196e1b7f70
Update title & description to match what ZDI has.
...
ZDI publishes a new advisory that's closer to what we actually
see in a debugger. So we update the reference, as well as the
description + title to better match up theirs.
2012-06-29 11:10:28 -05:00
19b6ebbfbf
Merge branch 'apple_quicktime_texml_zdi' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-apple_quicktime_texml_zdi
2012-06-29 10:59:11 -05:00
0e87238e58
Space space
2012-06-29 10:56:12 -05:00
c79312547a
Added module for CVE-2012-0124
2012-06-29 17:50:21 +02:00
5efb459616
updated zdi reference
2012-06-29 16:36:11 +02:00
e5dd6fc672
Update milw0rm references.
...
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links. Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
7c9a8ba699
Add OSVDB reference
2012-06-28 02:09:12 -05:00
cf9a6d58cc
Update missing OSVDB ref
2012-06-28 00:44:01 -05:00
f63a3959e0
Update web app module references
2012-06-28 00:37:37 -05:00
869aec5e3e
Update CVE/OSVDB/Milw0rm references for browser modules
2012-06-28 00:26:20 -05:00
7dcdd205bb
Update CVEs for fileformat exploits
2012-06-28 00:21:03 -05:00
b83c02d8e3
Update CVE reference
2012-06-28 00:06:41 -05:00
d85ce8db5c
Update CVEs for HTTP exploits
2012-06-28 00:00:53 -05:00
e8102284ff
Add missing CVEs for misc exploit modules
2012-06-27 22:17:34 -05:00
f5faccfa07
Add missing CVEs for SCADA modules
2012-06-27 22:10:24 -05:00
e605a35433
Make sure the check func is always returning the same data type
2012-06-27 17:07:55 -05:00
cb1af5ab79
Final cleanup
2012-06-27 16:57:04 -05:00
73360dfae3
minor fixes
2012-06-27 23:38:52 +02:00
245205c6c9
changes on openfire_auth_bypass
2012-06-27 23:15:40 +02:00
6ec990ed85
Merge branch 'Openfire-auth-bypass' of https://github.com/h0ng10/metasploit-framework into h0ng10-Openfire-auth-bypass
2012-06-27 23:09:26 +02:00
2f733ff8b9
Add CVE-2012-0663 Apple QuickTime TeXML Exploit
2012-06-27 14:41:45 -05:00
94e28933c8
Whitespace fixes. msftidy.rb yall
2012-06-27 10:06:15 -05:00
9ea6d84a7a
Make it clear the exploit doesn't like certain PDF formats
...
If the exploit cannot fetch certain xref fields, we warn the user
we don't like their PDF, and recommend them to try a different
one.
2012-06-26 16:32:10 -05:00
6cc8390da9
Module rewrite, included Java support, direct upload, plugin deletion
2012-06-26 11:56:44 -04:00
b966dda980
Update missing CVE reference
2012-06-26 01:26:09 -05:00
8f355554c8
Update missing CVE reference
2012-06-26 01:21:24 -05:00
0d7b6d4053
Update missing CVE reference
2012-06-26 01:20:28 -05:00
c7935e0e99
Update OSVDB reference
2012-06-26 01:18:25 -05:00
9980c8f416
Add rh0's analysis
2012-06-25 21:32:45 -05:00
7698b2994d
Correct OSVDB typo
2012-06-25 18:32:35 -05:00
8927c8ae57
Make it more verbose, and do some exception handling for cleanup
2012-06-25 17:27:33 -05:00
7b0f3383d2
delete default credentials
2012-06-25 23:53:56 +02:00
7dc1a572e5
trying to fix serialization issues
2012-06-25 23:25:38 +02:00
4c453f9b87
Added module for CVE-2012-0694
2012-06-25 17:21:03 +02:00
807f7729f0
Merge branch 'master' into feature/vuln-info
2012-06-25 10:10:20 -05:00
5d2655b0ce
add osvdb ref
2012-06-25 09:00:03 -05:00
348a0b8f6e
Merge branch 'master' into feature/vuln-info
2012-06-24 23:00:13 -05:00
c28d47dc70
Take into account an integer-normalized datastore
2012-06-24 23:00:02 -05:00
e31a09203d
Take into account an integer-normalized datastore
2012-06-24 22:59:14 -05:00
65197e79e2
added Exploit for CVE-2008-6508 (Openfire Auth bypass)
2012-06-24 07:35:38 -04:00
e805675c1f
Add Apple iTunes 10 Extended M3U Stack Buffer Overflow
...
New exploit against Apple iTunes. Note that this appears to be
different than liquidworm's CVE-2012-0677, because this one is
a stack-based buffer overflow, while CVE-2012-0677 is heap-based,
and a different crash/backtrace. However, according to Rh0, this
bug is patched anyway in the same update... possibly a silent
patch.
As of now, there seems to be no CVE or OSVDB addressing this
particular bug.
2012-06-24 02:01:34 -05:00
6913440d67
More progress on syscall wrappers
...
Something is still broken, my socket() is returning EAFNOSUPPORT whereas
what looks like the same syscall in wunderbar_emporium's exploit.c is
returning a socket. Similarly, my __mmap2() is returning EFAULT when
trying to map anything, not just NULL.
2012-06-22 17:45:49 -06:00
d708f2526c
Adding ref for APSB12-09 to new Flash sploit
2012-06-22 17:30:52 -05:00
72ef8c91f0
module for CVE-2012-0779 added
2012-06-23 00:21:18 +02:00
315a1707e7
also new version v2.07.16 is vulnerable
2012-06-22 13:18:45 +02:00
fd8b1636b9
Add the first bits of a sock_sendpage exploit
...
This can currently build an executable that creates a socket, opens a
temporary file, truncates that file with ftruncate(2) and calls
sendfile. Still needs to mmap NULL and figure out ring0 shellcode.
Baby steps.
2012-06-22 00:03:29 -06:00
815d80a2cc
Merge branch 'rapid7' into omg-post-exploits
2012-06-21 17:02:55 -06:00
9d52ecfbb6
Fix a few mistakes (typos & reference)
2012-06-21 02:32:04 -05:00
6be7ba98aa
ezserver_http: added bid reference
2012-06-20 22:08:58 +02:00
f7ecc98923
Merge branch 'master' into feature/vuln-info
2012-06-20 13:34:53 -05:00
beb8e33fc4
Fix a typo
2012-06-20 09:53:09 -05:00
efaf5cf193
Oops, I found a typo.
2012-06-19 22:57:45 -05:00
9a9dd53e86
Use get_resource() instead of the hard-coded path
2012-06-19 22:56:25 -05:00
79fc053a2e
Merge branch 'module-CVE-2011-2110' of https://github.com/mrmee/metasploit-framework into mrmee-module-CVE-2011-2110
2012-06-19 22:05:07 -05:00
fcf42d3e7b
added adobe flashplayer array indexing exploit (CVE-2011-2110)
2012-06-20 12:52:37 +10:00
d40e39b71b
Additional exploit fail_with() changes to remove raise calls
2012-06-19 19:43:41 -05:00
664458ec45
No more crap :/
2012-06-19 19:43:29 -05:00
a93eeca68d
msxml_get_definition_code_exec: added support for ie9
2012-06-20 00:17:50 +02:00
3b1c434252
Remove trailing space
2012-06-19 16:44:07 -05:00
fb7f6b49f0
This mega-diff adds better error classification to existing modules
2012-06-19 12:59:15 -05:00
f7a85f3f9d
Make it clear that this works on Vista SP2
2012-06-18 20:13:37 -05:00
4739affd54
Fix the comment as well
2012-06-18 19:57:56 -05:00
bd0fd8195d
Add compatibility for Vista SP2 from troulouliou
2012-06-18 19:55:52 -05:00
4987acc703
Correct e-mail format, description, and some commas.
2012-06-18 18:52:26 -05:00
af8cb03d1b
Merge branch 'distcc-add-check' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-distcc-add-check
2012-06-18 18:33:21 -05:00
29887272a9
Correct the description to mention IE8 on Windows 7
2012-06-18 18:14:59 -05:00
2df237b066
minor fixes
2012-06-18 22:44:17 +02:00
10bd72f3a1
Merge pull request #500 from modpr0be/module-ezserver
...
added ezserver <=6.4.017 bof for winxp sp3
2012-06-18 13:42:35 -07:00
96c16a498a
Add a check for distcc_exec
...
Just executes the exploit with an "echo <random>" payload to see if it
works.
2012-06-18 14:34:02 -06:00
d706199a83
fix all changes suggested by jvazquez-r7
2012-06-19 02:05:25 +07:00
256290c206
Additional changes
2012-06-18 10:49:16 -05:00
50269c910a
Add IE 8 targets
2012-06-18 10:44:52 -05:00
931f24b380
Merge branch 'php_apache_request_headers_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-php_apache_request_headers_bof
2012-06-16 14:56:45 -05:00
a8a4594cd4
Documenting esi alignment plus using target_uri.to_s
2012-06-16 09:26:22 +02:00
7eebc671ba
Put the curly braces back and drop a comma
...
The curly braces make extra commas at the end ok in 1.8. So fe39642e
2012-06-16 01:17:33 -06:00
424948a358
Fix title
2012-06-16 01:48:00 -05:00
38926fb97c
Description and name change
2012-06-15 20:11:34 -05:00
c676708564
BrowserAutopwn info completed
2012-06-16 02:26:33 +02:00
ce241b7e80
BrowserAutopwn info completed
2012-06-16 02:18:01 +02:00
495ed2e434
BrowserAutopwn info added
2012-06-16 02:14:24 +02:00
8a89968a1d
Added module for CVE-2012-1889
2012-06-16 01:50:25 +02:00
fe39642e27
Dropping extra curly braces on f5 module
...
Also dropping extra whitespace.
2012-06-15 12:23:34 -05:00
80a0b4767a
add osvdb ref
2012-06-15 09:02:31 -05:00
1d121071f3
Prepend nops to raw payload in encoder if needed
2012-06-15 09:59:10 +02:00
80d46580ec
One last minor change for metadata format
2012-06-14 21:48:24 -05:00
82799f2601
Some final touchup
...
This commit includes the following changes:
* Description change
* Additional references
* More testing
* Format change
* Other minor stuff
2012-06-14 21:46:38 -05:00
75a67d7160
Merge branch 'module-tfm_mmplayer' of https://github.com/bcoles/metasploit-framework into bcoles-module-tfm_mmplayer
2012-06-14 21:14:29 -05:00
091b3bbbd9
Added module plus encoder for CVE-2012-2329
2012-06-15 00:29:52 +02:00
fb67fe9161
Merge branch 'mrmee-cmdsnd_ftp_exploit'
2012-06-14 14:19:56 -05:00
cde3c48765
Change title
2012-06-14 14:18:30 -05:00
b107025860
Correct typo. Also make use of random junks.
2012-06-14 14:17:57 -05:00
8e06babbba
Make msftidy happy
2012-06-14 14:16:07 -05:00
66e92d0200
Merge branch 'cmdsnd_ftp_exploit' of https://github.com/mrmee/metasploit-framework into mrmee-cmdsnd_ftp_exploit
2012-06-14 12:17:29 -05:00
c1685c44c3
Fix disclosure date
2012-06-14 10:03:49 -05:00
1cdf964719
A little change to the description
2012-06-14 10:03:15 -05:00
48ee81de29
Add CVE-2012-2915
2012-06-14 09:56:01 -05:00
940f904dee
Changed date format to new DisclosureDate format. Removed two redundant spaces. Now passes msftidy.
2012-06-14 12:10:03 +09:30
a5fca47f56
updated windows XP SP3 pivot offset, please retest this
2012-06-14 10:31:17 +10:00
45eb531c23
Add Jun as an author for the initial discovery
2012-06-13 15:50:45 -05:00
7dc19bba16
Merge branch 'cmdsnd_ftp_exploit' of https://github.com/mrmee/metasploit-framework into mrmee-cmdsnd_ftp_exploit
2012-06-13 14:55:44 -05:00
15b674dab3
Language on MS12-005
2012-06-13 14:22:20 -05:00
99b9261294
Caps in title
2012-06-13 14:19:04 -05:00
ae59f03ac9
Fixing print message in snort module
2012-06-13 14:04:05 -05:00
559683f2a1
Fixing CRLFs on winlog_runtime_2
2012-06-13 13:59:39 -05:00
3cf4f7ab44
Fixing indents on msadc module
2012-06-13 13:59:38 -05:00
42ee2b5c02
Add alienvault.com reference
2012-06-13 12:19:51 -05:00
6abb7bb987
Added module for CVE-2012-1875 as exploited in the wild
2012-06-13 18:33:26 +02:00
209d6d20d1
comsnd ftp remote format string overflow exploit
2012-06-14 02:22:31 +10:00
1138290a64
Return nil when an error occurred
...
Avoids anti-pattern of testing for a specific class.
2012-06-13 09:41:20 -06:00
a2aaca5e85
Correct a fp with this exploit module (would always print success)
2012-06-13 10:38:05 -05:00
c39a42da3d
No need to alter time out
2012-06-12 23:58:20 -06:00
1fbe5742bd
Axe some copy-pasta
2012-06-12 23:58:20 -06:00
9f78a9e18e
Port ms10-092 to the new Exploit::Local format
2012-06-12 23:58:20 -06:00
0e8fb0fe98
Add a post-exploitation exploit for suid nmap
...
Tested on Ubuntu with nmap 6.00 and nmap 5.00
2012-06-12 23:58:20 -06:00
cde508af03
Merge branch 'jjarmoc-php_cgi_arg_injection'
2012-06-13 00:44:41 -05:00
a631e1fef1
Change the default state to make it work on Metasploitable by default
2012-06-13 00:43:59 -05:00
597726d433
Merge branch 'php_cgi_arg_injection' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-php_cgi_arg_injection
2012-06-13 00:40:02 -05:00
9756f87517
Added TFM MMPlayer (m3u/ppl File) Buffer Overflow module
2012-06-13 13:50:12 +09:30
bbfe0f8f49
" is 0x22, duh.
2012-06-12 20:00:28 -05:00
00aa8c0452
Add missing ExploitRank
2012-06-12 15:35:53 -05:00
4ea5712140
Add a timeout for wonky systems that hang during negotiation
2012-06-12 15:24:13 -05:00
12a28bd519
Fixed ruby 1.9 String Indexing issue, using Rex::Text.uri_encode
2012-06-12 14:59:06 -05:00
5775fa9e67
add osvdb ref
2012-06-12 14:53:55 -05:00
cc0f3632a8
Merge pull request #477 from jlee-r7/f5-priv
...
CVE-2012-1493 F5 known private key exploit module
2012-06-12 12:20:48 -07:00
a91085d6cd
Add a disclosure date and more detailed desc
2012-06-12 13:07:53 -06:00
11df90c98e
Call update_info
...
Not sure why all modules don't do this. Or none of them.
2012-06-12 13:01:36 -06:00
c564e9dcc4
Fix 1.8 compat error
...
Net::SSH expects +key_data+ to be an array of strings. Giving it just a
string works in 1.9 but not 1.8, presumably due to some errant use of
+each+.
2012-06-12 12:50:46 -06:00
539deabef5
Clean up title, options
2012-06-12 12:08:58 -06:00
85e1555e13
Payload compat to work with unix/interact
2012-06-12 11:46:21 -06:00
3d5417e574
Initial commit of F5 exploit
2012-06-12 11:37:22 -06:00
4ae786590a
php_wordpress_foxypress from patrick updated. Related to Pull Request #475
2012-06-12 17:39:05 +02:00
c3c9051014
Merge branch 'php_cgi_arg_injection' of https://github.com/jjarmoc/metasploit-framework into jjarmoc-php_cgi_arg_injection
2012-06-11 11:15:15 -05:00
02a5dff51f
struts_code_exec_exception_delegator_on_new_session: on_new_session modified
2012-06-11 12:07:38 +02:00
a43cf76591
Merge pull request #463 from schierlm/struts_arch_java
...
Add ARCH_JAVA support to struts_code_exec_exception_delegator
2012-06-11 03:05:37 -07:00
b908ccff0f
Added module for CVE-2012-0297
2012-06-10 22:38:58 +02:00
74c6eb6f78
Change the title and add a Microsoft reference.
...
This is a MS bug, therefore it's important to point out which
bulletin it belongs to.
2012-06-10 14:45:15 -05:00
efcb206cdf
Correct a typo
2012-06-10 14:38:14 -05:00
498f3323f3
Merge branch 'ms12_005' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms12_005
2012-06-10 01:53:46 -05:00
8f6457661d
Change description
2012-06-10 01:52:26 -05:00
4743c9fb33
Add MS12-005 (CVE-2012-0013) exploit
2012-06-10 01:08:28 -05:00
f0082ba38f
Added module for CVE-2012-0299
2012-06-09 22:27:27 +02:00
b4d33fb85a
Add ARCH_JAVA support to struts_code_exec_exception_delegator
2012-06-09 21:53:43 +02:00
a9ee2b3480
Use of make_nops
2012-06-08 19:20:58 +02:00
91f5f304cb
Added module for CVE-2011-2217
2012-06-08 18:10:20 +02:00
3726ddddac
Software name correction thanks to modpr0be
2012-06-08 07:07:19 -05:00
41d49ed553
Another badchar analysis. Allow shorter delay (5sec to 1)
2012-06-08 01:59:09 -05:00
e5b451c000
Too many tabs for the beginning of the description
2012-06-07 23:08:11 -05:00
520c0ca660
Make msftidy happy
2012-06-07 23:07:39 -05:00
61f5eddf47
Move winlog file
2012-06-07 23:03:30 -05:00
9adec7e7e7
Merge branch 'winlog-2.07.14' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-winlog-2.07.14
2012-06-07 23:02:23 -05:00
a709fe1fe3
Fix regex escaping thanks to w3bd3vil
2012-06-07 16:00:59 -05:00
1eb73dec38
Merge branch 'aushack-master'
2012-06-07 12:17:49 -05:00
42795fec00
Get rid of some whitespace
2012-06-07 12:17:25 -05:00
bd714017bb
samsung_neti_wiewer: add Space property for Payload
2012-06-07 16:00:36 +02:00
0e20d324b8
Added ms02_065_msadc exploit module.
2012-06-07 21:02:13 +10:00
2f3b1effb9
Added module for OSVDB 81453
2012-06-07 12:47:09 +02:00
28fe4c0be5
What's this break stuff?
...
"break" should be "return"
2012-06-06 11:21:35 -05:00
a54b14b192
Remove whitespace
2012-06-06 11:21:34 -05:00
c36ab97d41
Updated msadc exploit with fixes.
2012-06-06 11:21:34 -05:00
f25b828d31
Added exploit module msadc.rb
2012-06-06 11:21:34 -05:00
f4f023cbfb
add BID
2012-06-06 09:44:16 +02:00
462a91b005
Massive whitespace destruction
...
Remove tabs at the end of the line
2012-06-06 00:44:38 -05:00
3f0431cf51
Massive whitespace destruction
...
Remove whitespace found at the end of the line
2012-06-06 00:36:17 -05:00
f438e6c121
Remove the 'Rop' key because we don't really use it
2012-06-05 16:07:23 -05:00
f9651be88e
Merge branch 'ms11_093_ole32' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ms11_093_ole32
2012-06-05 15:44:13 -05:00
a3048c7ae8
Clear whitespace
2012-06-05 11:28:47 -05:00
a30f104ee6
Fix space on Authors
2012-06-05 18:23:57 +02:00
93741770e2
Added module for CVE-2011-3400
2012-06-05 18:21:55 +02:00
95d949e860
sleep and at
2012-06-05 18:08:46 +02:00
dc6b2f4205
merged unstable-modules/exploits/incomplete/linux/ids/snortdcerpc.rb with exploits/windows/ids/snort_dce_rpc.rb
2012-06-05 04:14:40 -07:00
d9c39d3798
Fix the rest of nil res from get_once
2012-06-04 17:26:15 -05:00
a071d2805e
Fix the rest of possible nil res bugs I've found
2012-06-04 14:56:27 -05:00
0acbd99e71
targets
2012-06-04 20:08:58 +02:00
08ff6c72b1
winlog_lite_2.07.14 initial commit
2012-06-04 17:24:01 +02:00
b53a1396fc
Use of TARGETURI
2012-06-03 22:36:23 +02:00
659b030269
Verbose messages cleanup
2012-06-03 22:29:31 +02:00
34f42bab17
Fix typo in the URI param
2012-06-03 22:14:13 +02:00
efe4136e5b
Added module for CVE-2012-0391
2012-06-03 22:08:31 +02:00
1817942aae
Merge branch 'logcms_writeinfo' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-logcms_writeinfo
2012-06-02 17:43:51 -05:00
7bb36bfbde
Fix typo thanks to juan
2012-06-02 16:57:53 -05:00
7e318e9787
Merge branch 'logcms_writeinfo' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-logcms_writeinfo
2012-06-02 14:14:56 -05:00
3752c10ccf
Adding FireFart's RPORT(80) cleanup
...
This was tested by creating a resource script to load every changed
module and displaying the options, like so:
````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````
...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.
Thanks FireFart!
Squashed commit of the following:
commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date: Fri May 25 22:09:42 2012 +0200
Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
59468846e3
Change filename
2012-06-02 01:51:20 -05:00
522991f351
Correct name
2012-06-02 01:49:43 -05:00
7fd3644b8b
Add CVE-2011-4825 module
2012-06-01 18:45:44 -05:00
ced5b9916e
Whitespace fix for script-fu module
...
This is really just to check the GitHub IRC bot thinger.
2012-06-01 12:24:52 -05:00
353d49d05b
Modify the description
2012-06-01 12:04:46 -05:00
abbd8c8cd5
Added module for CVE-2012-2763
2012-06-01 18:53:25 +02:00
4681ed1c1e
Whitespace, thanks msftidy.rb!
2012-05-31 18:18:27 -06:00
c463bd7c6d
Fixing description for citrix module
2012-05-31 16:37:35 -05:00
17e41b2e39
Fixing description for citrix module
2012-05-31 16:36:21 -05:00
a0b491355c
Merge pull request #436 from jvazquez-r7/citrix_streamprocess_get_footer
...
Added module for Citrix Provisioning Services 5.6 SP1
2012-05-31 14:35:22 -07:00
02a41afb2b
Fixing description for juan's Citrix module
2012-05-31 16:34:13 -05:00
00bb216927
Merge pull request #435 from jvazquez-r7/citrix_streamprocess_get_boot_record_request
...
Added module for Citrix Streamprocess Opcode 0x40020004 Buffer Overflow
2012-05-31 14:33:20 -07:00
47c5745673
Fixed name module
2012-05-31 23:23:11 +02:00
e324ed5251
Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffer Overflow
2012-05-31 23:21:43 +02:00
1c11b1b1b7
Added module for Citrix Streamprocess Opcode 0x40020002 Buffer Overflow
2012-05-31 23:17:38 +02:00
b5f5804d94
description updated
2012-05-31 23:14:25 +02:00
198070361b
Added module for ZDI-12-010
2012-05-31 22:45:55 +02:00
5105c1a4df
add osvdb ref
2012-05-31 08:49:58 -05:00
7e6c2f340e
Minor updates; added BID, fixed grammar
...
Modules should not refer to themselves in the first person unless they
are looking for Sarah Connor.
2012-05-30 16:16:41 -05:00
54e14014c3
Merge pull request #428 from wchen-r7/php_volunteer
...
Add PHP Volunteer Management System exploit
2012-05-30 09:33:32 -07:00
59ea8c9ab9
Print IP/Port for each message
2012-05-30 11:30:55 -05:00
43dffbe996
If we don't get a new file, we assume the upload failed. This is
...
possible when we actually don't have WRITE permission to the
'uploads/' directory.
2012-05-30 11:26:06 -05:00
efdcda55ef
Don't really care about the return value for the last send_request_raw
2012-05-30 11:00:31 -05:00
13ba51db34
Allow the login() function to be a little more verbose for debugging purposes
2012-05-30 10:56:59 -05:00
b81315790d
Add PHP Volunteer Management System exploit
2012-05-30 10:38:45 -05:00
54fb6d2f7a
Fixes unreal ircd race condition
...
Handler would exit before finishing staging
2012-05-29 17:16:07 -05:00
065d3187d3
Added module for OSVDB 74604
2012-05-29 21:10:51 +02:00
fe86ab9914
=Add osvdb ref
2012-05-29 13:31:20 -05:00
db5b3c8259
Added module for OSVDB 82000
2012-05-28 08:51:36 +02:00
d615e3bcb8
Print target IP/Port when restoring currencies.php
2012-05-28 01:33:45 -05:00
712a21717a
Totally forgot about disclosure date, damn it
2012-05-28 01:31:13 -05:00
7c1442c4b4
Merge pull request #421 from wchen-r7/symantec_web_gateway
...
Add CVE-2012-0297 Symantec Web Gateway
2012-05-27 23:28:59 -07:00
34c93d8e44
Fix check
2012-05-28 00:51:46 -05:00
96d70e5fb6
Add CVE-2012-0297 Symantec Web Gateway
2012-05-27 22:47:39 -05:00
18c8314d79
Change unknown authors to "Unknown".
...
Since "Anonymous" has become a well known organization, the meaning of the
term also may cause confusion. In order to clarify, we correct unknown
authors to simply "Unknown".
2012-05-26 15:23:09 -05:00
8f537653b4
Merge pull request #420 from wchen-r7/quickshare
...
Add OSVDB-70776 - QuickShare File Share
2012-05-26 01:04:21 -07:00
0b86ceb528
Add OSVDB-70776
2012-05-26 03:00:32 -05:00
e774df5c32
target info plus relocation
2012-05-25 20:16:13 +02:00
c4fad0dea5
module added for OSVDB-73609
2012-05-25 17:18:09 +02:00
7b0fbaed23
Merge pull request #417 from wchen-r7/rabidhamster
...
Add OSVDB-79007 - RabidHamster R4 Log Entry BoF
2012-05-25 01:11:17 -07:00
d595f908fc
Add OSVDB-79007
2012-05-25 03:06:28 -05:00
f7224ab306
flexnet_lmgrd_bof rand_text fix
2012-05-24 18:02:25 +02:00
5004515187
Resolved conflicts merging back from release
...
Merge branch 'release'
Conflicts:
lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb
modules/exploits/windows/license/flexnet_lmgrd_bof.rb
2012-05-24 00:27:41 -05:00
ac0d22453a
Merge pull request #414 from wchen-r7/apprain
...
Add CVE-2012-1153
2012-05-23 16:34:30 -07:00
8d837f5d20
Module description update. TARGETURI description update.
2012-05-23 18:33:32 -05:00
fab3bfcea1
Add CVE-2012-1153
2012-05-23 17:50:13 -05:00
0b7b71e240
Correct run-on sentence
2012-05-23 10:27:23 -05:00
94f114b69a
Fix typos
2012-05-23 10:22:52 -05:00
7a4f1a111b
Merge branch 'cve-2008-0320_openoffice_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-cve-2008-0320_openoffice_bof
2012-05-23 10:20:16 -05:00
287d68f304
added module for CVE-2008-0320
2012-05-23 17:14:11 +02:00
a37e98f159
Updating release from master.
2012-05-22 14:12:08 -05:00
c4b64a51f7
Added reference to vendor advisory
2012-05-22 13:22:26 -05:00
87ce3fe2f7
Adding extra ref from jjarmoc
2012-05-22 11:17:57 -05:00
c823e8099e
randomization when possible for flexnet_lmgrd_bof
2012-05-22 08:32:10 +02:00
cafe803217
Fix typos
2012-05-21 16:32:33 -05:00
72b1f113ce
Added module for ZDI-12-052
2012-05-21 16:32:33 -05:00
675dfe4e14
Don't keep the weblogi return codes secret
2012-05-21 11:27:24 -05:00
1104dccde8
Noting rhost/rport, cli.peerhost where appropriate
...
There's no msftidy check for this, and it's irritating to have to
remember to do this all the time.
2012-05-21 11:19:02 -05:00
7cc905832e
Consistent caps on SVG in batik_svg_java exploit
...
Also, modules should not refer to themselves as "I" or "me." It's
creepy.
2012-05-21 11:14:03 -05:00
5dd866ed4a
Fixed print_status to include rhost:rport
...
Also don't let the failed user:pass be a mystery to the user.
2012-05-21 11:11:34 -05:00
1fc7597a56
Msftidy fixes.
...
Fixed up activecollab_chat, batik_svg_java, and foxit_reader_launch
All whitespace fixes.
2012-05-21 10:59:52 -05:00
822e109b1f
Merge pull request #398 from wchen-r7/foxit_reader_launch
...
CVE-2009-0837 by bannedit - Foxit Reader 3 Launch Action BoF
2012-05-20 07:58:29 -07:00
ba2787df8a
add osvdb ref
2012-05-20 07:13:56 -05:00
c95a06e247
add osvdb ref
2012-05-20 07:13:31 -05:00
628233d15c
Merge pull request #399 from wchen-r7/hp_storageworks
...
Add HP StorageWorks VSA command execution vulnerability
2012-05-19 14:14:49 -07:00
d8c3edd316
Add HP StorageWorks VSA command execution vulnerability
2012-05-19 14:53:45 -05:00
f9bcb95952
Correct EDB references
2012-05-19 02:24:29 -05:00
964a6af423
Add Active Collab chat module PHP injection exploit, by mr_me
2012-05-19 02:06:30 -05:00
sinn3r
jvazquez-r7
Tod Beardsley
h0ng10
HD Moore
Steve Tornio
James Lee
m-1-k-3
Steven Seeley
Juan Vazquez
modpr0be
bcoles
Jeff Jarmoc
Michael Schierl
Patrick Webster
0a2940
Christian Mehlmauer
sinn3r
David Maloney