a02e0ee3e4
Land #2682 - Kimai v0.9.2 'db_restore.php' SQL Injection
2013-11-27 19:10:44 -06:00
a03cfce74c
Add table prefix and doc root as fallback options
2013-11-25 17:44:26 +10:30
d8700314e7
Add Kimai v0.9.2 'db_restore.php' SQL Injection module
2013-11-24 02:32:16 +10:30
2c485c509e
Fix caps on module titles (first pass)
2013-11-15 00:03:42 -06:00
65993704c3
Actually commit the mode change.
2013-11-11 22:16:29 -06:00
bdba80c05c
Land #2569 , @averagesecurityguy and others exploit for CVE-2013-4468, CVE-2013-4467
2013-11-07 12:20:42 -06:00
2d4090d9c3
Make option astGUIclient credentials
2013-11-06 20:33:47 -06:00
24d22c96a5
Improve exploitation
2013-11-06 20:15:40 -06:00
2b2ec1a576
Change module location
2013-11-06 15:53:45 -06:00
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
2ef33aabe7
Clean open_flash_chart_upload_exec
2013-10-24 10:15:28 -05:00
8a5d4d45b4
Add Open Flash Chart v2 Arbitrary File Upload exploit
2013-10-24 22:46:41 +10:30
1599d1171d
Land #2558 - Release fixes
2013-10-21 13:48:11 -05:00
c070108da6
Release-related updates
...
* Lua is not an acronym
* Adds an OSVDB ref
* credit @jvazquez-r7, not HD, for the Windows CMD thing
2013-10-21 13:33:00 -05:00
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
22b4bf2e94
Resplat webtester_exec.rb
2013-10-17 13:30:54 -05:00
07ab53ab39
Merge from master to clear conflict
...
Conflicts:
modules/exploits/windows/brightstor/tape_engine_8A.rb
modules/exploits/windows/fileformat/a-pdf_wav_to_mp3.rb
2013-10-17 13:29:24 -05:00
352eca1147
Fix check method and set a big space available for payload
2013-10-17 09:30:59 -05:00
54cf7855a2
Add WebTester 5.x Command Execution exploit module
2013-10-17 16:57:57 +10:30
ed0b84b7f7
Another round of re-splatting.
2013-10-15 14:14:15 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
e2a9339592
Add CVE to joomla media upload module.
2013-10-12 21:20:11 -05:00
9ca9b4ab29
Merge branch 'master' into data_dir
...
Conflicts:
lib/msf/core/auxiliary/jtr.rb
2013-10-10 19:55:26 +01:00
52574b09cb
Add OSVDB reference
2013-10-09 14:13:45 -05:00
24efb55ba9
Clean flashchat_upload_exec
2013-10-05 14:50:51 -05:00
08243b277a
Add FlashChat Arbitrary File Upload exploit module
2013-10-05 22:30:38 +09:30
299dfe73f1
Land #2460 , @xistence's exploit for clipbucket
2013-10-04 12:26:30 -05:00
8e0a4e08a2
Fix author order
2013-10-04 12:25:38 -05:00
81d4a8b8c1
added clipbucket_upload_exec RCE
2013-10-04 11:43:38 +07:00
c460f943f7
Merge branch 'master' into data_dir
...
Conflicts:
modules/exploits/windows/local/always_install_elevated.rb
plugins/sounds.rb
scripts/meterpreter/powerdump.rb
scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
23b0c3b723
Add Metasploit blog references
...
These modules have blogs from the Rapid7 community, we should add them.
2013-10-01 20:50:16 -05:00
7118f7dc4c
Land #2422 - rm methods peer & rport
...
Because they're already defined in the HttpClient mixin
2013-09-30 16:01:59 -05:00
2e8d19edcf
Retab all the things (except external/)
2013-09-30 13:47:53 -05:00
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
84ec2cbf11
remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient
2013-09-25 23:42:44 +02:00
58d4096e0f
Resolv conflicts on #2267
2013-09-25 13:06:14 -05:00
a50ab1ddd3
Land #2409 , @xistence exploit for ZeroShell
2013-09-24 15:32:55 -05:00
6c2063c9c0
Do not get a session on every execute_command call
2013-09-24 15:31:40 -05:00
79ca123051
Use snake_case
2013-09-24 15:16:51 -05:00
34b84395c1
Fix References field
2013-09-24 15:16:02 -05:00
adfacfbed1
Do not fail_with on method used from check
2013-09-24 15:08:48 -05:00
4b6a646899
Fix typo
2013-09-24 15:06:35 -05:00
f5cac304f4
Use default send_request_cgi timeout
2013-09-24 15:05:24 -05:00
ce4cf55d22
Land #2417 , @todb-r7's change to Platform field to make ruby style compliant
2013-09-24 13:30:48 -05:00
89222f4b16
Land #2416 , OSVDB refs for arkeia_upload_exec
2013-09-24 13:22:24 -05:00
c547e84fa7
Prefer Ruby style for single word collections
...
According to the Ruby style guide, %w{} collections for arrays of single
words are preferred. They're easier to type, and if you want a quick
grep, they're easier to search.
This change converts all Payloads to this format if there is more than
one payload to choose from.
It also alphabetizes the payloads, so the order can be more predictable,
and for long sets, easier to scan with eyeballs.
See:
https://github.com/bbatsov/ruby-style-guide#collections
2013-09-24 12:33:31 -05:00
d15f442e56
Add OSVDB references to arkeia_upload_exec
2013-09-24 08:48:28 -05:00
8b9adf6886
changes made to zeroshell_exec according to suggestions
2013-09-24 08:35:07 +07:00
8db1a389eb
Land #2304 fix post module require order
...
Incidentally resolve conflict on current_user_psexec to account for the
new powershell require.
2013-09-23 16:52:23 -05:00
4bff8f2cdc
Update descriptions for clarity.
2013-09-23 13:48:23 -05:00
6429219a1d
added ZeroShell RC2 RCE
2013-09-22 15:13:55 +07:00
bad6f2279d
Add OSVDB reference for openemr_sqli_privesc_upload
2013-09-20 09:41:23 -05:00
46a241b168
Fix my own cleanup
2013-09-19 14:51:22 -05:00
31903be393
Land #2380 , @xistence exploit for EDB 28329
2013-09-19 14:42:27 -05:00
cb737525b1
Final cleanup for openemr_sqli_privesc_upload
2013-09-19 14:40:57 -05:00
76e170513d
Do first clean on openemr_sqli_privesc_upload
2013-09-19 14:36:25 -05:00
cf0375f7e6
Fix check return value
2013-09-19 14:17:45 -05:00
c63423ad69
Update code comment
2013-09-19 13:03:55 -05:00
6073e6f2dc
Fix use of normalize_uri
2013-09-19 12:59:37 -05:00
b4fa535f2b
Fix usage of fail_with
2013-09-19 12:45:29 -05:00
1aba7550f9
Fix check indentation
2013-09-19 12:44:11 -05:00
1f7c3d82c1
Refactor easy methods
2013-09-19 12:42:38 -05:00
891a54aad7
Fix metadata
2013-09-19 12:41:13 -05:00
65ee8c7d5c
changed openemr_sqli_privesc_upload according to suggestions
2013-09-18 12:38:20 +07:00
d6a1182bd4
changes to arkeia_upload_exec to comply with r7 suggestions #2
2013-09-18 08:24:40 +07:00
24a671b530
changes to arkeia_upload_exec to comply with r7 suggestions
2013-09-18 08:10:58 +07:00
150f0f644e
Merge branch 'rapid7' into bug/osx-mods-load-order
...
Conflicts:
modules/post/windows/gather/enum_dirperms.rb
2013-09-17 18:21:13 -05:00
af873b7349
added OpenEMR 4.1.1 Patch 14 SQLi Privesc Upload RCE
2013-09-16 16:19:35 +07:00
b2b629f932
added WD Arkeia Appliance RCE
2013-09-16 14:38:50 +07:00
f5a4c05dbc
Retab changes for PR #2267
2013-09-05 14:11:03 -05:00
4703a10b64
Merge for retab
2013-09-05 14:10:58 -05:00
845bf7146b
Retab changes for PR #2304
2013-09-05 13:41:25 -05:00
adf9ff356c
Merge for retab
2013-09-05 13:41:23 -05:00
86ceadc53d
Fix target description
2013-09-05 13:37:01 -05:00
d43326d0f4
Check 302 while checking too
2013-09-05 13:36:35 -05:00
ab83a12354
Check 302 on anonymous access too
2013-09-05 13:35:52 -05:00
c9c6f84668
Retab changes for PR #2328
2013-09-05 13:16:15 -05:00
9bdc274904
Merge for retab
2013-09-05 13:15:07 -05:00
84e4b42f6b
allow 302 redirects
2013-09-04 16:59:42 -05:00
66d5af5a11
remove dependency on tmpl=component
2013-09-04 16:58:49 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
63adde2429
Fix load order in posts, hopefully forever
2013-08-29 13:37:50 -05:00
26531dbaa7
Land #2100 , @ddouhine's exploit for OSVDB 83543
2013-08-28 08:55:59 -05:00
ab572d7d72
Fix Authors metadata section
2013-08-28 08:53:48 -05:00
2e4e3fdbe6
Land #2237 - Fix check function
2013-08-27 11:11:54 -05:00
7efe85dbd6
php_include - added @wchen-r7's code improvements
2013-08-27 14:00:13 +01:00
6b15a079ea
Update for grammar in descriptions on new modules.
2013-08-26 14:52:51 -05:00
45ad043102
moderated comments are now also working (even for unauthenticated users)
2013-08-25 11:02:15 +02:00
035258389f
use feed first before trying to bruteforce
2013-08-25 10:16:43 +02:00
9af1341179
consistent naming
2013-08-24 18:51:07 +02:00
9e4a760576
Update payload
2013-08-24 17:30:16 +02:00
c40252e0b3
bugfixing
2013-08-24 00:04:16 +02:00
e9eb6b2427
simplification
2013-08-23 22:29:31 +02:00
576ae50b73
more feedback implemented
2013-08-23 22:22:56 +02:00
de3fc1fa6c
first feedback implemented
2013-08-23 21:59:36 +02:00
556f17c47e
Move modules
2013-08-22 17:33:35 +02:00
8456d2c0ec
remove target_uri
2013-08-22 00:48:42 +02:00
959553583f
-) revert last commit
...
-) split into seperate modules
2013-08-22 00:45:22 +02:00
009d8796f6
wordpress is now a module, not a mixin
2013-08-22 00:05:58 +02:00
2e9a579a08
implement @limhoff-r7 feedback
2013-08-21 21:05:52 +02:00
ffdd057f10
-) Documentation
...
-) Added Wordpress checks
2013-08-21 14:27:11 +02:00
49ec0d464a
msftidy
2013-08-21 13:15:21 +02:00
11ef8d077c
-) added wordpress mixin
...
-) fixed typo in web mixin
2013-08-21 12:45:15 +02:00
42f774a064
Fix check method
2013-08-20 12:02:09 -05:00
533d98bd1b
Adding module for CVE 2013-5093, Graphite Web Exploit
2013-08-20 12:56:30 -04:00
02e394e1c3
php_include - fix check
2013-08-17 17:36:43 +01:00
98b4c653c0
php_include - uses verbose
2013-08-17 17:35:09 +01:00
85b050112a
Land #2231 , @wchen-r7's patch for [SeeRM #8114 ]
2013-08-16 12:52:10 -05:00
d4dbea5594
Check 200
2013-08-16 11:34:32 -05:00
cd734acf3e
[See RM 8114] - Reduce false positive if traffic is redirected
...
Fix complaint for hitting this false positive when the user has
all the traffic redirected.
2013-08-15 16:33:10 -05:00
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
1d82ed176f
Update joomla_media_upload_exec references
2013-08-13 23:27:01 -05:00
e912a64ccc
Description change
2013-08-13 19:04:25 -05:00
312ff1a20e
Delete period from regular expressions
2013-08-13 17:50:26 -05:00
04eed49310
Add support for FileDropper
2013-08-13 16:47:24 -05:00
e4a570d36b
Update metadata according to OSVDB
2013-08-13 16:42:53 -05:00
2086c51b67
Add module for Joomla Upload Exploit in the wild
2013-08-13 16:27:27 -05:00
567873f3cc
Use normalize_uri a little better
2013-08-08 15:12:51 -05:00
40a61ec654
Do minor cleanup
2013-08-08 14:47:46 -05:00
28b36ea29b
Removing a space at EOL I missed.
2013-08-08 14:30:53 -04:00
1c6e994fe8
Adding improvements based on Juan's feedback
2013-08-08 14:29:35 -04:00
3a24765585
Adding CVE ID
2013-08-07 18:11:43 -04:00
7412981138
Adding an OSVDB reference
2013-08-07 07:15:00 -04:00
36bab2fdfa
Adding a space between init and check
2013-08-06 16:14:21 -04:00
be683d5dc6
Fixing the TARGETURI variable, adding check
2013-08-06 16:13:44 -04:00
a745ec8fa6
Adding reference
2013-08-06 14:43:25 -04:00
cfd5f29220
Fixing the use of APIKEY, which is not needed
2013-08-06 14:10:48 -04:00
69a86b60e2
Added initial squash RCE exploit
2013-08-06 14:00:17 -04:00
7e539332db
Reverting disaster merge to 593363c5f with diff
...
There was a disaster of a merge at 6f37cf22eb593363c5f9
2013-07-29 21:47:52 -05:00
3a8856ae7f
Apply review to spip_connect_exec
2013-07-15 09:44:05 -05:00
bc44d42888
Move module to unix/webapps
2013-07-15 09:43:28 -05:00
64b2f3f7a0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-08 16:55:39 -05:00
8d7396d60a
Minor description changes on new modules
2013-07-08 16:24:40 -05:00
6e44cb56bf
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-03 12:44:47 -05:00
f3f3a8239e
Land #2043 , @ricardojba exploit for InstantCMS
2013-07-03 12:11:30 -05:00
c07e65d16e
Improve and clean instantcms_exec
2013-07-03 11:37:57 -05:00
dd876008f9
Update instantcms_exec.rb
2013-07-02 17:26:14 +01:00
72f19181d1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-01 16:38:19 -05:00
dafa333e57
Update instantcms_exec.rb
2013-07-01 22:03:37 +01:00
bc24f99f8d
Various description and title updates
2013-07-01 15:37:37 -05:00
760133d878
Error on line 60
2013-07-01 12:04:03 -04:00
4cd08966ff
added InstantCMS 1.6 PHP Code Injection
2013-07-01 11:44:47 -04:00
0ff1cd24a9
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-30 10:03:30 -05:00
867eed7957
Make msftidy happy
2013-06-30 10:01:40 -05:00
db00599d44
Move carberp_backdoor_exec to unix webapp exploits foler
2013-06-30 10:00:14 -05:00
90b30dc317
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-26 14:31:52 -05:00
6ea622c45e
reference updates
2013-06-26 09:44:56 -05:00
0c306260be
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 09:13:01 -05:00
4df943d1a2
CVE and OSVDB update
2013-06-25 02:06:20 -05:00
sinn3r
bcoles
William Vu
Tod Beardsley
jvazquez-r7
joev
Meatballs
xistence
Tab Assassin
FireFart
James Lee
jgor
g0tmi1k
Charlie Eriksen
HD Moore
root
Ricardo Almeida
Steve Tornio