6be7ba98aa
ezserver_http: added bid reference
2012-06-20 22:08:58 +02:00
3b1c434252
Remove trailing space
2012-06-19 16:44:07 -05:00
4987acc703
Correct e-mail format, description, and some commas.
2012-06-18 18:52:26 -05:00
2df237b066
minor fixes
2012-06-18 22:44:17 +02:00
d706199a83
fix all changes suggested by jvazquez-r7
2012-06-19 02:05:25 +07:00
a8a4594cd4
Documenting esi alignment plus using target_uri.to_s
2012-06-16 09:26:22 +02:00
1d121071f3
Prepend nops to raw payload in encoder if needed
2012-06-15 09:59:10 +02:00
091b3bbbd9
Added module plus encoder for CVE-2012-2329
2012-06-15 00:29:52 +02:00
a071d2805e
Fix the rest of possible nil res bugs I've found
2012-06-04 14:56:27 -05:00
3752c10ccf
Adding FireFart's RPORT(80) cleanup
...
This was tested by creating a resource script to load every changed
module and displaying the options, like so:
````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````
...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.
Thanks FireFart!
Squashed commit of the following:
commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date: Fri May 25 22:09:42 2012 +0200
Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
18c8314d79
Change unknown authors to "Unknown".
...
Since "Anonymous" has become a well known organization, the meaning of the
term also may cause confusion. In order to clarify, we correct unknown
authors to simply "Unknown".
2012-05-26 15:23:09 -05:00
7b0fbaed23
Merge pull request #417 from wchen-r7/rabidhamster
...
Add OSVDB-79007 - RabidHamster R4 Log Entry BoF
2012-05-25 01:11:17 -07:00
d595f908fc
Add OSVDB-79007
2012-05-25 03:06:28 -05:00
675dfe4e14
Don't keep the weblogi return codes secret
2012-05-21 11:27:24 -05:00
f9bcb95952
Correct EDB references
2012-05-19 02:24:29 -05:00
bedf010676
description modified
2012-05-18 01:23:09 +02:00
e7f5bf132c
trying to improve bea weblogic connector bof
2012-05-18 01:13:56 +02:00
c0d17734ed
Improve run-on sentences.
2012-05-17 15:00:00 -05:00
c4ab521d7b
better tab indentation
2012-05-17 21:41:31 +02:00
a21e832336
fingerprinting bea connector with Transfer-Encoding
2012-05-17 19:21:16 +02:00
9a5e4d6500
Added target BEA Weblogic 8.1 SP4
2012-05-17 11:07:22 +02:00
445bd90afb
Added module for CVE-2008-3257
2012-05-17 10:28:18 +02:00
65800f7c6e
Whitespace on solarwinds
2012-05-09 12:47:22 -05:00
f6c88377f4
Fixes #362 by changing the exitfunction arguments to be the correct type
2012-05-07 02:41:08 -05:00
ba4ae384d7
add osvdb ref
2012-05-05 10:14:07 -05:00
d5d35551ab
Add EDB reference
2012-05-04 00:11:29 -05:00
25b11a02b5
Update the comment for check()
2012-05-03 20:37:36 -05:00
4bf674ece6
Pff, and of course, I had to make a typo on that one
2012-05-03 20:34:52 -05:00
1a4d3f849c
A little change to the description
2012-05-03 20:33:28 -05:00
7ca69f00b0
Add Solarwinds Storage Manager 5.1.0 SQL Injection (code execution)
2012-05-03 20:24:42 -05:00
4c72193922
Fix undefined method `[something]' for nil:NilClass
2012-04-24 01:46:03 -05:00
1e2203867c
Repair 'no encoders encoded the buffer successfully' issues
2012-04-16 13:43:25 -05:00
05eba0ab4c
Cosmetic changes, mostly :-)
2012-04-07 14:47:23 -05:00
938d5d0a75
added references for cve-2012-1196
2012-04-07 20:22:59 +02:00
ee7bce5995
deletion of the ASP script
2012-04-07 20:19:45 +02:00
8761d39190
exploit module added for CVE-2012-1195
2012-04-07 19:04:17 +02:00
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
ecb1fda682
Add OSVDB-79651: NetDecision 4.5 HTTP Server Buffer Overflow
2012-03-14 05:13:22 -05:00
70162fde73
A few more author typos
2012-03-05 13:28:46 -07:00
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
829040d527
A bunch of msftidy fixes, no functional changes.
2012-02-10 19:44:03 -06:00
d9ee43d3dc
add disclosure date
2012-01-31 20:38:05 -06:00
064a71fb1d
Add CVE-2011-3167 HP OpenView NNM exploit (Feature #6245 )
2012-01-18 12:05:18 -06:00
8eee54d1d0
Add e-mail addr for corelanc0d3r (found it in auxiliary/fuzzers/ftp/client_ftp.rb)
2012-01-09 14:23:37 -06:00
9cf2af6a94
Adds exploit/windows/htt/xampp_webdav_upload_php
...
This exploit abuses weak default passwords on XAMPP
for windows to uplaod a php payload and execute it.
Fixes #2170
2012-01-06 12:00:14 -08:00
c411c216c0
Solved most of msftidy issues with the /modules directory
2011-11-28 17:10:29 -06:00
f54b622ad3
Added BID ref for amlibweb module.
2011-11-11 12:04:40 +11:00
e767214411
Fix: whitespaces, svn propset, author e-mail format
...
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 22:02:26 +00:00
0890cca02a
much needed patch worked like a champ in my enviroment.
...
git-svn-id: file:///home/svn/framework3/trunk@14132 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 20:37:30 +00:00
jvazquez-r7
Tod Beardsley
sinn3r
modpr0be
Christian Mehlmauer
sinn3r
HD Moore
Steve Tornio
juan
James Lee
Jonathan Cran
David Maloney
Rob Fuller
Patrick Webster
Mario Ceballos