 19:19:53 +01:00
joernchen of Phenoelit
197eb16f72
gitorious remote command exec exploit
2012-01-19 11:36:08 +01:00
Tod Beardsley
7e25f9a6cc
Death to unicode
...
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.
Also adds a check in msftidy for stray unicode.
2012-01-10 14:54:55 -06:00
Tod Beardsley
e7d7302644
Dropping the umlaut, sacrificing accuracy for usability. Can't guarantee a viewer has a Unicode-capable terminal.
2012-01-09 11:22:44 -06:00
sinn3r
243dbe50f0
Correct author name. Unfortunately not all editors can print unicode correctly.
2012-01-07 15:18:25 -06:00
sinn3r
4e858aba89
Add CVE-2012-0262 Op5 welcome.php Remote Code Execution
2012-01-07 15:13:45 -06:00
sinn3r
4645c1c2b9
Add CVE-2012-0261 Op5 license.php Remote Code Execution
2012-01-07 15:12:49 -06:00
sinn3r
d484e18300
Add e-mail for tecr0c
2011-12-29 11:14:15 -06:00
sinn3r
b5b2c57b9f
Correct e-mail format
2011-12-29 10:57:00 -06:00
Steve Tornio
a00dad32fe
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2011-12-29 07:50:33 -06:00
Steve Tornio
27d1601028
add osvdb ref
2011-12-29 07:49:16 -06:00
Tod Beardsley
0e3370f1fe
Grammar and spelling on splunk and oracle exploits
2011-12-28 13:42:56 -06:00
sinn3r
101eba6aa5
Add CVE-2011-3587 Plone/Zope Remote CMD Injection (Feature #6151 )
2011-12-27 00:59:26 -06:00
sinn3r
b5b24a1fbf
Add a check. I decided not to try to login in the check function in order to remain non-malicious.
...
However, this decision doesn't represent how modules should write their own check.
2011-12-22 13:16:54 -06:00
sinn3r
262fe75e0a
Add CVE-2011-4642 - Splunk Remote Code Execution (Feature #6129 )
2011-12-22 13:04:37 -06:00
Steve Tornio
85caabbf5d
add osvdb ref
2011-12-14 07:19:34 -06:00
HD Moore
cb456337a0
Handle invalid http responses better, see #6113
2011-12-13 19:54:10 -06:00
sinn3r
d87d8d5799
Add CVE-2011-4453 (PmWiki Remote code exeuction - Feature #6103 )
2011-12-13 11:45:24 -06:00
sinn3r
32c8301c19
Add feature #6082 (Traq 2.3 Auth bypass remote code execution)
2011-12-12 15:45:19 -06:00
sinn3r
e043fb52c2
Incrase timeout
2011-12-08 11:21:03 -06:00
sinn3r
5afba20c21
Merge pull request #43 from jduck/master
...
Clear up how to use native payloads for tomcat_mgr_deploy
2011-12-06 23:01:53 -08:00
sinn3r
edec6b98ee
Add feature #6067 Family Connections CMS 2.7.1 exploit
2011-12-07 00:00:56 -06:00
Joshua J. Drake
ac7edc268a
Add some more clear documentation for selecting payloads for this module.
2011-12-05 00:35:11 -06:00
Steve Tornio
2bb97791f7
Update OSVDF refs for servu module.
...
* Added osvdb ref to servu module.
* Fixed rhino entry in osvdb, removed comment from module.
Squashed commit of the following:
commit 80ce65253f51e07a0bcb8900402a1b3d59eaeaa1
Author: Steve Tornio <swtornio@gmail.com>
Date: Fri Dec 2 07:44:28 2011 -0600
add osvdb ref
commit 558f20d84dd705b57b7f807a5ea3815e17b6f9f5
Author: Steve Tornio <swtornio@gmail.com>
Date: Wed Nov 30 08:15:20 2011 -0600
fixed in osvdb
[Closes #39 ]
2011-12-02 13:21:41 -05:00
sinn3r
93a419c76b
Having nothing on the webpage may probably confuse some novice users. But I do like stealth.
2011-12-01 03:02:35 -06:00
sinn3r
f26f6da74b
Add CVE-2011-3544 (feature #6023 ) Java Rhino exploit
2011-11-29 18:05:20 -06:00
Tod Beardsley
f503bd9488
Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append.
2011-11-28 17:52:34 -06:00
Rob Fuller
c411c216c0
Solved most of msftidy issues with the /modules directory
2011-11-28 17:10:29 -06:00
David Maloney
4a22df4014
Fix to the axis2 Deployer exploit to add Default Target
2011-11-22 10:27:38 -08:00
David Maloney
30d1451159
Consolidation of the Axis2 Deployer Exploits
...
Fixes #5276
2011-11-22 08:47:53 -08:00
sinn3r
41d746a07a
Add Support Incident Tracker (Feature #5964 ) by Juan
2011-11-12 12:36:21 -06:00
Matt Buck
16f45fc894
Add empty directories from svn repo.
2011-11-09 18:41:40 -06:00
Wei Chen
e767214411
Fix: whitespaces, svn propset, author e-mail format
...
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 22:02:26 +00:00
Wei Chen
0dff3f3e52
Add #5682 (phpscheduleit module). Thx Juan.
...
git-svn-id: file:///home/svn/framework3/trunk@14073 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 18:06:12 +00:00
Will Vandevanter
a0d8a08851
java meterpreter should be used when the target is set to automatic
...
git-svn-id: file:///home/svn/framework3/trunk@14068 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 20:02:09 +00:00
Wei Chen
2b46420b36
check nil
...
git-svn-id: file:///home/svn/framework3/trunk@14062 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 16:19:55 +00:00
Wei Chen
7ba5a8ec4e
Module is busted when it loads, restoring to the original method. Mixin should not be loaded into an exploit
...
git-svn-id: file:///home/svn/framework3/trunk@14061 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 16:04:33 +00:00
Wei Chen
9cb54e37c5
Handle payloads better, also add a cleanup routine specifically for php/exec
...
git-svn-id: file:///home/svn/framework3/trunk@14060 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 05:25:39 +00:00
Wei Chen
2da07d4963
Fix bug #5834 (uri being nil in print_good)
...
git-svn-id: file:///home/svn/framework3/trunk@14057 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 00:40:03 +00:00
Wei Chen
3da8bb8b69
Add feature #5820 by mr_me and tecr0c
...
git-svn-id: file:///home/svn/framework3/trunk@14055 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 23:22:32 +00:00
Joshua Drake
62c8c6ea9f
big msftidy pass, ping me if there are issues
...
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
Wei Chen
975cc52bac
Fix spelling errors
...
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
Tod Beardsley
c336d063da
Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip.
...
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 04:20:53 +00:00
Tod Beardsley
94eb3ac14c
Deleting a puts statement.
...
git-svn-id: file:///home/svn/framework3/trunk@13968 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:52:10 +00:00
Tod Beardsley
30ac88694f
More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
...
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:58:53 +00:00
Tod Beardsley
020abd926b
A handful of rankings changes, also converting whitespace.
...
git-svn-id: file:///home/svn/framework3/trunk@13941 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:58:20 +00:00
Wei Chen
14d7db1641
Add disclosure dates to all the exploit modules that didn't have one
...
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 21:09:17 +00:00
Wei Chen
f2d328d969
cmd exec module should receive ExcellentRanking
...
git-svn-id: file:///home/svn/framework3/trunk@13935 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:10:53 +00:00
HD Moore
142ae9288b
Fix title
...
git-svn-id: file:///home/svn/framework3/trunk@13933 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 19:56:57 +00:00
Wei Chen
262b3bbe00
Use Rex to encode payload to base64
...
git-svn-id: file:///home/svn/framework3/trunk@13846 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 20:31:51 +00:00
Wei Chen
98157272fd
Fix indentation for exploit description
...
git-svn-id: file:///home/svn/framework3/trunk@13843 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 06:12:54 +00:00
Wei Chen
d1b1b26d01
Add Feature #5499 (Snortreport module)
...
git-svn-id: file:///home/svn/framework3/trunk@13842 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 06:10:18 +00:00
Wei Chen
44ac9d67e0
svn propset
...
git-svn-id: file:///home/svn/framework3/trunk@13831 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 17:45:15 +00:00
Steve Tornio
9ec92ee603
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13830 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 15:37:54 +00:00
HD Moore
9862987f45
Add a new module from joernchen
...
git-svn-id: file:///home/svn/framework3/trunk@13829 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-07 15:30:24 +00:00
Wei Chen
612cdc8c73
No need to check if version is 'unknown' if nothing else (other than default) is assigned to it
...
git-svn-id: file:///home/svn/framework3/trunk@13799 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-27 19:12:31 +00:00
Wei Chen
8bfdebeaf3
Handle the return value for send_request during the early stage
...
git-svn-id: file:///home/svn/framework3/trunk@13791 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-25 19:28:15 +00:00
Wei Chen
db79d21f75
Apply patch for non-default logins by jabra
...
git-svn-id: file:///home/svn/framework3/trunk@13778 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-23 02:48:48 +00:00
Jonathan Cran
064255e910
fixup the payload encoding, per joernchen's comment in the #metasploit channel.
...
git-svn-id: file:///home/svn/framework3/trunk@13747 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-17 17:48:51 +00:00
Mario Ceballos
6f28911d3d
added patch from joshua taylor.
...
git-svn-id: file:///home/svn/framework3/trunk@13698 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-06 19:58:40 +00:00
HD Moore
5fa7ddf5f4
Move this aux module out of the exploits tree
...
git-svn-id: file:///home/svn/framework3/trunk@13657 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-29 15:30:13 +00:00
Joshua Drake
496170eac1
aDjUsT tHe CaSe
...
git-svn-id: file:///home/svn/framework3/trunk@13644 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-26 23:46:49 +00:00
David Rude
ab11d3e3eb
Fix the CVE reference
...
git-svn-id: file:///home/svn/framework3/trunk@13642 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-26 15:25:27 +00:00
David Rude
76f0226ff0
Adds the RealVNC Null Authentication Bypass exploit - gj thelightcosine =)
...
git-svn-id: file:///home/svn/framework3/trunk@13641 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-26 04:40:21 +00:00
David Rude
c78ba0e4d5
hehe remove debugging put call
...
git-svn-id: file:///home/svn/framework3/trunk@13586 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:59:32 +00:00
David Rude
63e2b759e7
require the URI option
...
git-svn-id: file:///home/svn/framework3/trunk@13585 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:54:58 +00:00
David Rude
402ca57bb4
Adds Struts2 Remote Code Execution exploit CVE-2010-1870
...
git-svn-id: file:///home/svn/framework3/trunk@13584 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:52:09 +00:00
Steve Tornio
28177fd255
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13505 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 02:54:56 +00:00
HD Moore
f1afbacb2a
Cron'd
...
git-svn-id: file:///home/svn/framework3/trunk@13485 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-04 17:36:01 +00:00
James Lee
d58d061735
complain if the given applet name is not formatted correctly, fixes #5082
...
git-svn-id: file:///home/svn/framework3/trunk@13389 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 17:46:36 +00:00
Tod Beardsley
df52bfaa4f
Ensure that we check for pcaprub before doing much anything else for those modules that actually require it. In some cases, that means moving open_pcap() up to be the first method call, in others, insert check_pcaprub_loaded first. Also removes a few cases of redundant checking (the Capture mixin does all this already anyway).
...
git-svn-id: file:///home/svn/framework3/trunk@13381 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 20:21:47 +00:00
Tod Beardsley
b22ca615c7
Fixes #5038 , missed a couple mentions of Racket. Excised now for sure.
...
git-svn-id: file:///home/svn/framework3/trunk@13371 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 17:44:36 +00:00
Tod Beardsley
c54e18d757
Fixes #5038 . Removes all instances of Racket objects, as far as I can tell. If I missed any through my mighty grep -ril racket . statement, please reopen!
...
git-svn-id: file:///home/svn/framework3/trunk@13342 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 01:29:21 +00:00
Wei Chen
f47a2c7565
Format dictatorship round 2: Fix author e-mail format for all exploit modules
...
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 20:17:58 +00:00
Wei Chen
d13654740a
Update some jboss modules' metadata associated with CVE-2010-0738
...
git-svn-id: file:///home/svn/framework3/trunk@13204 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 05:18:25 +00:00
James Lee
1d25a6d7d1
add an exploit for java's rmid and rmiregistry code-execution-by-design and supporting source. fixes #4378 , thanks mihi!
...
git-svn-id: file:///home/svn/framework3/trunk@13185 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 20:42:31 +00:00
Matt Weeks
1162aafa1e
p function causes problems with rpc.
...
git-svn-id: file:///home/svn/framework3/trunk@13184 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 18:45:05 +00:00
James Lee
c412a836ed
add VERBOSE option to all modules and vprint_* methods to use it
...
git-svn-id: file:///home/svn/framework3/trunk@13183 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 15:33:35 +00:00
James Lee
8e5311cb61
File.read is not binary safe. replace it with File.open in a few places where it matters.
...
git-svn-id: file:///home/svn/framework3/trunk@12957 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 22:02:00 +00:00
James Lee
ea5dc1c85c
use the right uri for our jar when other webserver modules are running
...
git-svn-id: file:///home/svn/framework3/trunk@12944 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-14 23:57:10 +00:00
HD Moore
eea05fcaaa
Correct the parent class name
...
git-svn-id: file:///home/svn/framework3/trunk@12930 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 19:31:38 +00:00
HD Moore
7f3e2d182d
Fix Axis2 to inherit from the correct class, prevent a stack trace when a non-Remote exploit has the cleanup method called.
...
git-svn-id: file:///home/svn/framework3/trunk@12928 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 18:32:27 +00:00
HD Moore
85f5e5fb98
Fix the disclosure date to match when signing was made available to the masses
...
git-svn-id: file:///home/svn/framework3/trunk@12891 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-09 17:08:05 +00:00
HD Moore
c3c061334d
Add a "disclosure date" (applets were included in the first java release) and changing the title.
...
git-svn-id: file:///home/svn/framework3/trunk@12883 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-08 03:31:49 +00:00
James Lee
1c4bf118e8
add a version check
...
git-svn-id: file:///home/svn/framework3/trunk@12847 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 23:47:44 +00:00
James Lee
5b91eadb87
fix the string replacement and do it at setup time instead of for every request
...
git-svn-id: file:///home/svn/framework3/trunk@12747 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 19:36:12 +00:00
James Lee
cd3f306ef2
clarify info a bit; make APPLETNAME option actually do something.
...
git-svn-id: file:///home/svn/framework3/trunk@12746 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 19:13:47 +00:00
James Lee
5a54a408f5
stupid debugging stuff
...
git-svn-id: file:///home/svn/framework3/trunk@12736 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-26 19:10:54 +00:00
James Lee
c5781ae515
add support for PKCS12 (.pfx) cert/key files and cert chains in PEM files
...
git-svn-id: file:///home/svn/framework3/trunk@12735 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-26 17:52:12 +00:00
James Lee
11a1b5dcad
fix the requires for java signing.
...
git-svn-id: file:///home/svn/framework3/trunk@12719 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 18:02:02 +00:00
James Lee
812bae9df9
add support for signing applets (or any other jar) with openssl. this removes the need for a dependency on RJB
...
git-svn-id: file:///home/svn/framework3/trunk@12718 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 16:45:20 +00:00
James Lee
ef48240606
Make it obvious which exploit is handling a request
...
git-svn-id: file:///home/svn/framework3/trunk@12693 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 17:05:44 +00:00
James Lee
04efaf9281
referencing navigator.javaEnabled breaks ie6, only check navigator.javaEnabled();
...
git-svn-id: file:///home/svn/framework3/trunk@12655 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 22:44:39 +00:00
David Rude
a8b6c43636
reverting the disclosure dates for now need to clean up the patch
...
git-svn-id: file:///home/svn/framework3/trunk@12540 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 20:43:19 +00:00
David Rude
3b7ea08f6a
Fixes a ton of Disclosure Date discrepencies in various modules, thanks a ton to Michael Baker for spending the time to ensure accuracy
...
git-svn-id: file:///home/svn/framework3/trunk@12539 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:17:31 +00:00
David Rude
3b5cf3826a
Added TheLightCosines OpenSSL ChangeCipherSpec DoS aux module
...
git-svn-id: file:///home/svn/framework3/trunk@12538 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:08:28 +00:00
Steve Tornio
319b4993a4
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12397 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 19:38:42 +00:00
David Rude
0f9a232025
Added Spreecommerce Remote Code Execution exploit module - thanks joernchen
...
git-svn-id: file:///home/svn/framework3/trunk@12392 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 16:57:17 +00:00
Wei Chen
6d71990dfc
Disclosure date change
...
git-svn-id: file:///home/svn/framework3/trunk@12390 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 15:40:59 +00:00
Joshua Drake
d2374a435f
add .jar extension, thx for the contribution!
...
git-svn-id: file:///home/svn/framework3/trunk@12285 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-09 17:03:41 +00:00
Steve Tornio
46d88f54f6
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12242 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-05 01:08:07 +00:00
David Rude
0bea0233a0
add the slash =)
...
git-svn-id: file:///home/svn/framework3/trunk@12241 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-05 00:13:01 +00:00
David Rude
ce7b72bfce
Use get_uri instead of manually building the path
...
git-svn-id: file:///home/svn/framework3/trunk@12240 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-05 00:08:36 +00:00
David Rude
7816b87595
Added Zend Java Bridge exploit module java meterpreter ftw
...
git-svn-id: file:///home/svn/framework3/trunk@12239 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-04 23:39:27 +00:00
Joshua Drake
f0673cb1ac
Tweak to work with FreeBSD, thx for the patch!
...
git-svn-id: file:///home/svn/framework3/trunk@12224 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-03 17:40:45 +00:00
David Rude
c5ce597483
removing coldfusion until some general code fixes can be applied
...
git-svn-id: file:///home/svn/framework3/trunk@11995 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 21:41:47 +00:00
Mario Ceballos
dfd2df6b47
puts this in the appropiate place
...
git-svn-id: file:///home/svn/framework3/trunk@11987 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 10:22:07 +00:00
amaloteaux
5f6995e8d3
enable ntlmv2 and signing for smb client stack (pth implementation is coming), fixes #11678 and #152
...
git-svn-id: file:///home/svn/framework3/trunk@11893 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-07 19:57:53 +00:00
HD Moore
f49e040a96
This patch adds a ListenerTimeout option to multi/handler that sets a maximum wait time for sessions. This is useful to prevent leftover background handlers by unsuccessful or misconfigured post modules.
...
git-svn-id: file:///home/svn/framework3/trunk@11845 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-28 03:22:40 +00:00
Joshua Drake
1604b5616f
apply some more changes from Konrads
...
git-svn-id: file:///home/svn/framework3/trunk@11533 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-10 14:34:24 +00:00
Joshua Drake
9ef757bf17
Fixes #3387 , add the PACKAGE option to allow 3.2
...
git-svn-id: file:///home/svn/framework3/trunk@11518 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 04:11:01 +00:00
Joshua Drake
287f4c87fe
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@11516 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 01:13:26 +00:00
James Lee
a79092a0d3
this is really unlimited, but bump it a bit for possible larger payloads later.
...
git-svn-id: file:///home/svn/framework3/trunk@11474 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-04 23:37:11 +00:00
James Lee
fd1fb44bfc
add targets for windows and linux
...
git-svn-id: file:///home/svn/framework3/trunk@11345 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-15 22:46:22 +00:00
James Lee
dd6afdc74c
make these titles a little clearer
...
git-svn-id: file:///home/svn/framework3/trunk@11330 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-14 17:26:44 +00:00
James Lee
05d073c467
move the evil-looking metasploit.PayloadApplet to the more inocuous SiteLoader.class, re-enable rjb compiling for the applet class
...
git-svn-id: file:///home/svn/framework3/trunk@11249 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-07 20:43:53 +00:00
James Lee
62a425f6b6
add rjb signing back in to java_signed_applet
...
git-svn-id: file:///home/svn/framework3/trunk@11186 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 01:29:08 +00:00
Joshua Drake
26a9fe6fc7
add some missing CVE references
...
git-svn-id: file:///home/svn/framework3/trunk@11180 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 20:19:18 +00:00
Joshua Drake
d5835fe7b0
remove commented out REST portion
...
git-svn-id: file:///home/svn/framework3/trunk@11179 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 19:11:42 +00:00
Joshua Drake
98e8ec4cc9
add REST version of axis2 deployer
...
git-svn-id: file:///home/svn/framework3/trunk@11178 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 18:17:33 +00:00
James Lee
191c4e8eb7
make java_signed_applet work with generic java payloads, but keep the default target as Windows/x86 since it is by far the most common victim.
...
git-svn-id: file:///home/svn/framework3/trunk@11172 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 03:50:40 +00:00
Joshua Drake
1eda716b70
fix another ruby-ism problem checking modulus return
...
git-svn-id: file:///home/svn/framework3/trunk@11166 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 00:16:53 +00:00
Joshua Drake
e9faf75503
fix some more titles with periods
...
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:35:38 +00:00
Joshua Drake
f68fc02f9c
include capture mixin for modules that use it
...
git-svn-id: file:///home/svn/framework3/trunk@11126 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:25:18 +00:00
Joshua Drake
1d8e1e332c
add better error reporting
...
git-svn-id: file:///home/svn/framework3/trunk@11120 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 01:11:49 +00:00
Joshua Drake
2fe78ec685
double grammar fail
...
git-svn-id: file:///home/svn/framework3/trunk@11053 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-16 20:23:11 +00:00
Joshua Drake
f4d2af3e73
fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@11052 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-16 20:17:25 +00:00
Joshua Drake
25611afb6c
add sap businessobject modules from jabra, woot!
...
git-svn-id: file:///home/svn/framework3/trunk@11046 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-15 05:12:48 +00:00
Joshua Drake
4a5bee45c5
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@11015 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-12 23:14:46 +00:00
Mario Ceballos
2aca76ef66
added exploit module freenas_exec_raw.rb. php/meterpreter ftw.
...
git-svn-id: file:///home/svn/framework3/trunk@11014 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-12 23:02:28 +00:00
James Lee
326dc42bca
add EncodedPayload#encoded_exe, encoded_jar, and encoded_war. simplifies exploits that need java and native payloads. see #406 and #3009
...
git-svn-id: file:///home/svn/framework3/trunk@10999 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 23:01:35 +00:00
Joshua Drake
3992eb7ef8
Mass RE-update: fix all framework URL references
...
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:43:22 +00:00
Joshua Drake
9fc6f2f3a3
Mass update: fix all framework URL references
...
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
Mario Ceballos
58f62bedda
fix load errors
...
git-svn-id: file:///home/svn/framework3/trunk@10933 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-06 19:19:35 +00:00
Joshua Drake
2a69811344
raise RuntimeError instead of return
...
git-svn-id: file:///home/svn/framework3/trunk@10932 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-06 18:09:28 +00:00
Joshua Drake
1f235a8c9b
remove 64-bit targets since we dont have an x86_64 linux exe generator
...
git-svn-id: file:///home/svn/framework3/trunk@10833 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-27 17:21:54 +00:00
Joshua Drake
be841a4810
check for failed serverinfo result
...
git-svn-id: file:///home/svn/framework3/trunk@10788 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 21:32:12 +00:00
James Lee
3b2c43fac4
get rid of the redundant second java target
...
git-svn-id: file:///home/svn/framework3/trunk@10785 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 20:07:18 +00:00
James Lee
f33d7cc670
revamp java payloads and make shells work with tomcat_mgr_deploy. tested java_trusted_chain and java_tester to verify that this doesn't break other java payload usage. see #3009 and #2973 , meterpreter doesn't work yet, so not marking resolved.
...
git-svn-id: file:///home/svn/framework3/trunk@10781 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 10:19:51 +00:00
Joshua Drake
c6f1fa716d
add a java target, fixes #2973
...
git-svn-id: file:///home/svn/framework3/trunk@10755 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 22:36:59 +00:00
Joshua Drake
771ea5862c
fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@10754 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 22:24:33 +00:00
Joshua Drake
1935f2007f
fix exe generation for auto-targetting
...
git-svn-id: file:///home/svn/framework3/trunk@10753 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 22:21:19 +00:00
Joshua Drake
042e71c357
add ports/refs for ZDI-10-214
...
git-svn-id: file:///home/svn/framework3/trunk@10747 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 14:28:52 +00:00
Joshua Drake
b49e81300a
fix auto-target exe generation
...
git-svn-id: file:///home/svn/framework3/trunk@10688 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-14 21:26:05 +00:00
Joshua Drake
ae04e34cf7
fix some non-full-namespace includes
...
git-svn-id: file:///home/svn/framework3/trunk@10617 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-09 06:55:52 +00:00
Joshua Drake
279c604015
missed a couple exe generater includes
...
git-svn-id: file:///home/svn/framework3/trunk@10504 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-28 16:19:50 +00:00
James Lee
8c1f0713db
regenerate the payload so we get the correct *lhost*
...
git-svn-id: file:///home/svn/framework3/trunk@10490 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-27 00:09:17 +00:00
James Lee
4fbb0653a1
regenerate the payload so we get the correct rhost
...
git-svn-id: file:///home/svn/framework3/trunk@10488 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-26 23:55:03 +00:00
Joshua Drake
bd1eeb3722
rework to_jsp_war a bit, fix uses, default msfencode -t war to x86/win32
...
git-svn-id: file:///home/svn/framework3/trunk@10397 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 15:59:46 +00:00
Joshua Drake
4590844871
tons of indentation fixes, some other style tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
Joshua Drake
19db412383
convert remaining EXE generation to use the mixin, fixes #2017
...
git-svn-id: file:///home/svn/framework3/trunk@10389 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 04:38:13 +00:00
James Lee
a9a312fa66
typo
...
git-svn-id: file:///home/svn/framework3/trunk@10257 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-08 15:23:04 +00:00
James Lee
85126af521
add an exploit module for cve-2010-0094, thanks Matthias Kaiser.
...
git-svn-id: file:///home/svn/framework3/trunk@10255 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-08 08:20:55 +00:00
Joshua Drake
330281eadd
see #684 , adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues
...
git-svn-id: file:///home/svn/framework3/trunk@10150 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 20:55:37 +00:00
Joshua Drake
aac956db50
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10128 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-24 18:22:48 +00:00
James Lee
2e13a330fa
typo'd Matthias' name. i suck
...
git-svn-id: file:///home/svn/framework3/trunk@10113 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 18:49:35 +00:00
James Lee
90e89622c6
make it a little easier to distinguish these two from their output
...
git-svn-id: file:///home/svn/framework3/trunk@10096 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-21 07:53:25 +00:00
James Lee
7381ab8b6d
duh, dont actually need this
...
git-svn-id: file:///home/svn/framework3/trunk@10093 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-21 07:19:49 +00:00
James Lee
6b08dfed61
Add exploit module for cve-2010-08040. This is an awesome bug and my description field doesn't do it justice
...
git-svn-id: file:///home/svn/framework3/trunk@10092 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-21 06:38:29 +00:00
James Lee
56396a6d8b
add java support to browser_autopwn
...
git-svn-id: file:///home/svn/framework3/trunk@10089 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-20 20:49:33 +00:00
Joshua Drake
2545410bc7
make exe template names more consistent
...
git-svn-id: file:///home/svn/framework3/trunk@10065 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-19 21:08:51 +00:00
Joshua Drake
dc3e099f5b
remove custom function in favor of new NO RECV flags to smb client methods
...
git-svn-id: file:///home/svn/framework3/trunk@10040 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 17:24:46 +00:00
James Lee
73081e319f
allow multi/handler to work with java
...
git-svn-id: file:///home/svn/framework3/trunk@10020 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-16 16:34:55 +00:00
Joshua Drake
d540818f01
split http exploit mixin into http/server and http/client
...
git-svn-id: file:///home/svn/framework3/trunk@9971 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-07 06:59:16 +00:00
Joshua Drake
2f384cde82
add alias for calling Msf::Exploit regenerate_payload explicitly -- fixes #2312
...
git-svn-id: file:///home/svn/framework3/trunk@9950 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-03 15:14:34 +00:00
James Lee
e1ed341136
remove debug prints
...
git-svn-id: file:///home/svn/framework3/trunk@9938 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-27 21:05:41 +00:00
Joshua Drake
f6033b9bd6
change some print_status to print_error, rename a few msft modules using msb convention
...
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 21:37:54 +00:00
Joshua Drake
2482a83526
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9927 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 19:14:00 +00:00
Joshua Drake
84e3a95d2b
yield the session faster by not waiting for a response
...
git-svn-id: file:///home/svn/framework3/trunk@9911 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-21 23:40:34 +00:00
Steve Tornio
018af7f690
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9906 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-21 21:09:54 +00:00
Joshua Drake
719ce5d551
use ntlm explicitly, fixes #2158
...
git-svn-id: file:///home/svn/framework3/trunk@9900 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-21 06:04:20 +00:00
James Lee
08d705c1db
add java meterpreter and update java_calendar_deserialize to be able to use it, see #406
...
git-svn-id: file:///home/svn/framework3/trunk@9874 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-20 00:53:24 +00:00
James Lee
9891ea5374
Typo which caused this exploit never to get run in browser_autopwn
...
git-svn-id: file:///home/svn/framework3/trunk@9802 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 09:03:56 +00:00
Joshua Drake
16ff17c9d1
add more http fingerprints -- thx mc
...
git-svn-id: file:///home/svn/framework3/trunk@9797 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-12 23:25:31 +00:00
James Lee
9f37d46f7b
minimize autopwn settings
...
git-svn-id: file:///home/svn/framework3/trunk@9784 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-11 23:21:04 +00:00
James Lee
28e40bdc9f
add java_calendar_deserialize to browser_autopwn
...
git-svn-id: file:///home/svn/framework3/trunk@9783 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-11 23:16:51 +00:00
Joshua Drake
663b863b6d
http fingerprint checking update
...
git-svn-id: file:///home/svn/framework3/trunk@9719 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 17:38:59 +00:00
Joshua Drake
a3d901a6b9
various minor fixes, some added fingerprinting
...
git-svn-id: file:///home/svn/framework3/trunk@9671 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 06:21:31 +00:00
Joshua Drake
7d945ed9dc
add lots of disclosure dates from OSVDB
...
git-svn-id: file:///home/svn/framework3/trunk@9669 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 03:13:45 +00:00
Joshua Drake
9984b662e0
switch some URL references to US-CERT-VU type
...
git-svn-id: file:///home/svn/framework3/trunk@9666 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 01:09:32 +00:00
Joshua Drake
0882838491
ensure binary mode when opening files, whitespace fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 23:33:07 +00:00
Joshua Drake
93b09648c7
add additional CVE reference, cleanup references
...
git-svn-id: file:///home/svn/framework3/trunk@9642 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 19:42:11 +00:00
Joshua Drake
12fbdcd878
add http_fingerprint calls to modules that use various headers
...
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 20:53:12 +00:00
Joshua Drake
48994d234a
oops, remove java from platform list
...
git-svn-id: file:///home/svn/framework3/trunk@9609 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-24 16:38:24 +00:00
Joshua Drake
099b90b0d6
another update for jboss stuff, thanks Patrick!
...
git-svn-id: file:///home/svn/framework3/trunk@9596 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-23 22:25:03 +00:00
Joshua Drake
58cbf5d6ad
oops, fixed app_base mistake
...
git-svn-id: file:///home/svn/framework3/trunk@9586 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 23:10:30 +00:00
Tod Beardsley
9d46383040
Fixes #2134 . Subs select for sleep in exploit modules.
...
git-svn-id: file:///home/svn/framework3/trunk@9583 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 19:11:05 +00:00
Mario Ceballos
9780efabdd
missed Version
...
git-svn-id: file:///home/svn/framework3/trunk@9578 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 01:24:52 +00:00
Mario Ceballos
ccece11b9b
changed from the orignal method, thanks patrick.
...
git-svn-id: file:///home/svn/framework3/trunk@9577 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 01:08:02 +00:00
Joshua Drake
752905a777
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9571 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 16:53:52 +00:00
Joshua Drake
19742afb38
use pack instead of Base64
...
git-svn-id: file:///home/svn/framework3/trunk@9569 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 16:45:26 +00:00
Joshua Drake
4ceb936533
some jboss updates, much thanks to Patrick Hof
...
git-svn-id: file:///home/svn/framework3/trunk@9568 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 16:26:14 +00:00
Joshua Drake
79190edba3
throw an error when ExitOnSession is false with no job_id
...
git-svn-id: file:///home/svn/framework3/trunk@9526 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 17:25:14 +00:00
Joshua Drake
fa505a4069
various fixes, mostly consistency changes to disclosure dates
...
git-svn-id: file:///home/svn/framework3/trunk@9525 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 07:18:08 +00:00
Joshua Drake
698da3bdea
add CVE for cognos express
...
git-svn-id: file:///home/svn/framework3/trunk@9502 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-12 09:37:21 +00:00
Steve Tornio
1192e0860e
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9294 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-12 19:30:54 +00:00
Joshua Drake
a964d403be
merge patch from scriptjunkie, fixes #1875
...
git-svn-id: file:///home/svn/framework3/trunk@9286 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-11 22:28:18 +00:00
Joshua Drake
711e08b5e9
make sure to use correct verbs, thanks mc!
...
git-svn-id: file:///home/svn/framework3/trunk@9285 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-11 16:20:46 +00:00
Joshua Drake
7f758d5a02
add VERB option to enable exploiting cve-2010-0738
...
git-svn-id: file:///home/svn/framework3/trunk@9282 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-11 09:14:36 +00:00
Joshua Drake
128e0515ef
stop perpetuating the ambiguity!
...
git-svn-id: file:///home/svn/framework3/trunk@9262 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-09 17:45:00 +00:00
Joshua Drake
d7c99b107c
RE-fix and add svnkeywords, MC!!!
...
git-svn-id: file:///home/svn/framework3/trunk@9261 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-09 17:30:05 +00:00
Mario Ceballos
d33dc27e26
updated.. thanks jmg.
...
git-svn-id: file:///home/svn/framework3/trunk@9256 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-09 12:54:16 +00:00
Steve Tornio
a47f7dcb2e
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9251 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-08 16:46:49 +00:00
Joshua Drake
d296e0cdc3
minor cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@9245 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-07 22:28:21 +00:00
Mario Ceballos
579d35035b
added exploit module for cve-2006-5750
...
git-svn-id: file:///home/svn/framework3/trunk@9244 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-07 22:21:44 +00:00
James Lee
e70dabf3e3
warn and remove commas from CERTCN to prevent a crash bug in Rjb's keytool, fixes 1543
...
git-svn-id: file:///home/svn/framework3/trunk@9241 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-07 18:19:50 +00:00
Joshua Drake
0e72894e58
more cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-03 17:13:09 +00:00
Joshua Drake
61402c4b55
add to description
...
git-svn-id: file:///home/svn/framework3/trunk@9202 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-02 21:04:56 +00:00
Joshua Drake
ff46c5d867
add exploit module for cve-2010-0361 on windows
...
git-svn-id: file:///home/svn/framework3/trunk@9201 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-02 20:52:14 +00:00
HD Moore
42da9e899a
Improvements to the cleanup process, close sockets properly for exploits and auxiliary
...
git-svn-id: file:///home/svn/framework3/trunk@9187 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 16:26:24 +00:00
Joshua Drake
2e2142d345
add Maple exploit from scriptjunkie
...
git-svn-id: file:///home/svn/framework3/trunk@9183 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 02:05:56 +00:00