Joshua Drake
a018149278
check fingerprint first
...
git-svn-id: file:///home/svn/framework3/trunk@9701 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 01:33:03 +00:00
Joshua Drake
81cce81969
convert modules to HttpClient, use http_fingerprint
...
git-svn-id: file:///home/svn/framework3/trunk@9700 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 01:22:26 +00:00
Joshua Drake
ac267c5856
minor tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@9697 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 22:15:16 +00:00
Joshua Drake
8c0e5fdf73
fix references, whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@9696 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 21:59:16 +00:00
Joshua Drake
e5bf3301fb
note ORD recommendation
...
git-svn-id: file:///home/svn/framework3/trunk@9695 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 21:58:57 +00:00
Joshua Drake
11bb8dee28
convert to httpclient module, use fingerprint
...
git-svn-id: file:///home/svn/framework3/trunk@9694 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 21:54:58 +00:00
Joshua Drake
c7f5ba801c
add lots of disclosure dates from OSVDB (missed a few)
...
git-svn-id: file:///home/svn/framework3/trunk@9670 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 03:19:07 +00:00
Joshua Drake
7d945ed9dc
add lots of disclosure dates from OSVDB
...
git-svn-id: file:///home/svn/framework3/trunk@9669 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 03:13:45 +00:00
Joshua Drake
56ea22716e
oops, broke the tree
...
git-svn-id: file:///home/svn/framework3/trunk@9668 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 01:38:15 +00:00
Joshua Drake
9984b662e0
switch some URL references to US-CERT-VU type
...
git-svn-id: file:///home/svn/framework3/trunk@9666 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 01:09:32 +00:00
Joshua Drake
f6f954a18c
add missing CVE/OSVDB references, plenty still missing *wink wink*
...
git-svn-id: file:///home/svn/framework3/trunk@9659 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-02 00:10:51 +00:00
Joshua Drake
0882838491
ensure binary mode when opening files, whitespace fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 23:33:07 +00:00
Joshua Drake
b9a4105786
see #1000 , remove encoder in favor of auto-selection
...
git-svn-id: file:///home/svn/framework3/trunk@9648 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 21:35:10 +00:00
Joshua Drake
bfaa9a9a6f
modify badchars, minor cleanups, fixes #1000
...
git-svn-id: file:///home/svn/framework3/trunk@9647 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 21:31:51 +00:00
Joshua Drake
8676a88ce3
fix typo, thx chad
...
git-svn-id: file:///home/svn/framework3/trunk@9646 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 20:35:56 +00:00
Joshua Drake
c1c64e5bc0
add exploits from dookie for ufo alian invasion on osx/windows
...
git-svn-id: file:///home/svn/framework3/trunk@9643 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 19:54:48 +00:00
Joshua Drake
b5aac2860c
add DEP bypass targets for XPSP2 and 2k3SP1, add 2k3 SP0 target
...
git-svn-id: file:///home/svn/framework3/trunk@9632 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-28 16:01:23 +00:00
Joshua Drake
12fbdcd878
add http_fingerprint calls to modules that use various headers
...
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 20:53:12 +00:00
Joshua Drake
9d86466285
clean up whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@9587 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 23:57:05 +00:00
Tod Beardsley
9d46383040
Fixes #2134 . Subs select for sleep in exploit modules.
...
git-svn-id: file:///home/svn/framework3/trunk@9583 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 19:11:05 +00:00
Joshua Drake
f951dca1b2
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9566 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 05:59:53 +00:00
Joshua Drake
2c91164494
allow x64 payloads to be used with psexec
...
git-svn-id: file:///home/svn/framework3/trunk@9565 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-21 03:49:39 +00:00
Joshua Drake
a040b3708a
add some MSB numbers that were missing, rename ms08-070 msmask32 module
...
git-svn-id: file:///home/svn/framework3/trunk@9532 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 23:49:17 +00:00
Joshua Drake
fa505a4069
various fixes, mostly consistency changes to disclosure dates
...
git-svn-id: file:///home/svn/framework3/trunk@9525 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 07:18:08 +00:00
Joshua Drake
09f4c42aee
fix whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@9518 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 05:44:29 +00:00
natron
7cbc566c7b
Bug fixes for WMP11 and IE8, new configurable setting for exploit trigger, and output cleanup.
...
git-svn-id: file:///home/svn/framework3/trunk@9495 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 20:54:35 +00:00
Joshua Drake
85973b68dd
comment out EXETEMPLATE setting until #2046 is resolved
...
git-svn-id: file:///home/svn/framework3/trunk@9492 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 17:56:37 +00:00
Joshua Drake
75b906ac4c
switch to %uFFFF per secunia analysis, fix regexp handling
...
git-svn-id: file:///home/svn/framework3/trunk@9491 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 17:40:42 +00:00
Joshua Drake
cb69258fb2
fix regexp handling
...
git-svn-id: file:///home/svn/framework3/trunk@9490 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 17:40:12 +00:00
Joshua Drake
e32abab8dc
a HTTP -> an HTTP ( http://www.english-zone.com/grammar/a-anlessn.html )
...
git-svn-id: file:///home/svn/framework3/trunk@9488 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 16:12:05 +00:00
Joshua Drake
565397e989
fix CVE reference -- shakes stick
...
git-svn-id: file:///home/svn/framework3/trunk@9487 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 16:10:12 +00:00
Joshua Drake
c62b62d35d
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9486 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 15:17:23 +00:00
Steve Tornio
e2f4a6ad0d
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9485 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 10:39:41 +00:00
HD Moore
7c87a96e65
Add CVE from Kurt S.
...
git-svn-id: file:///home/svn/framework3/trunk@9484 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 06:49:54 +00:00
natron
f4394bf0e0
Initial commit for Tavis Ormandy's Help Ctr bug. Needs improvement on stealthiness, but works for now.
...
-n
git-svn-id: file:///home/svn/framework3/trunk@9483 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 06:10:08 +00:00
Joshua Drake
619d088ada
updated test results
...
git-svn-id: file:///home/svn/framework3/trunk@9477 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 20:55:17 +00:00
Joshua Drake
d26ebfa365
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9476 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 20:31:21 +00:00
Joshua Drake
07ed2d636c
add browser version of cve-2010-1297
...
git-svn-id: file:///home/svn/framework3/trunk@9475 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 20:28:05 +00:00
Joshua Drake
1434aa8f23
add fileformat exploit for cve-2010-1297
...
git-svn-id: file:///home/svn/framework3/trunk@9473 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 19:52:43 +00:00
Joshua Drake
f0c82d8646
add svn keywords
...
git-svn-id: file:///home/svn/framework3/trunk@9430 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 16:34:37 +00:00
Mario Ceballos
167e4289c4
put it back. will not play with svn for a month.
...
git-svn-id: file:///home/svn/framework3/trunk@9425 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 14:55:51 +00:00
Mario Ceballos
c5925ca37e
oops, not yet.
...
git-svn-id: file:///home/svn/framework3/trunk@9424 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 14:48:15 +00:00
Mario Ceballos
2444978286
remove it
...
git-svn-id: file:///home/svn/framework3/trunk@9423 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 14:46:22 +00:00
Mario Ceballos
2f8c342b54
added initial coverage for BID-39114
...
git-svn-id: file:///home/svn/framework3/trunk@9419 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 13:36:29 +00:00
Joshua Drake
b143172fff
bump ranking up
...
git-svn-id: file:///home/svn/framework3/trunk@9416 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 01:14:59 +00:00
Joshua Drake
26480092e0
add exploit for sompl m3u parsing - from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@9415 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 01:11:31 +00:00
Joshua Drake
d7f2324b7b
update the set_ecx method to work on both win7 and xpsp3
...
git-svn-id: file:///home/svn/framework3/trunk@9414 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 00:47:14 +00:00
Joshua Drake
0a907a2e6f
add exploit for cve-2009-0546
...
git-svn-id: file:///home/svn/framework3/trunk@9405 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-03 05:10:45 +00:00
Joshua Drake
a8186ae6ae
add suggestion when auto-targeting fails, see #2022
...
git-svn-id: file:///home/svn/framework3/trunk@9396 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-02 16:29:14 +00:00
Joshua Drake
24eb0f035f
point to nt4 template
...
git-svn-id: file:///home/svn/framework3/trunk@9376 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 22:46:10 +00:00
Joshua Drake
6d1e7bdaa5
big commit - lots of cmdstager changes
...
created 4 cmd stagers (instead of just one): CmdStagerVBS, CmdStagerDebugAsm, CmdStagerDebugWrite, CmdStagerTFTP
created a TFTPServer mixin
created Msf::Exploit::EXE mixin to generate executables
updated all uses of CmdStager to use CmdStagerVBS for the time being
add exploit for cve-2001-0333 using CmdStagerTFTP
updated tftp server to wait for transfers to finish (up to 30 seconds) before shutting down
write debug.exe stager stub in 16-bit assembly (used in CmdStagerDebugAsm)
git-svn-id: file:///home/svn/framework3/trunk@9375 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 22:39:56 +00:00
Steve Tornio
cfb850b41b
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@9363 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 02:09:42 +00:00
Joshua Drake
acf45118a2
add exploit module for communicrypt activex from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@9356 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 22:37:59 +00:00
Joshua Drake
be158fbcb3
whitespace tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@9352 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-24 14:56:49 +00:00
Joshua Drake
e5d73387e6
guess at what this address is
...
git-svn-id: file:///home/svn/framework3/trunk@9336 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 00:38:27 +00:00
Joshua Drake
cae27f9e7e
add exploit module for cve-2010-0033
...
git-svn-id: file:///home/svn/framework3/trunk@9299 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-14 02:43:55 +00:00
Steve Tornio
365f13551b
added refs. I think all the auxiliary and exploit modules should now be covered.
...
git-svn-id: file:///home/svn/framework3/trunk@9298 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-13 16:53:50 +00:00
HD Moore
d65146ae0c
Downgrade MS04_011 to Great, as we have better exploits
...
git-svn-id: file:///home/svn/framework3/trunk@9291 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-12 16:36:45 +00:00
Joshua Drake
5897656261
switch ret to an address for both v12 and v13
...
git-svn-id: file:///home/svn/framework3/trunk@9279 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-11 01:56:20 +00:00
Joshua Drake
5b514b350d
ugh
...
git-svn-id: file:///home/svn/framework3/trunk@9277 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-11 00:24:11 +00:00
Joshua Drake
0ebcb01c5e
rename the module
...
git-svn-id: file:///home/svn/framework3/trunk@9274 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-10 23:08:36 +00:00
Joshua Drake
f6af983f75
fix target name
...
git-svn-id: file:///home/svn/framework3/trunk@9273 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-10 21:37:56 +00:00
Joshua Drake
aaeb8c3b85
an outlier!
...
git-svn-id: file:///home/svn/framework3/trunk@9263 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-09 17:52:51 +00:00
Joshua Drake
128e0515ef
stop perpetuating the ambiguity!
...
git-svn-id: file:///home/svn/framework3/trunk@9262 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-09 17:45:00 +00:00
Joshua Drake
fbfa48257f
switch sleep to select
...
git-svn-id: file:///home/svn/framework3/trunk@9255 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-09 06:06:43 +00:00
Steve Tornio
ceb437bc0c
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9236 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-06 00:19:20 +00:00
Joshua Drake
a75929889a
add exploit for cve-2010-1318
...
git-svn-id: file:///home/svn/framework3/trunk@9229 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 20:05:39 +00:00
Joshua Drake
2cb99aa091
upgrade ranking to great
...
git-svn-id: file:///home/svn/framework3/trunk@9222 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 15:24:43 +00:00
Joshua Drake
4bc86e603e
fix a couple more silly regex mishaps
...
git-svn-id: file:///home/svn/framework3/trunk@9220 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-04 23:09:32 +00:00
Joshua Drake
0e72894e58
more cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-03 17:13:09 +00:00
Joshua Drake
665baa7691
modify ms09-002 exploit to use encrypt_js
...
git-svn-id: file:///home/svn/framework3/trunk@9200 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-02 20:42:34 +00:00
HD Moore
42da9e899a
Improvements to the cleanup process, close sockets properly for exploits and auxiliary
...
git-svn-id: file:///home/svn/framework3/trunk@9187 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 16:26:24 +00:00
Joshua Drake
ce372f62ff
fix aurora encrypt and add js_encrypt to chilikat module
...
git-svn-id: file:///home/svn/framework3/trunk@9185 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 02:31:17 +00:00
Joshua Drake
2662055be8
add encrypt_js call to aurora exploit
...
git-svn-id: file:///home/svn/framework3/trunk@9184 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 02:14:26 +00:00
Joshua Drake
0ea6eca4bc
big module whitespace/formatting cleanup pass
...
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 08:40:19 +00:00
Joshua Drake
6e3a26bc07
add custom LAUNCH_MESSAGE option
...
git-svn-id: file:///home/svn/framework3/trunk@9170 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-29 17:02:33 +00:00
Joshua Drake
b2f338984b
cosmetic statement reorder
...
git-svn-id: file:///home/svn/framework3/trunk@9166 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-28 00:48:00 +00:00
Joshua Drake
8a0785f91e
change exit func and ensure return is invalid (causes exception)
...
git-svn-id: file:///home/svn/framework3/trunk@9162 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 19:13:56 +00:00
Joshua Drake
d91046c470
detect and split JS and non-JS versions
...
git-svn-id: file:///home/svn/framework3/trunk@9160 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 17:45:35 +00:00
Joshua Drake
49f6fc4d98
ugh
...
git-svn-id: file:///home/svn/framework3/trunk@9159 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 16:46:21 +00:00
Joshua Drake
2f3171906c
remove splash screen
...
git-svn-id: file:///home/svn/framework3/trunk@9158 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 15:58:05 +00:00
Joshua Drake
ac188bebdb
added support for older JREs using javascript methods from taviso's exploit
...
git-svn-id: file:///home/svn/framework3/trunk@9151 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 00:42:52 +00:00
Joshua Drake
cb13ab93cc
add additional targets and version notes
...
git-svn-id: file:///home/svn/framework3/trunk@9147 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 21:23:40 +00:00
Joshua Drake
9f0b05d18f
add exploit module for easyftp server
...
git-svn-id: file:///home/svn/framework3/trunk@9145 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 19:52:25 +00:00
Steve Tornio
9e06b1e777
more refs
...
git-svn-id: file:///home/svn/framework3/trunk@9143 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 18:56:46 +00:00
Joshua Drake
a953c47cfb
remove carriage returns
...
git-svn-id: file:///home/svn/framework3/trunk@9140 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 18:29:24 +00:00
Joshua Drake
e3a1c63e98
add exploit module for trellian ftp client from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@9139 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 18:20:27 +00:00
Joshua Drake
62760e4d30
add exploit module for xftp client from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@9138 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 18:16:52 +00:00
Joshua Drake
251953ec59
add post-first-patch target
...
git-svn-id: file:///home/svn/framework3/trunk@9118 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-23 18:35:18 +00:00
Tod Beardsley
bd94145d8d
Allows reporting auth credentials to be optional with exploit/windows/smb/psexec. Sometimes you don't want this, especially if you already have an auth credential via smb_login.
...
For auxiliary/scanner/smb/smb_login, if a password hash is used instead of a password, record it as a :hash instead of a :pass when reporting to the DB.
git-svn-id: file:///home/svn/framework3/trunk@9116 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-22 17:23:29 +00:00
Steve Tornio
3dcc643bd6
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9101 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-17 11:22:37 +00:00
Joshua Drake
8131f623ad
add exploit module for cve-2010-0478
...
git-svn-id: file:///home/svn/framework3/trunk@9100 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-17 07:39:59 +00:00
Joshua Drake
bc68b7d92e
fix name
...
git-svn-id: file:///home/svn/framework3/trunk@9097 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 08:08:40 +00:00
Joshua Drake
fc2fab9bd7
fix name
...
git-svn-id: file:///home/svn/framework3/trunk@9096 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 08:08:36 +00:00
Joshua Drake
51e6a64e07
add UNCPATH option
...
git-svn-id: file:///home/svn/framework3/trunk@9095 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 08:08:14 +00:00
Joshua Drake
d03eacc386
move exploit specific stuff back to exploit method
...
git-svn-id: file:///home/svn/framework3/trunk@9094 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 05:30:27 +00:00
Joshua Drake
74a344ce7a
unbreak the module, oops
...
git-svn-id: file:///home/svn/framework3/trunk@9093 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 05:10:36 +00:00
Joshua Drake
a402a69de6
make error more friendly and clean up whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@9092 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 04:51:08 +00:00
Joshua Drake
80cec47e17
added cve
...
git-svn-id: file:///home/svn/framework3/trunk@9091 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 00:31:31 +00:00
Joshua Drake
180ca93bbb
updated description
...
git-svn-id: file:///home/svn/framework3/trunk@9090 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 00:31:03 +00:00
Joshua Drake
8e5f0a37d8
rename modules to microsoft bulletin names and update references
...
git-svn-id: file:///home/svn/framework3/trunk@9085 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 16:08:27 +00:00
Joshua Drake
73dfe9729b
update default option settings and auto_target
...
git-svn-id: file:///home/svn/framework3/trunk@9083 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 15:23:43 +00:00
Steve Tornio
ec74d862a7
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@9082 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 11:18:25 +00:00
Joshua Drake
950f571488
add module for java web start arguments vuln - no CVE yet
...
git-svn-id: file:///home/svn/framework3/trunk@9074 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-14 21:45:23 +00:00
Joshua Drake
321404e2fe
add payload/generic/tight_loop - x86 debug payload
...
git-svn-id: file:///home/svn/framework3/trunk@9070 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-14 07:40:04 +00:00
pusscat
99ecd361d3
Fix variable name (care of Monica Sojeong Hong)
...
git-svn-id: file:///home/svn/framework3/trunk@9061 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-13 19:05:52 +00:00
HD Moore
ee4528ed86
Fix negative timeouts
...
git-svn-id: file:///home/svn/framework3/trunk@9048 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-11 13:26:50 +00:00
HD Moore
c8aae09827
Correct english in the quotation
...
git-svn-id: file:///home/svn/framework3/trunk@9029 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-07 00:59:20 +00:00
HD Moore
7af2fdf42e
Remove silly cases of print_good
...
git-svn-id: file:///home/svn/framework3/trunk@9021 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 23:34:10 +00:00
Joshua Drake
1836649937
update references
...
git-svn-id: file:///home/svn/framework3/trunk@9020 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 20:45:21 +00:00
Joshua Drake
e9083bda0d
add exploit module for cve-2010-0805 - from zsploit
...
git-svn-id: file:///home/svn/framework3/trunk@9018 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 20:25:56 +00:00
Joshua Drake
b35559e1ec
add a 6.1.22.0 target (from WorldMail3.1.2x_installer.exe)
...
git-svn-id: file:///home/svn/framework3/trunk@9015 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 03:48:07 +00:00
Joshua Drake
7d45b8fdf0
update targets, add auto_target functionality
...
git-svn-id: file:///home/svn/framework3/trunk@9012 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 02:09:32 +00:00
HD Moore
52faebea30
Typo
...
git-svn-id: file:///home/svn/framework3/trunk@9006 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 04:57:42 +00:00
HD Moore
3258f30ba7
Typo
...
git-svn-id: file:///home/svn/framework3/trunk@9005 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 04:46:28 +00:00
HD Moore
8f0e3ced67
Correct spelling typo
...
git-svn-id: file:///home/svn/framework3/trunk@9004 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 00:46:49 +00:00
HD Moore
cd2760f2c2
Bug fixes and size improvements for the reverse_https stager
...
git-svn-id: file:///home/svn/framework3/trunk@9001 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-03 13:53:35 +00:00
Joshua Drake
eb003518ce
add auto_target to apache_chunked exploit - should reduce run duration in most cases
...
git-svn-id: file:///home/svn/framework3/trunk@8980 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 16:26:01 +00:00
Joshua Drake
776259e3c6
bleh, fix comma
...
git-svn-id: file:///home/svn/framework3/trunk@8979 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 15:51:55 +00:00
Joshua Drake
5c34cce14a
add note about possibly incorrect references
...
git-svn-id: file:///home/svn/framework3/trunk@8978 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 15:38:11 +00:00
Joshua Drake
82b6f05fa9
add exploit module from m_101
...
git-svn-id: file:///home/svn/framework3/trunk@8975 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 17:10:07 +00:00
Joshua Drake
61b4500ffd
remove svn:executable from various files
...
git-svn-id: file:///home/svn/framework3/trunk@8974 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 16:20:34 +00:00
Steve Tornio
970efbc628
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8971 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 11:27:56 +00:00
Mario Ceballos
f10d0fbb41
added exploit module hp_nnm_ovwebhelp.rb
...
git-svn-id: file:///home/svn/framework3/trunk@8969 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 00:47:31 +00:00
Joshua Drake
ff8cdc29aa
update description with a little history
...
git-svn-id: file:///home/svn/framework3/trunk@8968 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:36:10 +00:00
Joshua Drake
da874c323a
renamed and udpated "iepeers" vuln with latest information/name
...
git-svn-id: file:///home/svn/framework3/trunk@8965 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 20:15:22 +00:00
Joshua Drake
477a424cab
silly comma...
...
git-svn-id: file:///home/svn/framework3/trunk@8959 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 06:42:59 +00:00
Joshua Drake
ee90abb049
author fix
...
git-svn-id: file:///home/svn/framework3/trunk@8958 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 04:26:14 +00:00
Joshua Drake
c9d321b352
clean up comments
...
git-svn-id: file:///home/svn/framework3/trunk@8957 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 01:40:26 +00:00
Joshua Drake
b2f3e91c8b
add a target for v8.6.0.1936
...
git-svn-id: file:///home/svn/framework3/trunk@8955 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-29 18:19:59 +00:00
Joshua Drake
0a6547045d
add exploit module for cve-2007-2888
...
git-svn-id: file:///home/svn/framework3/trunk@8953 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-29 17:21:15 +00:00
HD Moore
4bac76cc9e
Fix XOR encoding for this module
...
git-svn-id: file:///home/svn/framework3/trunk@8940 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 20:17:33 +00:00
Joshua Drake
79e277450a
add reliable IE7 trigger from Nanika
...
git-svn-id: file:///home/svn/framework3/trunk@8935 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 01:31:19 +00:00
Joshua Drake
3dc30aeed6
minor whitespace change
...
git-svn-id: file:///home/svn/framework3/trunk@8934 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 01:30:40 +00:00
Joshua Drake
89d6907a8f
fix typoez
...
git-svn-id: file:///home/svn/framework3/trunk@8933 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 00:35:48 +00:00
HD Moore
22cb5a6bea
1.9 compatibility fixes for lpd exploits, clarification in the print messages that we are *trying* to exploit something, not absolutely doing so
...
git-svn-id: file:///home/svn/framework3/trunk@8916 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 14:52:35 +00:00
James Lee
a27c941714
targ_host -> target_host
...
git-svn-id: file:///home/svn/framework3/trunk@8909 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 01:09:04 +00:00
Joshua Drake
4f657ef868
add exploit module for cve-2009-1260
...
git-svn-id: file:///home/svn/framework3/trunk@8900 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 19:35:29 +00:00
Joshua Drake
5c1cf6aefb
correction to target descriptions
...
git-svn-id: file:///home/svn/framework3/trunk@8889 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 06:54:45 +00:00
Joshua Drake
39537bfc53
add an office xp sp0 target
...
git-svn-id: file:///home/svn/framework3/trunk@8888 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 06:00:54 +00:00
Joshua Drake
d270d8aa95
update author comments
...
git-svn-id: file:///home/svn/framework3/trunk@8852 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-18 23:52:28 +00:00
Joshua Drake
a940d9a810
add exploit module for VariCAD 2010-2.05 DWB bug
...
git-svn-id: file:///home/svn/framework3/trunk@8851 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-18 23:47:52 +00:00
Joshua Drake
7fcad1f4b8
add exploit module for cve-2010-0188 (possibly cve-2006-3549)
...
git-svn-id: file:///home/svn/framework3/trunk@8833 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-16 18:06:50 +00:00
HD Moore
13410d4daa
Rename aurora module to the MSB naming convention
...
git-svn-id: file:///home/svn/framework3/trunk@8780 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 05:49:45 +00:00
HD Moore
a23344b5d0
Consistency in how IE/Internet Explorer is named
...
git-svn-id: file:///home/svn/framework3/trunk@8779 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 05:49:14 +00:00
Steve Tornio
d3da883aa2
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8774 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:07:04 +00:00
HD Moore
baf64ed999
Remove trailing
...
git-svn-id: file:///home/svn/framework3/trunk@8771 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:01:43 +00:00
Joshua Drake
3c57fe6e81
add exploit module for cve-2010-0806
...
git-svn-id: file:///home/svn/framework3/trunk@8770 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:01:32 +00:00
Joshua Drake
b419a40c45
finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
...
also some minor cleanups here and there
git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:58:01 +00:00
Joshua Drake
52647260b3
add offset for alternative file open methods
...
git-svn-id: file:///home/svn/framework3/trunk@8757 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 05:57:22 +00:00
Joshua Drake
fbc157df56
add exploit module for cve-2010-0688
...
git-svn-id: file:///home/svn/framework3/trunk@8754 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 01:04:44 +00:00
HD Moore
b1973c6630
Adds detection and exploitation coverage for the Energizer Duo trojan
...
git-svn-id: file:///home/svn/framework3/trunk@8749 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 19:06:50 +00:00
Joshua Drake
83419da78b
check for vulnerable version in JS prior to triggering vuln, closes #1011
...
git-svn-id: file:///home/svn/framework3/trunk@8731 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 04:36:16 +00:00
Joshua Drake
73da75a931
big update to cmd stager
...
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there
git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:29:44 +00:00
Joshua Drake
0900314a15
redirect requests without subdirectories
...
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 18:28:05 +00:00
Joshua Drake
4bd857b53e
add exploit module for cve-2008-3558
...
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 17:41:26 +00:00
Joshua Drake
e8f22a7136
add exploit module for cve-2008-3878
...
git-svn-id: file:///home/svn/framework3/trunk@8705 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 06:19:37 +00:00
Joshua Drake
5aebed8fe7
add exploit module for cve-2008-5002
...
git-svn-id: file:///home/svn/framework3/trunk@8703 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 21:17:31 +00:00
Joshua Drake
fb5906385d
add exploit module for cve-2009-1534
...
git-svn-id: file:///home/svn/framework3/trunk@8698 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:12:37 +00:00
Joshua Drake
d86575701d
added CVE, KB references
...
git-svn-id: file:///home/svn/framework3/trunk@8696 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 03:20:58 +00:00
Steve Tornio
074b4ada44
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8688 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 12:23:17 +00:00
Joshua Drake
4b59410507
rename module per ms bulletin
...
git-svn-id: file:///home/svn/framework3/trunk@8686 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 07:50:25 +00:00
Joshua Drake
d0153225a0
add exploit module for cve-2009-1612
...
git-svn-id: file:///home/svn/framework3/trunk@8685 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:55 +00:00
Joshua Drake
cc9113397c
add exploit for IE Windows Help vulnerability
...
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 23:14:20 +00:00
Joshua Drake
cc891bce80
whitespace cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@8677 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 15:13:04 +00:00
Stephen Fewer
b4339930e7
rename this module with the updated MSB and swap out the hard coded kernel stager for the new kernel stager mixin.
...
git-svn-id: file:///home/svn/framework3/trunk@8656 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 13:42:17 +00:00
Joshua Drake
afd2df315b
rename module part deux!
...
git-svn-id: file:///home/svn/framework3/trunk@8607 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 18:12:10 +00:00
Joshua Drake
705a4626e4
remove dash from file name
...
git-svn-id: file:///home/svn/framework3/trunk@8605 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 18:06:35 +00:00
Joshua Drake
81f93d48e7
add german target from contributor, thx!
...
git-svn-id: file:///home/svn/framework3/trunk@8601 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 17:23:05 +00:00
Joshua Drake
b810e9665f
add comment about autofilter mapping
...
git-svn-id: file:///home/svn/framework3/trunk@8592 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:30:38 +00:00
Joshua Drake
b818536e46
corrected comment text
...
git-svn-id: file:///home/svn/framework3/trunk@8590 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:27:15 +00:00
Joshua Drake
1faec528de
fix InitAutoRunScript -> InitialAutoRunScript
...
git-svn-id: file:///home/svn/framework3/trunk@8582 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 17:52:19 +00:00
Steve Tornio
93acc977fe
fix osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8563 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 19:42:08 +00:00
Patrick Webster
350c189a34
Added exploit module qbik_wingate_wwwproxy.
...
git-svn-id: file:///home/svn/framework3/trunk@8547 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 15:58:26 +00:00
Joshua Drake
797ab55f52
add exploit module for cve-2009-2011
...
git-svn-id: file:///home/svn/framework3/trunk@8541 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 20:14:40 +00:00
Joshua Drake
48b7aec12d
corrected cve reference
...
git-svn-id: file:///home/svn/framework3/trunk@8512 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 00:30:17 +00:00
HD Moore
32357b1f64
Skip the debugging target for automatic mode
...
git-svn-id: file:///home/svn/framework3/trunk@8499 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 01:02:12 +00:00
HD Moore
5d7139ad6f
Various module cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@8498 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 00:48:03 +00:00
Patrick Webster
ee4fd8c75d
Ported sambar6_search_results from v2.
...
git-svn-id: file:///home/svn/framework3/trunk@8480 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 20:15:19 +00:00
HD Moore
7aa7995da9
Autodetect and exploit 2003 SP0
...
git-svn-id: file:///home/svn/framework3/trunk@8479 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 20:04:24 +00:00
Patrick Webster
01cbe85468
Fixed OSVDB refs and added CA Server module.
...
git-svn-id: file:///home/svn/framework3/trunk@8478 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 16:16:13 +00:00
Patrick Webster
c8da073f80
Ported calicclnt_getconfig exploit module from msf2.
...
git-svn-id: file:///home/svn/framework3/trunk@8476 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 15:38:06 +00:00
Joshua Drake
1896c82e39
add exploit module for cve-2009-2484
...
git-svn-id: file:///home/svn/framework3/trunk@8475 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 06:58:27 +00:00
Joshua Drake
8c28d583aa
bump ranking up a notch
...
git-svn-id: file:///home/svn/framework3/trunk@8474 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 06:57:58 +00:00
Joshua Drake
d561b8e8ec
add references, update description
...
git-svn-id: file:///home/svn/framework3/trunk@8471 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 21:09:09 +00:00
Joshua Drake
f3c6b01bbd
add first exploit module using Rex::OLE (cve-2009-3129)
...
git-svn-id: file:///home/svn/framework3/trunk@8470 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 20:52:41 +00:00
Patrick Webster
3fd3d44ad6
Added barcode_ax49.rb exploit module.
...
git-svn-id: file:///home/svn/framework3/trunk@8466 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 18:06:49 +00:00
HD Moore
3fe41a0d94
Fix a small typo
...
git-svn-id: file:///home/svn/framework3/trunk@8463 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 14:44:23 +00:00
Joshua Drake
f82c53db2a
move 70k binary to data/exploits instead of hex encoded in the exploit
...
git-svn-id: file:///home/svn/framework3/trunk@8446 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 23:17:19 +00:00
James Lee
eb6ce38e0c
old zero-day shows its age
...
git-svn-id: file:///home/svn/framework3/trunk@8445 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 20:41:07 +00:00
HD Moore
ba34abc232
Fix unpack("H*") vs unpack("H*")[0]
...
git-svn-id: file:///home/svn/framework3/trunk@8416 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 21:37:07 +00:00
HD Moore
c6c1cda153
Try to delete the file (doesn't always work)
...
git-svn-id: file:///home/svn/framework3/trunk@8413 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 19:12:59 +00:00
HD Moore
bc62eaf99b
Adds a module to exploit insecure IIS configurations (PUT)
...
git-svn-id: file:///home/svn/framework3/trunk@8412 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 19:04:19 +00:00
Steve Tornio
f3ad1c0a15
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8410 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 18:53:21 +00:00
Joshua Drake
9f174795d4
add exploit module for vermillion ftpd memory corruption
...
git-svn-id: file:///home/svn/framework3/trunk@8396 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:39:48 +00:00
Joshua Drake
a772bc2c85
minor cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@8395 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 21:42:12 +00:00
HD Moore
bd91871763
Correct credit for the advisory
...
git-svn-id: file:///home/svn/framework3/trunk@8391 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 23:22:28 +00:00
Joshua Drake
875a66553f
clean up a couple comments to save future pain
...
git-svn-id: file:///home/svn/framework3/trunk@8380 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 06:53:31 +00:00
Joshua Drake
bd3a4760da
fixes to adobe_pdf_embedded_exe
...
optimized the directory search, and cmdline in general
added the Documents (Vista/Win7) to the list of directories to check
fixes #767
git-svn-id: file:///home/svn/framework3/trunk@8379 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 06:51:13 +00:00
Joshua Drake
7538b93aae
add exploit module for cve-2006-6665
...
git-svn-id: file:///home/svn/framework3/trunk@8361 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-03 06:09:31 +00:00
Joshua Drake
746c4fc263
whitespace change
...
git-svn-id: file:///home/svn/framework3/trunk@8345 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-02 06:19:34 +00:00
Joshua Drake
fde3fbb2e3
add exploit module for cve-2009-1569
...
git-svn-id: file:///home/svn/framework3/trunk@8339 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 03:56:02 +00:00
Joshua Drake
c073cd707a
removed unecessary parameter, commented target
...
git-svn-id: file:///home/svn/framework3/trunk@8338 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 03:33:38 +00:00
Joshua Drake
2783c5884e
add exploit module for cve-2009-1568
...
git-svn-id: file:///home/svn/framework3/trunk@8336 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 02:40:47 +00:00
Joshua Drake
4863faf0a7
add reference to cve-2000-1209 (sa blank password)
...
git-svn-id: file:///home/svn/framework3/trunk@8324 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 16:37:06 +00:00
Joshua Drake
c514c2274b
typo, fixes #786 , see also r8315
...
git-svn-id: file:///home/svn/framework3/trunk@8316 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 01:06:06 +00:00
Joshua Drake
53fd14c9c0
updated description, added PATH variable
...
git-svn-id: file:///home/svn/framework3/trunk@8315 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 01:04:23 +00:00
Steve Tornio
70c0cb7530
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@8307 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 21:04:40 +00:00
Steve Tornio
a3f4d4f65e
add cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@8306 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 21:04:01 +00:00
Joshua Drake
4751d83cb8
some cleanups, added some CVE references
...
git-svn-id: file:///home/svn/framework3/trunk@8304 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 20:15:32 +00:00
Joshua Drake
7789db860d
add exploit module for Audiotran .pls file bof
...
git-svn-id: file:///home/svn/framework3/trunk@8303 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 19:24:41 +00:00
Joshua Drake
d9e5de5683
note the CLSID of this control
...
git-svn-id: file:///home/svn/framework3/trunk@8302 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 19:17:50 +00:00
Joshua Drake
15e13348c0
add exploit module for AOL phobos bug
...
git-svn-id: file:///home/svn/framework3/trunk@8300 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 18:58:14 +00:00
Joshua Drake
31949c4343
svn keywords fixups
...
fixed a bunch of $Id$ and $Revision$ typos
added keywords property to files missing it
git-svn-id: file:///home/svn/framework3/trunk@8242 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-26 20:12:13 +00:00
HD Moore
1bdd286936
This bug actually affected 9.2 as well according to adobe, reference updated
...
git-svn-id: file:///home/svn/framework3/trunk@8222 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-25 14:22:13 +00:00
Joshua Drake
87adb7714f
fixed whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@8219 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-25 04:52:49 +00:00
Joshua Drake
83f47796fe
add reference to ms09-032 (the mitigation)
...
git-svn-id: file:///home/svn/framework3/trunk@8212 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-24 00:05:19 +00:00
Joshua Drake
14862e0106
added another target
...
git-svn-id: file:///home/svn/framework3/trunk@8204 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 21:43:40 +00:00
Joshua Drake
6fd20d411f
add exploit module for cve-2009-4179
...
git-svn-id: file:///home/svn/framework3/trunk@8192 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 05:52:53 +00:00
Joshua Drake
409d44bfad
fix another typo
...
git-svn-id: file:///home/svn/framework3/trunk@8190 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 19:26:04 +00:00
Joshua Drake
9cb3ac9340
fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@8189 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 19:24:54 +00:00
Joshua Drake
ab1a1c58db
escape more format specifiers passed to util.printd
...
prevents mucking with the allocation size (hopefully)
a better solution would be to find a different way to allocate the freed memory..
git-svn-id: file:///home/svn/framework3/trunk@8188 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 18:32:01 +00:00
Joshua Drake
a87d4e7eb4
escape randomly generated format specifiers passed to util.printd
...
prevents mucking with the allocation size (hopefully)
git-svn-id: file:///home/svn/framework3/trunk@8186 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 17:09:46 +00:00
Joshua Drake
2b8a2d56a1
some variable renaming
...
git-svn-id: file:///home/svn/framework3/trunk@8184 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 04:55:16 +00:00
Joshua Drake
72e1b9bb50
added a couple better error messages
...
git-svn-id: file:///home/svn/framework3/trunk@8183 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:30:08 +00:00
Joshua Drake
97c3159293
fixed version command, check function
...
git-svn-id: file:///home/svn/framework3/trunk@8182 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:15:20 +00:00
Joshua Drake
e8048704be
add exploit module for cve-2009-1979 (oracle pre-auth bof)
...
git-svn-id: file:///home/svn/framework3/trunk@8181 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:05:18 +00:00
Joshua Drake
db5097af91
bump ranking up, comment about crash recovery
...
git-svn-id: file:///home/svn/framework3/trunk@8154 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 07:23:22 +00:00
Joshua Drake
477468147b
cleanup exceptions, optimize query length, add some entropy
...
git-svn-id: file:///home/svn/framework3/trunk@8153 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 05:09:40 +00:00
Joshua Drake
7c402d1d79
changed a comment
...
git-svn-id: file:///home/svn/framework3/trunk@8152 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 01:56:31 +00:00
Joshua Drake
52b71077d3
major overhaul of ms09-004 (cve-2008-5416) exploit
...
git-svn-id: file:///home/svn/framework3/trunk@8151 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 01:51:48 +00:00
James Lee
bbe10b439f
let the user know when a client connects
...
git-svn-id: file:///home/svn/framework3/trunk@8140 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-16 01:00:01 +00:00
HD Moore
69f609bdcd
Updated description to make the source of the exploit clear and why it only triggers reliably vs 6 now. Adjusts the heap spray to be slightly bigger
...
git-svn-id: file:///home/svn/framework3/trunk@8138 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-16 00:55:42 +00:00
Steve Tornio
a0326fc842
add CVE and OSVDB refs
...
git-svn-id: file:///home/svn/framework3/trunk@8137 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 22:05:02 +00:00
HD Moore
579a6fe799
Metasploit port of the IE "Aurora" exploit, based on this sample: http://wepawet.iseclab.org/view.php?hash=1aea206aa64ebeabb07237f1e2230d0f&type=js
...
git-svn-id: file:///home/svn/framework3/trunk@8136 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 21:36:04 +00:00
Joshua Drake
fba8a1d110
added a German target with 0x0a0a0a0a as the spray addr
...
git-svn-id: file:///home/svn/framework3/trunk@8125 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 22:24:56 +00:00
Joshua Drake
8399ff46b2
oops, left out a var
...
git-svn-id: file:///home/svn/framework3/trunk@8081 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:55:41 +00:00
Joshua Drake
c51c14bcba
fix typos :-/
...
git-svn-id: file:///home/svn/framework3/trunk@8080 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:09:34 +00:00
Joshua Drake
97338e6848
add exploit module for cve-2007-2280 (split from other)
...
git-svn-id: file:///home/svn/framework3/trunk@8079 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:04:58 +00:00
Joshua Drake
75ff9d327a
_2 == cve-2009-3844
...
git-svn-id: file:///home/svn/framework3/trunk@8078 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:01:08 +00:00
Joshua Drake
3a9b384554
renamed the moduled
...
git-svn-id: file:///home/svn/framework3/trunk@8077 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 19:29:11 +00:00
Joshua Drake
4a0051d93a
lots of updates, preparing to split into two modules
...
git-svn-id: file:///home/svn/framework3/trunk@8076 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 19:28:19 +00:00
Steve Tornio
888b7637c0
Add OSVDB ref, fixed exploit-db refs
...
git-svn-id: file:///home/svn/framework3/trunk@8071 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 11:49:12 +00:00
Joshua Drake
905d391d5e
add exploit module for bigant 2.52 usv bug
...
git-svn-id: file:///home/svn/framework3/trunk@8070 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 08:24:35 +00:00
Joshua Drake
efb3dbb2af
minor tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@8069 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 00:35:46 +00:00
Joshua Drake
789d875d24
record addr for stack hijacking
...
git-svn-id: file:///home/svn/framework3/trunk@8068 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 00:02:15 +00:00
Joshua Drake
9a9c92d785
added description, sql2ksp3 target, minor reliability improvement
...
git-svn-id: file:///home/svn/framework3/trunk@8067 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-04 22:07:03 +00:00
Steve Tornio
c62e314ac4
Add OSVDB ref
...
git-svn-id: file:///home/svn/framework3/trunk@8063 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-04 13:02:18 +00:00
Mario Ceballos
1239ce132e
added exploit module nettransport.rb from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@8062 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-03 16:07:54 +00:00
Joshua Drake
bb07ea9854
many updates, now supporting two diff techniques
...
git-svn-id: file:///home/svn/framework3/trunk@8061 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-03 08:10:28 +00:00
James Lee
3c6cbbc47e
make sure IE service packs don't throw off the version comparison
...
git-svn-id: file:///home/svn/framework3/trunk@8049 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 21:24:00 +00:00
Joshua Drake
e2a0ff92ce
add check and auto-target selection
...
git-svn-id: file:///home/svn/framework3/trunk@8048 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 16:26:32 +00:00
Steve Tornio
64e524545e
Update OSVDB ref
...
git-svn-id: file:///home/svn/framework3/trunk@8045 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 13:30:35 +00:00
Joshua Drake
23d7f53f3a
add exploit module for cve-2008-5416
...
git-svn-id: file:///home/svn/framework3/trunk@8044 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 05:18:55 +00:00
Joshua Drake
2283e029db
crossing fingers, big cr removal batch
...
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-30 22:24:22 +00:00
Joshua Drake
4827d81966
formatting fixes
...
git-svn-id: file:///home/svn/framework3/trunk@8029 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-30 00:48:16 +00:00
Joshua Drake
57fd341f4a
added auto targeting, XPSP1 target, updated 2ksp4 target, notes, description
...
git-svn-id: file:///home/svn/framework3/trunk@8023 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-29 19:22:43 +00:00
HD Moore
922cef26fa
Store the domain name in the SMB client object, along with other fields provided by NTLMSSP responses. Show the domain name and netbios name in the version scanner. Update MS06-070 to remove the default target, use the domain name from the server response, and use a more reliable return address for 2000 SP4.
...
git-svn-id: file:///home/svn/framework3/trunk@8022 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-29 14:00:49 +00:00
Joshua Drake
6170998ba3
add exploit module for cve-2006-4691
...
git-svn-id: file:///home/svn/framework3/trunk@8021 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-29 05:13:57 +00:00
Joshua Drake
1f2c1e7866
corrected cve, removed cr's, added keywords
...
git-svn-id: file:///home/svn/framework3/trunk@8012 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 21:12:11 +00:00
Joshua Drake
45a9d50d0d
add exploit module for CVE-2008-4193
...
git-svn-id: file:///home/svn/framework3/trunk@8010 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 20:38:50 +00:00
HD Moore
364880fb4d
Bump the session wait to 10 seconds
...
git-svn-id: file:///home/svn/framework3/trunk@8004 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 14:27:33 +00:00
Steve Tornio
5ac485eb48
Add OSVDB reference
...
git-svn-id: file:///home/svn/framework3/trunk@8002 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 12:33:40 +00:00
HD Moore
4728a29bae
Two new modules from dijital1
...
git-svn-id: file:///home/svn/framework3/trunk@8000 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 04:36:25 +00:00
HD Moore
16062eed2d
Holiday present from EgiX
...
git-svn-id: file:///home/svn/framework3/trunk@7989 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-26 18:50:44 +00:00
HD Moore
d0969746a4
Mostly cosmetic changes from local tree
...
git-svn-id: file:///home/svn/framework3/trunk@7970 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-26 03:31:20 +00:00
HD Moore
87176f9591
Correct a syntax error in adobe_u3d_meshdecl
...
git-svn-id: file:///home/svn/framework3/trunk@7959 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-23 12:50:55 +00:00
HD Moore
92c703ba6f
Wait a second before deleting the file, catch an exception on delete, combined these reduce some of the issues around psexec
...
git-svn-id: file:///home/svn/framework3/trunk@7954 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-23 04:02:59 +00:00
James Lee
b933f49ec3
this exploit always uses an exe, so default EXITFUNC to process so we don't leave processes lying around
...
git-svn-id: file:///home/svn/framework3/trunk@7950 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-23 01:29:16 +00:00
Joshua Drake
1e6c9bef74
fix uri for check/detect
...
git-svn-id: file:///home/svn/framework3/trunk@7942 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 23:10:38 +00:00
Joshua Drake
6219116ebf
removed exit calls
...
git-svn-id: file:///home/svn/framework3/trunk@7940 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 23:03:03 +00:00
Joshua Drake
d0098095a4
hopefully resolved some hang issues
...
git-svn-id: file:///home/svn/framework3/trunk@7939 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 22:57:36 +00:00
Joshua Drake
9afb67aa5f
removed exit call
...
git-svn-id: file:///home/svn/framework3/trunk@7936 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 22:10:18 +00:00
Joshua Drake
5830e359b6
corrected "privileged" flag
...
git-svn-id: file:///home/svn/framework3/trunk@7932 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 18:18:18 +00:00
Joshua Drake
19d32b6c97
add jabra to author list
...
git-svn-id: file:///home/svn/framework3/trunk@7931 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 17:01:12 +00:00
Steve Tornio
544efd879b
Add OSVDB references
...
git-svn-id: file:///home/svn/framework3/trunk@7929 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 11:53:20 +00:00
Joshua Drake
47ef693b77
add CVE references!
...
git-svn-id: file:///home/svn/framework3/trunk@7928 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 09:38:42 +00:00
Joshua Drake
86dc8da1bb
bump ranking up
...
git-svn-id: file:///home/svn/framework3/trunk@7927 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 07:56:48 +00:00
Joshua Drake
4b883322f5
moved length adjustment
...
git-svn-id: file:///home/svn/framework3/trunk@7926 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-20 22:45:33 +00:00
Joshua Drake
3767b6be7a
add exploit module for cve-2008-4828
...
git-svn-id: file:///home/svn/framework3/trunk@7925 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-20 22:40:14 +00:00
Joshua Drake
6f243f6515
add exploit module for cve-2009-3853
...
git-svn-id: file:///home/svn/framework3/trunk@7924 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-20 11:09:39 +00:00
Joshua Drake
6a1f43b3df
rename again :)
...
git-svn-id: file:///home/svn/framework3/trunk@7920 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:09:03 +00:00
Joshua Drake
7ef085f9b2
resolved conflict, attempt #2 to rename
...
git-svn-id: file:///home/svn/framework3/trunk@7919 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:08:41 +00:00
Joshua Drake
8f7c820ac9
renamed module
...
git-svn-id: file:///home/svn/framework3/trunk@7918 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:04:03 +00:00
HD Moore
be42efdd1b
Update the PDF modules to work on a wider range of versions
...
git-svn-id: file:///home/svn/framework3/trunk@7917 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:02:32 +00:00
Mario Ceballos
de84d7e989
updated badchars and removed alphnumeric encoding.
...
git-svn-id: file:///home/svn/framework3/trunk@7916 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 00:08:32 +00:00
James Lee
82d84605e4
advisory says it should work against 5.5, but this module causes js syntax errors, so only run it on 6
...
git-svn-id: file:///home/svn/framework3/trunk@7914 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-18 19:38:52 +00:00
Joshua Drake
c8495272a8
add exploit module for cve-2009-3214
...
git-svn-id: file:///home/svn/framework3/trunk@7911 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-18 00:19:04 +00:00
Joshua Drake
442bbe9e14
language cleanup
...
git-svn-id: file:///home/svn/framework3/trunk@7910 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 23:02:01 +00:00
HD Moore
f2ec7795e2
Reliability improvement for the Acrobat bug - use the lame old 0x0c0c0c0c, but this works on the widest range of versions
...
git-svn-id: file:///home/svn/framework3/trunk@7907 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 14:43:05 +00:00
HD Moore
80fa601a2c
Fixes #667 . Automigrates this to avoid timer
...
git-svn-id: file:///home/svn/framework3/trunk@7905 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 06:02:34 +00:00
Joshua Drake
026924c9b6
fixed sync issues between browser/fileformat modules
...
git-svn-id: file:///home/svn/framework3/trunk@7902 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:19:30 +00:00
Joshua Drake
2baa4a1efa
port changes from Lurene to browser version
...
git-svn-id: file:///home/svn/framework3/trunk@7901 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:16:35 +00:00
Joshua Drake
aef9a5c7b2
re-commit of changes from r7892
...
git-svn-id: file:///home/svn/framework3/trunk@7900 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:11:45 +00:00
HD Moore
d0a37bd506
Fix tab indentations
...
git-svn-id: file:///home/svn/framework3/trunk@7898 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 04:00:00 +00:00
pusscat
0fa275b53b
Cleanups
...
Allow arbitrary (non-unicode) targets
git-svn-id: file:///home/svn/framework3/trunk@7895 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-16 21:44:18 +00:00
Joshua Drake
e563e91d35
added browser versions of yesterdays adobe pdf exploits from jabra
...
git-svn-id: file:///home/svn/framework3/trunk@7894 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-16 20:37:57 +00:00
Joshua Drake
9a6839e412
add exploit module for cve-2009-2459
...
git-svn-id: file:///home/svn/framework3/trunk@7893 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-16 03:32:44 +00:00
Joshua Drake
82dc3eb3bf
added reference, couple of test results
...
git-svn-id: file:///home/svn/framework3/trunk@7892 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-16 00:14:47 +00:00
Joshua Drake
191e98dc54
changed module name
...
git-svn-id: file:///home/svn/framework3/trunk@7890 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 23:17:24 +00:00
Joshua Drake
1875e86f7a
remove executable bit
...
git-svn-id: file:///home/svn/framework3/trunk@7889 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 23:14:15 +00:00
Joshua Drake
d9aca586a2
tested against 9.1.0
...
git-svn-id: file:///home/svn/framework3/trunk@7888 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 23:12:08 +00:00
Steve Tornio
3677711cb0
adding OSVDB ref
...
git-svn-id: file:///home/svn/framework3/trunk@7882 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 20:34:01 +00:00
Joshua Drake
7b34f7b0f2
add exploit module for cve-2009-4324
...
git-svn-id: file:///home/svn/framework3/trunk@7881 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 20:15:08 +00:00
James Lee
2570fcee15
get rid of some more ^Ms
...
git-svn-id: file:///home/svn/framework3/trunk@7880 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:47:29 +00:00
James Lee
196ee82179
bye-bye crlf
...
git-svn-id: file:///home/svn/framework3/trunk@7878 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:13:27 +00:00
Joshua Drake
f3a0bbc6d6
rename to make a bit more sense
...
git-svn-id: file:///home/svn/framework3/trunk@7875 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 06:05:30 +00:00
Joshua Drake
2c88e2eb62
rename to make a bit more sense
...
git-svn-id: file:///home/svn/framework3/trunk@7874 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 05:41:29 +00:00
Joshua Drake
d5eb4d8217
add svn:keywords property
...
git-svn-id: file:///home/svn/framework3/trunk@7869 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 02:08:43 +00:00
Joshua Drake
8a95baa810
add exploit module for cve-2008-1697 from bannedit/muts
...
git-svn-id: file:///home/svn/framework3/trunk@7868 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 00:32:42 +00:00
Joshua Drake
1813a0fb9a
updated technique
...
git-svn-id: file:///home/svn/framework3/trunk@7867 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 00:32:07 +00:00
Mario Ceballos
c799df8559
target is no good. offsets change on different installs.
...
git-svn-id: file:///home/svn/framework3/trunk@7864 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 23:07:21 +00:00
Joshua Drake
88b9ee18af
clarified some version info
...
git-svn-id: file:///home/svn/framework3/trunk@7863 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 23:01:34 +00:00
Joshua Drake
c831cda3f5
milworm/exploitdb 9277 only covers m3u and mpf, not pls
...
git-svn-id: file:///home/svn/framework3/trunk@7862 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 22:59:32 +00:00
Joshua Drake
8317b69aca
corrected disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@7860 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 22:44:37 +00:00
Joshua Drake
2524840348
renamed, new targets, now using seh...
...
git-svn-id: file:///home/svn/framework3/trunk@7859 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 22:40:56 +00:00
Steve Tornio
1dc2c41837
added OSVDB and exploit-db refs
...
git-svn-id: file:///home/svn/framework3/trunk@7858 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 22:29:10 +00:00
Joshua Drake
4d645796af
add exploit module from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@7856 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 21:27:43 +00:00
HD Moore
837c70715d
Reference updates from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7854 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 20:09:46 +00:00
Joshua Drake
ef0d86720a
updated description, added xp sp2+sp3 target, see #687
...
git-svn-id: file:///home/svn/framework3/trunk@7853 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 19:04:40 +00:00
HD Moore
e02f62e3aa
Switch to a return address that also works on SP0
...
git-svn-id: file:///home/svn/framework3/trunk@7849 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 17:14:08 +00:00
Mario Ceballos
ea0a1eea7d
add ranking...
...
git-svn-id: file:///home/svn/framework3/trunk@7833 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-12 20:14:24 +00:00
Mario Ceballos
002b043d4c
added exploit module hp_nnm_snmp.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7832 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-12 20:06:14 +00:00
Joshua Drake
5f65d6bb32
properly commit references from Steve Tornio :)
...
git-svn-id: file:///home/svn/framework3/trunk@7828 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-11 21:24:18 +00:00
Joshua Drake
740fd67b74
add OSVDB reference from Steven Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7826 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-11 20:41:37 +00:00
Mario Ceballos
3ac51c7396
added exploit module symantec_altirisdeployment_runcmd.rb.
...
git-svn-id: file:///home/svn/framework3/trunk@7821 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-11 02:36:01 +00:00
Joshua Drake
95f9c1dacf
note file version
...
git-svn-id: file:///home/svn/framework3/trunk@7820 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 23:23:16 +00:00
Joshua Drake
dea639229b
rank exploit
...
git-svn-id: file:///home/svn/framework3/trunk@7819 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 23:20:36 +00:00
Joshua Drake
18f96c3395
add exploit module for xenorate bof
...
git-svn-id: file:///home/svn/framework3/trunk@7818 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 23:19:44 +00:00
Joshua Drake
fc8a2b2a2e
add exploit module for audio workstation from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@7814 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 20:46:53 +00:00
Joshua Drake
fb1a8a8283
add exploit module for audio workstation from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@7813 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 20:46:34 +00:00
Joshua Drake
e724ceaf33
add exploit for gAlan from loneferret
...
git-svn-id: file:///home/svn/framework3/trunk@7812 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 20:41:40 +00:00
Joshua Drake
076c8d92ea
clarification
...
git-svn-id: file:///home/svn/framework3/trunk@7811 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 20:31:34 +00:00
Joshua Drake
9eb6063448
hopefully an improvement in reliability
...
git-svn-id: file:///home/svn/framework3/trunk@7810 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 20:28:32 +00:00
Joshua Drake
21cbb87fac
fixup whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@7804 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 18:07:16 +00:00
Joshua Drake
d8a4926a22
add framework tag comments to top
...
git-svn-id: file:///home/svn/framework3/trunk@7803 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 17:35:40 +00:00
Joshua Drake
11bbbbd38f
add exploit module for cve-2009-3837 from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@7802 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 17:34:58 +00:00
Joshua Drake
6c98f3c03d
add exploit module for cve-2009-1394
...
git-svn-id: file:///home/svn/framework3/trunk@7797 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 08:24:37 +00:00
HD Moore
3c08bc0c80
Rename and reference update from the microsoft patch
...
git-svn-id: file:///home/svn/framework3/trunk@7775 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 15:06:26 +00:00
Joshua Drake
4bcc8a93a3
attempt to improve reliability of u3d pdf exploits
...
git-svn-id: file:///home/svn/framework3/trunk@7762 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 22:08:32 +00:00
Joshua Drake
87c85b5176
removed executable generation routines from Rex::Text (use Msf::Util::EXE), Fixes #660
...
git-svn-id: file:///home/svn/framework3/trunk@7760 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 21:24:45 +00:00
Joshua Drake
9b4f521df5
two more similar exploit modules, cleaned up naming
...
git-svn-id: file:///home/svn/framework3/trunk@7759 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 20:20:30 +00:00
Joshua Drake
9da59988a6
updated disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@7758 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 20:10:17 +00:00
Joshua Drake
5995ddca97
reduce ranking due to egghunter instability
...
git-svn-id: file:///home/svn/framework3/trunk@7757 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 19:53:11 +00:00
Joshua Drake
cb5d02af20
remove debug code
...
git-svn-id: file:///home/svn/framework3/trunk@7756 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 19:52:15 +00:00
Joshua Drake
6ae2293a79
add exploit module for cve-2009-0133
...
git-svn-id: file:///home/svn/framework3/trunk@7755 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 19:50:21 +00:00
Joshua Drake
bfa405cb2b
add exploit module for cve-2009-0133
...
git-svn-id: file:///home/svn/framework3/trunk@7754 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 19:50:00 +00:00
Joshua Drake
d86bfedc3e
osvdb reference from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7752 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 16:29:53 +00:00
Joshua Drake
0961ce3523
add exploit module for cve-2009-3693
...
git-svn-id: file:///home/svn/framework3/trunk@7749 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 03:08:46 +00:00
Joshua Drake
2dfcd26370
oops, dupe of auxiliary/admin/symantec/cba_exec.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7745 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 21:28:53 +00:00
Joshua Drake
cb6fbe8894
add exploit module for cve-2009-1429
...
git-svn-id: file:///home/svn/framework3/trunk@7744 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 20:39:00 +00:00
Joshua Drake
e04a491905
updated references
...
git-svn-id: file:///home/svn/framework3/trunk@7743 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 20:26:43 +00:00
Joshua Drake
ce42156e38
minor tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@7742 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 20:24:30 +00:00
Joshua Drake
f6d491a996
add exploit module from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@7741 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 20:24:12 +00:00
Joshua Drake
90342d0fa0
add exploit module from dookie
...
git-svn-id: file:///home/svn/framework3/trunk@7740 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 20:21:25 +00:00
Joshua Drake
ff83f1cd2f
add ranking to every exploit module, pfew!
...
git-svn-id: file:///home/svn/framework3/trunk@7724 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:50:37 +00:00
Joshua Drake
2cf9c3ce2b
revision fixups
...
git-svn-id: file:///home/svn/framework3/trunk@7723 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:16:11 +00:00
Joshua Drake
17249f29d3
cve roulette also cve-2009-4054
...
git-svn-id: file:///home/svn/framework3/trunk@7722 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:00:06 +00:00
Joshua Drake
576d55f821
added some missing CVE references
...
git-svn-id: file:///home/svn/framework3/trunk@7719 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 02:30:42 +00:00
Joshua Drake
d93be3e873
typo in description
...
git-svn-id: file:///home/svn/framework3/trunk@7702 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 18:46:45 +00:00
Joshua Drake
5c271db9b5
add OSVDB reference from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7695 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 15:52:20 +00:00
Mario Ceballos
80422f24c4
added exploit module ca_arcserve_342.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7690 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 02:55:00 +00:00
HD Moore
9ebcd40a4e
Updated references to work better with NeXpose integration
...
git-svn-id: file:///home/svn/framework3/trunk@7683 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 15:27:29 +00:00
Joshua Drake
b8302e6f61
changed default target
...
git-svn-id: file:///home/svn/framework3/trunk@7675 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 00:04:33 +00:00
Joshua Drake
b9a97f310e
fixed typo in targets
...
git-svn-id: file:///home/svn/framework3/trunk@7674 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 23:50:09 +00:00
Joshua Drake
267ed23223
this exploits an ssh server, moving to ssh dir
...
git-svn-id: file:///home/svn/framework3/trunk@7673 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 22:31:13 +00:00
Joshua Drake
dcc05c7494
typo fix
...
git-svn-id: file:///home/svn/framework3/trunk@7672 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 21:06:36 +00:00
Mario Ceballos
faa27f93b9
updated with the bid id
...
git-svn-id: file:///home/svn/framework3/trunk@7669 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 12:20:40 +00:00
Joshua Drake
b48e5d34e7
added svn keywords
...
git-svn-id: file:///home/svn/framework3/trunk@7660 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 20:36:55 +00:00
HD Moore
b0403cfde2
OSVDB references from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7658 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 16:44:25 +00:00
Joshua Drake
38d04631e6
recorded some additional test results
...
git-svn-id: file:///home/svn/framework3/trunk@7657 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 16:42:58 +00:00
Joshua Drake
ec45ea8c22
minor cleanups, removed 0day text, Fixes #573
...
git-svn-id: file:///home/svn/framework3/trunk@7646 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-30 18:42:00 +00:00
Mario Ceballos
09cb98678f
added exploit module intersystems_cache.rb
...
git-svn-id: file:///home/svn/framework3/trunk@7631 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-28 15:26:21 +00:00
Joshua Drake
623f3b88ec
minor cleanups, fixed u3d_pad function
...
git-svn-id: file:///home/svn/framework3/trunk@7626 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 06:21:39 +00:00
Joshua Drake
8e8a52fe26
removed meta data, randomized mesh name
...
git-svn-id: file:///home/svn/framework3/trunk@7624 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 04:42:42 +00:00
Joshua Drake
dd713f96de
broke up u3d data a bit, first pass
...
git-svn-id: file:///home/svn/framework3/trunk@7619 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 00:34:22 +00:00
Joshua Drake
f88dee904a
add exploit module for cve-2009-2994
...
git-svn-id: file:///home/svn/framework3/trunk@7617 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 22:24:10 +00:00
HD Moore
927563c135
Correct some assumptions about client-side exploit signature development, remove the prepend since we dont use .net anymore
...
git-svn-id: file:///home/svn/framework3/trunk@7616 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 21:18:26 +00:00
Joshua Drake
e3a1a7958e
cleaned up the descriptions
...
git-svn-id: file:///home/svn/framework3/trunk@7615 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 20:05:18 +00:00
Joshua Drake
a4dd52543c
removed .net dll bypass, recorded some crash addresses
...
git-svn-id: file:///home/svn/framework3/trunk@7614 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 19:39:15 +00:00
James Lee
00eaff0550
stupid ruby string differences
...
git-svn-id: file:///home/svn/framework3/trunk@7611 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 17:16:45 +00:00
HD Moore
0c19f50718
Fix broken .NET method
...
git-svn-id: file:///home/svn/framework3/trunk@7610 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 17:11:38 +00:00
Joshua Drake
f733856974
add exploit module for cve-2009-3762
...
git-svn-id: file:///home/svn/framework3/trunk@7609 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 07:25:04 +00:00
James Lee
f516edacfb
only works on ie7
...
git-svn-id: file:///home/svn/framework3/trunk@7603 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 02:14:40 +00:00
James Lee
c45c15cd29
add autopwn info
...
git-svn-id: file:///home/svn/framework3/trunk@7599 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 23:50:08 +00:00
Patrick Webster
796e8cdfc3
Ported hdm's exchange2000_xexch50 module to version 3.
...
git-svn-id: file:///home/svn/framework3/trunk@7592 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 07:11:12 +00:00
James Lee
99319d2a55
don't unintentionally create a UNC path. see #558
...
git-svn-id: file:///home/svn/framework3/trunk@7591 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 06:23:03 +00:00
James Lee
4a912e7c0c
don't inadvertantly create a UNC path. see #558
...
git-svn-id: file:///home/svn/framework3/trunk@7590 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 06:02:21 +00:00
James Lee
7490e4c4a8
use an absolute uri to the evil gif. fixes #558 . we probably ought to have a method for doing this since it seems to be a fairly common problem.
...
git-svn-id: file:///home/svn/framework3/trunk@7589 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 05:44:21 +00:00
Patrick Webster
f2d998d514
Added check support.
...
git-svn-id: file:///home/svn/framework3/trunk@7585 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-23 07:37:54 +00:00
Joshua Drake
5dbd32cd98
added japanese target from TomokiSanaki
...
git-svn-id: file:///home/svn/framework3/trunk@7578 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:09:59 +00:00
Joshua Drake
b9939a836f
fixed PDF header (oops)
...
git-svn-id: file:///home/svn/framework3/trunk@7577 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:01:11 +00:00
Joshua Drake
b54a7aa1d3
confirmed SEH target works on Windows XP SP3
...
git-svn-id: file:///home/svn/framework3/trunk@7576 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-21 17:44:09 +00:00
Joshua Drake
e5796f5b3b
changed address to 0x0a0a0a0a
...
tested against various reader versions
removed pdf version randomization
git-svn-id: file:///home/svn/framework3/trunk@7570 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 05:56:03 +00:00
Joshua Drake
f767129e61
fixed some typos, thx mubix!
...
git-svn-id: file:///home/svn/framework3/trunk@7569 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 03:36:02 +00:00
Joshua Drake
106350ac97
Stop randomizing the module version, it breaks Acrobat 9
...
git-svn-id: file:///home/svn/framework3/trunk@7568 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 17:39:37 +00:00
Joshua Drake
5bbbafefa2
osvdb reference update from Steve Tornio
...
git-svn-id: file:///home/svn/framework3/trunk@7565 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 04:16:10 +00:00
Joshua Drake
c2bcad1f4c
add exploit http version
...
git-svn-id: file:///home/svn/framework3/trunk@7563 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 02:29:37 +00:00
Joshua Drake
82706981de
dynamically get ip address length
...
git-svn-id: file:///home/svn/framework3/trunk@7561 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 00:49:20 +00:00
Joshua Drake
31e9d9929c
add exploit module for another 0day
...
git-svn-id: file:///home/svn/framework3/trunk@7560 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 23:54:26 +00:00