infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,013 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

340 Commits (aceba9fc8a84ad5e71a54d8d470a460ee2dec556)

Author SHA1 Message Date
Steve Tornio 94640b6bc4 add osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@13115 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-07 11:54:54 +00:00
HD Moore ab4961bfa9 Timeline 
git-svn-id: file:///home/svn/framework3/trunk@13099 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-05 05:20:47 +00:00
HD Moore e678bb0a8e Update the description to match the latest information 
git-svn-id: file:///home/svn/framework3/trunk@13098 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-05 05:11:00 +00:00
HD Moore c82063d708 Update based on feedback from mc, indicating this backdoor was in place since February 15th 2011 and likely even earlier 
git-svn-id: file:///home/svn/framework3/trunk@13097 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-05 01:49:05 +00:00
HD Moore 5482a59910 Exit cleanly if the shell as not valid 
git-svn-id: file:///home/svn/framework3/trunk@13095 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-04 21:18:44 +00:00
HD Moore bd12c8c6a9 Fix a couple small typos 
git-svn-id: file:///home/svn/framework3/trunk@13094 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-04 21:10:30 +00:00
HD Moore e6968c202a A couple bug fixes to enable cmd_interact and a new module for the VSFTPD backdoor 
git-svn-id: file:///home/svn/framework3/trunk@13093 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-04 20:09:32 +00:00
Joshua Drake bf20ace73e totally noobd out on that one, thx 
git-svn-id: file:///home/svn/framework3/trunk@13035 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 18:09:21 +00:00
Joshua Drake a29002ee2e handle a few corner cases 
git-svn-id: file:///home/svn/framework3/trunk@13032 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 06:03:23 +00:00
Patrick Webster 5617d23635 Removed erroneous awstatstotals_multisort print_status. 
git-svn-id: file:///home/svn/framework3/trunk@12715 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-25 10:45:36 +00:00
Patrick Webster 51ce0dba58 Added awstatstotals_multisort exploit module. 
git-svn-id: file:///home/svn/framework3/trunk@12714 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-25 10:42:37 +00:00
James Lee 486c0556d0 don't leave unnecessary evil-looking logs 
git-svn-id: file:///home/svn/framework3/trunk@12604 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-12 22:46:43 +00:00
David Rude a8b6c43636 reverting the disclosure dates for now need to clean up the patch 
git-svn-id: file:///home/svn/framework3/trunk@12540 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-04 20:43:19 +00:00
David Rude 3b7ea08f6a Fixes a ton of Disclosure Date discrepencies in various modules, thanks a ton to Michael Baker for spending the time to ensure accuracy 
git-svn-id: file:///home/svn/framework3/trunk@12539 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-04 19:17:31 +00:00
Patrick Webster cacac970e1 Added privilege escalation to contentkeeperweb_mimencode exploit module. 
git-svn-id: file:///home/svn/framework3/trunk@12265 4d416f70-5f16-0410-b530-b9f4589650da
 2011-04-07 11:02:48 +00:00
Joshua Drake d682069aec add cve-2010-4566 exploit from Erwin Paternotte 
git-svn-id: file:///home/svn/framework3/trunk@11873 4d416f70-5f16-0410-b530-b9f4589650da
 2011-03-03 20:51:12 +00:00
HD Moore 2dbbdc18dd Explicitly yield to other threads after each request, reducing the chance that this module will eat all cycles. 
git-svn-id: file:///home/svn/framework3/trunk@11857 4d416f70-5f16-0410-b530-b9f4589650da
 2011-03-02 05:03:20 +00:00
Joshua Drake b6b9b83dd7 add CVE reference 
git-svn-id: file:///home/svn/framework3/trunk@11579 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-14 16:25:37 +00:00
Joshua Drake 287f4c87fe style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@11516 4d416f70-5f16-0410-b530-b9f4589650da
 2011-01-08 01:13:26 +00:00
Steve Tornio 860e29228b add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@11414 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-25 14:43:13 +00:00
HD Moore e7f3c63e1c Exploit for a recent Redmine command injection vulnerability, provided as a holiday gift by Joernchen of Phenoelit. 
git-svn-id: file:///home/svn/framework3/trunk@11406 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-25 05:46:29 +00:00
Steve Tornio 3662fb4bc6 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@11389 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-21 19:16:18 +00:00
HD Moore 4708d5b159 Add coverage for the mitel audio web conferencing web interface command injection. 
git-svn-id: file:///home/svn/framework3/trunk@11388 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-21 19:02:13 +00:00
Joshua Drake c46be9d387 better error for non-exim servers 
git-svn-id: file:///home/svn/framework3/trunk@11352 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-16 17:30:24 +00:00
Joshua Drake 843b121ea1 fix typo 
git-svn-id: file:///home/svn/framework3/trunk@11350 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-16 16:38:31 +00:00
Joshua Drake d69cff2b34 add bid reference 
git-svn-id: file:///home/svn/framework3/trunk@11318 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-13 16:16:29 +00:00
Joshua Drake 573c639c85 remove debug prints 
git-svn-id: file:///home/svn/framework3/trunk@11299 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-11 22:00:34 +00:00
Joshua Drake 7c6eadc24b check more responses, account for corner case in initial headers 
git-svn-id: file:///home/svn/framework3/trunk@11298 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-11 21:58:25 +00:00
Joshua Drake ea4e8c29d3 add hdm to authors, minor cleanups 
git-svn-id: file:///home/svn/framework3/trunk@11289 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-11 10:55:24 +00:00
HD Moore c1a3364ea9 Update the privileged flag 
git-svn-id: file:///home/svn/framework3/trunk@11285 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-11 03:31:45 +00:00
HD Moore 8ad08ec535 Update the description/refs 
git-svn-id: file:///home/svn/framework3/trunk@11284 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-11 03:31:04 +00:00
HD Moore 61e8ab1432 This module will now automatically gain root if Perl is installed 
git-svn-id: file:///home/svn/framework3/trunk@11283 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-11 03:21:52 +00:00
Joshua Drake c1f37b3c8a minor adjustment to output printing 
git-svn-id: file:///home/svn/framework3/trunk@11281 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-10 23:29:26 +00:00
Joshua Drake 5624c55599 add EHLO_NAME advanced option, remove debug print, fix version regex 
git-svn-id: file:///home/svn/framework3/trunk@11280 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-10 22:51:05 +00:00
Joshua Drake b5d44d1684 handle hosts that reverse properly, whitespace 
git-svn-id: file:///home/svn/framework3/trunk@11279 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-10 22:32:39 +00:00
HD Moore cc81d3bbc0 Automagic updates to jduck's exim module 
git-svn-id: file:///home/svn/framework3/trunk@11278 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-10 22:17:47 +00:00
HD Moore a683f7b7d4 Automagic updates to jduck's exim module 
git-svn-id: file:///home/svn/framework3/trunk@11277 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-10 22:16:34 +00:00
Steve Tornio d5fc9df054 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@11276 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-10 21:43:12 +00:00
Joshua Drake 5cc8407748 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@11275 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-10 19:50:16 +00:00
Joshua Drake 9f5df90e60 add exploit for cve-2010-4344 
git-svn-id: file:///home/svn/framework3/trunk@11274 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-10 19:34:23 +00:00
Joshua Drake add6955501 add disclosure date, fix parse error on 1.8.7 
git-svn-id: file:///home/svn/framework3/trunk@11253 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-08 16:17:16 +00:00
Joshua Drake 9c1576b20e update the title 
git-svn-id: file:///home/svn/framework3/trunk@11246 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-07 17:46:24 +00:00
Joshua Drake bbab0e3fd9 add cve-2008-6825 exploit from Larry Wert, fixes #3145 
git-svn-id: file:///home/svn/framework3/trunk@11245 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-07 17:44:47 +00:00
Mario Ceballos 5dad5e2ee5 consistency 
git-svn-id: file:///home/svn/framework3/trunk@11227 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-05 15:08:22 +00:00
Steve Tornio e93c196363 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@11214 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-03 12:34:38 +00:00
Mario Ceballos 50d6c9659a added coverage for the proftpd backdoor. 
git-svn-id: file:///home/svn/framework3/trunk@11210 4d416f70-5f16-0410-b530-b9f4589650da
 2010-12-02 22:33:37 +00:00
Joshua Drake 26a9fe6fc7 add some missing CVE references 
git-svn-id: file:///home/svn/framework3/trunk@11180 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-30 20:19:18 +00:00
Joshua Drake e9faf75503 fix some more titles with periods 
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-24 19:35:38 +00:00
Steve Tornio eab8c24b8b add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@11074 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-19 20:43:56 +00:00
Joshua Drake b42a04a7aa add cakephp exploit from tdz 
git-svn-id: file:///home/svn/framework3/trunk@11070 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-19 18:30:07 +00:00
Joshua Drake 3992eb7ef8 Mass RE-update: fix all framework URL references 
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-11 22:43:22 +00:00
Joshua Drake 9fc6f2f3a3 Mass update: fix all framework URL references 
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-11 22:25:13 +00:00
Joshua Drake e78aa83021 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10821 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-25 20:58:49 +00:00
Joshua Drake 672fc87055 fixed typo, thx rmkml 
git-svn-id: file:///home/svn/framework3/trunk@10803 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-23 23:35:44 +00:00
Steve Tornio ddf8294beb add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@10783 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-22 12:09:10 +00:00
Joshua Drake 7a9fe2c4d7 add exploit module for cve-2010-3585 
git-svn-id: file:///home/svn/framework3/trunk@10780 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-22 06:16:31 +00:00
Tod Beardsley 865b711b5c Fixes #2974. Adds an "Unknown" level to Exploit::CheckCode, fixes the URI check for exploit/unix/webapp/php_include (which was relying on Unknown). 
git-svn-id: file:///home/svn/framework3/trunk@10694 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-15 12:24:17 +00:00
Joshua Drake 7e4f4b3791 silly whitespace tweak 
git-svn-id: file:///home/svn/framework3/trunk@10642 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-11 19:30:57 +00:00
Joshua Drake 8230bb6edf update disclosure date 
git-svn-id: file:///home/svn/framework3/trunk@10637 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-11 03:59:19 +00:00
HD Moore a3ad8f5061 Add a quick module for exploiting basic web cmd injection 
git-svn-id: file:///home/svn/framework3/trunk@10624 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-09 21:32:19 +00:00
Joshua Drake ae04e34cf7 fix some non-full-namespace includes 
git-svn-id: file:///home/svn/framework3/trunk@10617 4d416f70-5f16-0410-b530-b9f4589650da
 2010-10-09 06:55:52 +00:00
HD Moore c1f934dbb4 jduck the grammar checker strikes again (thanks!) 
git-svn-id: file:///home/svn/framework3/trunk@10476 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-25 04:54:10 +00:00
HD Moore 25d18f1f1b Quit when we get an SSL exception 
git-svn-id: file:///home/svn/framework3/trunk@10470 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-25 03:14:21 +00:00
HD Moore 048b21e3b9 Ensure that errors in the PHPInclude mixin lead to the service being stopped. Handle unreachable services in the php_include module better. Fix database-enabled tab completion to be workspace friendly 
git-svn-id: file:///home/svn/framework3/trunk@10410 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-21 02:52:49 +00:00
Joshua Drake 4590844871 tons of indentation fixes, some other style tweaks 
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-20 08:06:27 +00:00
Joshua Drake 330281eadd see #684, adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues 
git-svn-id: file:///home/svn/framework3/trunk@10150 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-25 20:55:37 +00:00
James Lee 34eb75af73 overhaul smtp to add support for authentication and STARTTLS. can now send email through a gmail account 
git-svn-id: file:///home/svn/framework3/trunk@10148 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-25 20:31:46 +00:00
Joshua Drake f6033b9bd6 change some print_status to print_error, rename a few msft modules using msb convention 
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-25 21:37:54 +00:00
HD Moore fb57dde60c Do not spew HTML to the screen 
git-svn-id: file:///home/svn/framework3/trunk@9829 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-14 18:23:47 +00:00
Joshua Drake 663b863b6d http fingerprint checking update 
git-svn-id: file:///home/svn/framework3/trunk@9719 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 17:38:59 +00:00
Joshua Drake a3d901a6b9 various minor fixes, some added fingerprinting 
git-svn-id: file:///home/svn/framework3/trunk@9671 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 06:21:31 +00:00
Joshua Drake 7d945ed9dc add lots of disclosure dates from OSVDB 
git-svn-id: file:///home/svn/framework3/trunk@9669 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 03:13:45 +00:00
Joshua Drake f6f954a18c add missing CVE/OSVDB references, plenty still missing *wink wink* 
git-svn-id: file:///home/svn/framework3/trunk@9659 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-02 00:10:51 +00:00
Joshua Drake 0882838491 ensure binary mode when opening files, whitespace fixes 
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 23:33:07 +00:00
James Lee 571aeb119c make this much less verbose. 
git-svn-id: file:///home/svn/framework3/trunk@9634 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-28 23:42:50 +00:00
Joshua Drake 12fbdcd878 add http_fingerprint calls to modules that use various headers 
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-25 20:53:12 +00:00
James Lee 73c680eeff reduce the timeout. it's annoying to have to wait 25 seconds for my shell 
git-svn-id: file:///home/svn/framework3/trunk@9621 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-25 05:45:15 +00:00
James Lee e47f38365d make the description a little more descriptive. 
git-svn-id: file:///home/svn/framework3/trunk@9611 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-24 18:34:37 +00:00
James Lee 43799f505b not a command execution anymore. 
git-svn-id: file:///home/svn/framework3/trunk@9601 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-23 23:12:59 +00:00
James Lee 1f957891fb ARCH_CMD -> ARCH_PHP. tested with php/reverse_php and php/meterpreter[/_]reverse_tcp. see #2105 
git-svn-id: file:///home/svn/framework3/trunk@9598 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-23 22:51:50 +00:00
Tod Beardsley 9d46383040 Fixes #2134. Subs select for sleep in exploit modules. 
git-svn-id: file:///home/svn/framework3/trunk@9583 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-22 19:11:05 +00:00
Joshua Drake fa505a4069 various fixes, mostly consistency changes to disclosure dates 
git-svn-id: file:///home/svn/framework3/trunk@9525 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 07:18:08 +00:00
Steve Tornio fcb05df3d8 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9510 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-13 12:41:48 +00:00
HD Moore 843d632d55 Change the advisory link 
git-svn-id: file:///home/svn/framework3/trunk@9504 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-12 19:33:42 +00:00
HD Moore cb9a3211ee Exploit for the UnrealIRCD backdoor 
git-svn-id: file:///home/svn/framework3/trunk@9503 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-12 19:25:48 +00:00
James Lee ce8a9e9318 update space requirements 
git-svn-id: file:///home/svn/framework3/trunk@9392 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-02 05:04:24 +00:00
Steve Tornio 365f13551b added refs. I think all the auxiliary and exploit modules should now be covered. 
git-svn-id: file:///home/svn/framework3/trunk@9298 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-13 16:53:50 +00:00
Joshua Drake 7a32c8add2 add exploit for cve-2009-4098 
git-svn-id: file:///home/svn/framework3/trunk@9247 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-08 03:07:51 +00:00
Joshua Drake 0e72894e58 more cleanups 
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-03 17:13:09 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass 
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-30 08:40:19 +00:00
Joshua Drake 5f7d3cd0d1 fix final "end" statement -- wow almost 3 years like that 
git-svn-id: file:///home/svn/framework3/trunk@9175 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-30 06:08:08 +00:00
Joshua Drake 5b629c8dc7 fix copy pasta error 
git-svn-id: file:///home/svn/framework3/trunk@9174 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-30 02:12:29 +00:00
James Lee 8923de2d8d change squirrelmail_pgp_plugin to manual rank because it requires an email address 
git-svn-id: file:///home/svn/framework3/trunk@9171 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-29 18:29:22 +00:00
Joshua Drake fda05bfe16 update check functionality 
git-svn-id: file:///home/svn/framework3/trunk@9111 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-20 01:55:21 +00:00
Joshua Drake ef7aef50db correct BID reference 
git-svn-id: file:///home/svn/framework3/trunk@9110 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-20 00:09:11 +00:00
Joshua Drake 9a5c1ccf68 minor whitespace tweaks 
git-svn-id: file:///home/svn/framework3/trunk@9108 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-19 23:53:27 +00:00
Joshua Drake 6a794fc25a better url generation (more random and more reliable) 
git-svn-id: file:///home/svn/framework3/trunk@9106 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-19 22:55:08 +00:00
Joshua Drake 78d1338171 clean up extra slashes in uris 
git-svn-id: file:///home/svn/framework3/trunk@9036 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-07 20:25:34 +00:00
Joshua Drake 61b4500ffd remove svn:executable from various files 
git-svn-id: file:///home/svn/framework3/trunk@8974 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-01 16:20:34 +00:00
Joshua Drake 40dd65494e add notes about vulnerable versions 
git-svn-id: file:///home/svn/framework3/trunk@8811 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-13 18:15:06 +00:00
HD Moore aaea62bb92 Report the correct local/peer names for the session information. Fix a return value check 
git-svn-id: file:///home/svn/framework3/trunk@8765 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-10 07:13:18 +00:00
Joshua Drake b419a40c45 finished periodic missing CVE reference check (hint vulns w/o CVEs here!) 
also some minor cleanups here and there

git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-10 05:58:01 +00:00
Joshua Drake 6414821ea8 add exploit modules for CVEs 2005-2877 and 2004-1037 
git-svn-id: file:///home/svn/framework3/trunk@8578 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-21 20:31:09 +00:00
Joshua Drake 6e8eddcf5e add exploit module for cve-2008-0506 
git-svn-id: file:///home/svn/framework3/trunk@8562 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-19 07:31:12 +00:00
et cf29ff333e Added a path to prepend 
git-svn-id: file:///home/svn/framework3/trunk@8514 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-16 05:24:31 +00:00
HD Moore 1857268af8 Uber-fast-get-me-a-php-shell mode :) 
git-svn-id: file:///home/svn/framework3/trunk@8505 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-15 17:59:54 +00:00
Joshua Drake 4751d83cb8 some cleanups, added some CVE references 
git-svn-id: file:///home/svn/framework3/trunk@8304 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 20:15:32 +00:00
Joshua Drake 310be42bfa try not to repeatedly load static files - see #694 
git-svn-id: file:///home/svn/framework3/trunk@8166 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-19 19:12:42 +00:00
HD Moore d0969746a4 Mostly cosmetic changes from local tree 
git-svn-id: file:///home/svn/framework3/trunk@7970 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-26 03:31:20 +00:00
Joshua Drake 5ef4545a1b fd.read -> fd.read(fd.stat.size) 
git-svn-id: file:///home/svn/framework3/trunk@7903 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-17 05:22:40 +00:00
James Lee 2570fcee15 get rid of some more ^Ms 
git-svn-id: file:///home/svn/framework3/trunk@7880 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-15 18:47:29 +00:00
HD Moore 837c70715d Reference updates from Steve Tornio 
git-svn-id: file:///home/svn/framework3/trunk@7854 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 20:09:46 +00:00
HD Moore 0efbe3baf9 Remove the debug print 
git-svn-id: file:///home/svn/framework3/trunk@7852 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 18:56:19 +00:00
HD Moore 97757c37a0 Adds an exploit module for the zabbix agent command execution flaw (no cve/bid/osvdb) 
git-svn-id: file:///home/svn/framework3/trunk@7851 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 18:24:24 +00:00
HD Moore 4fcdceccb7 No ruby access on the common target 
git-svn-id: file:///home/svn/framework3/trunk@7776 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-09 15:13:35 +00:00
HD Moore 8a784339c4 Remove a debug print 
git-svn-id: file:///home/svn/framework3/trunk@7774 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-09 14:00:21 +00:00
HD Moore ba1b032207 Adds coverage for the QTSS metachar injection bug 
git-svn-id: file:///home/svn/framework3/trunk@7772 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-09 13:23:59 +00:00
Joshua Drake ff83f1cd2f add ranking to every exploit module, pfew! 
git-svn-id: file:///home/svn/framework3/trunk@7724 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-06 05:50:37 +00:00
HD Moore 61e233df91 Keywords on all modules, plugins, and scripts 
git-svn-id: file:///home/svn/framework3/trunk@7550 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-17 00:05:19 +00:00
James Lee 9f134512c2 give up if we can't get the password hash. see #519 
git-svn-id: file:///home/svn/framework3/trunk@7539 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-16 18:51:51 +00:00
James Lee dd323e2a7b don't try to run methods on an object we just confirmed was nil 
git-svn-id: file:///home/svn/framework3/trunk@7538 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-16 18:48:34 +00:00
James Lee 94729103b4 added osvdb ref and keywords 
git-svn-id: file:///home/svn/framework3/trunk@7532 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-16 16:18:51 +00:00
James Lee 7fb9c4a791 add coverage for cve-2009-1151 
git-svn-id: file:///home/svn/framework3/trunk@7528 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-16 08:42:32 +00:00
James Lee 53640065da license 
git-svn-id: file:///home/svn/framework3/trunk@7522 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-15 19:53:03 +00:00
Mario Ceballos bbfc195735 added patch from Steve Tornio. 
git-svn-id: file:///home/svn/framework3/trunk@7514 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 13:26:27 +00:00
HD Moore 8b9238e33b Cosmetic/reference cleanups. 
git-svn-id: file:///home/svn/framework3/trunk@7506 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 04:31:00 +00:00
James Lee d90b932383 add a bit more entropy 
git-svn-id: file:///home/svn/framework3/trunk@7504 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 02:09:32 +00:00
James Lee 38c0a3bd1b 302 is not the same as 200... 
git-svn-id: file:///home/svn/framework3/trunk@7503 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 02:03:16 +00:00
James Lee d2451547d6 add exploit module for osCommerce file upload 
git-svn-id: file:///home/svn/framework3/trunk@7502 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-14 01:56:21 +00:00
HD Moore 5eed9deb2d Adds the joomla TinyMCE file upload exploit from spinbad. 
git-svn-id: file:///home/svn/framework3/trunk@7283 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-26 20:00:39 +00:00
HD Moore e3f68f2639 Another large number of warnings fixed by Yoann Guillot 
git-svn-id: file:///home/svn/framework3/trunk@7248 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-25 17:18:23 +00:00
HD Moore a0fbc2914f Remove the milw0rm references, as the links are no longer valid. 
git-svn-id: file:///home/svn/framework3/trunk@7237 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-24 18:13:07 +00:00
Mario Ceballos 2b85ceb4c1 added exploit modules base_qry_common.rb and mambo_cache_lite.rb 
git-svn-id: file:///home/svn/framework3/trunk@7210 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-20 15:01:10 +00:00
HD Moore 26db223636 OSVDB reference update from Steve Tornio 
git-svn-id: file:///home/svn/framework3/trunk@7149 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-12 14:39:51 +00:00
James Lee 9ace8f33eb OSVDB references from Steve Tornio 
git-svn-id: file:///home/svn/framework3/trunk@7030 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-12 04:22:58 +00:00
James Lee 85a4f1b9db add a simple check for the generic php exploits 
git-svn-id: file:///home/svn/framework3/trunk@7025 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-10 05:24:03 +00:00
HD Moore 7fb18d6e11 Add coverage for the new nagios3 cmd execution bug 
git-svn-id: file:///home/svn/framework3/trunk@6936 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-04 19:27:50 +00:00
HD Moore 876a80f601 Updated osvdb references from Steve Tornio, updated capture/eth_spoof modules 
git-svn-id: file:///home/svn/framework3/trunk@6907 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-27 14:05:23 +00:00
kris 7262621d35 switch 'Version' Rev to Revision since msf doesn't handle it correctly 
git-svn-id: file:///home/svn/framework3/trunk@6877 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-23 03:06:01 +00:00
HD Moore e70ac6cc19 Added a new set of match flags for cmd injection exploits (RequiredCmds). This reduces the number of 'bad' payloads listed for explot modules. A good example is disabling the netcat -e payloads for old Solaris exploits 
git-svn-id: file:///home/svn/framework3/trunk@6854 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-21 15:20:35 +00:00
HD Moore f8c2a203fd OSVDB references updates from Steve Tornio 
git-svn-id: file:///home/svn/framework3/trunk@6812 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-16 16:02:24 +00:00
James Lee bc037bbbac make php findsock work again for php_eval and php_include 
git-svn-id: file:///home/svn/framework3/trunk@6678 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-20 05:50:52 +00:00
HD Moore a5f567e76e Massive OSVDB reference update from Steve Tornio. 
git-svn-id: file:///home/svn/framework3/trunk@6629 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-07 20:20:42 +00:00
HD Moore 92d242cc2f osvdb references from Steve Tornio 
git-svn-id: file:///home/svn/framework3/trunk@6568 4d416f70-5f16-0410-b530-b9f4589650da
 2009-05-19 13:20:32 +00:00
James Lee 6c8a93035f make the new random header stuff work with magic_quotes 
git-svn-id: file:///home/svn/framework3/trunk@6559 4d416f70-5f16-0410-b530-b9f4589650da
 2009-05-17 00:35:56 +00:00
HD Moore 9d8581a17e More osvdb references from Steve Tornio 
git-svn-id: file:///home/svn/framework3/trunk@6550 4d416f70-5f16-0410-b530-b9f4589650da
 2009-05-13 17:39:42 +00:00
HD Moore 0981295879 More osvdb references from Steve Tornio 
git-svn-id: file:///home/svn/framework3/trunk@6547 4d416f70-5f16-0410-b530-b9f4589650da
 2009-05-12 19:56:54 +00:00
James Lee b31abbc6f9 move the payload into a random X- header so it doesn't show up in access logs 
git-svn-id: file:///home/svn/framework3/trunk@6493 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-19 15:47:14 +00:00
kris 37c2e301ed replacing defunct framework URL in header comments in most modules and pcap_log 
git-svn-id: file:///home/svn/framework3/trunk@6479 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-13 14:33:26 +00:00
HD Moore eccfcdfced Sets svn keywords on modules missing it, tweaks the emailer module 
git-svn-id: file:///home/svn/framework3/trunk@6407 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-28 06:03:35 +00:00
Patrick Webster 46351557bc Added dogfood_spell_exec exploit module from LSO. 
git-svn-id: file:///home/svn/framework3/trunk@6282 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-03 03:32:36 +00:00
Patrick Webster 92c45abf2d Added contentkeeperweb_mimencode exploit module. 
git-svn-id: file:///home/svn/framework3/trunk@6250 4d416f70-5f16-0410-b530-b9f4589650da
 2009-02-25 03:41:25 +00:00
Mario Ceballos ff8323e6d2 added modules from Matteo Cantoni. 
git-svn-id: file:///home/svn/framework3/trunk@6170 4d416f70-5f16-0410-b530-b9f4589650da
 2009-01-21 12:51:30 +00:00
Patrick Webster 33ba28346d Added exploit module awstats_migrate_exec. 
git-svn-id: file:///home/svn/framework3/trunk@6155 4d416f70-5f16-0410-b530-b9f4589650da
 2009-01-15 07:09:56 +00:00
Patrick Webster 97ffd10f89 Updated to support Windows targets. 
git-svn-id: file:///home/svn/framework3/trunk@5912 4d416f70-5f16-0410-b530-b9f4589650da
 2008-11-13 09:01:24 +00:00
Ramon de C Valle c66d6c4e46 Set property 'svn:keywords' 
git-svn-id: file:///home/svn/framework3/trunk@5783 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-23 02:43:21 +00:00
Ramon de C Valle f124597a56 Code cleanups 
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-19 21:03:39 +00:00
James Lee 4c091edac1 fixes #198; generic php eval exploit 
git-svn-id: file:///home/svn/framework3/trunk@5746 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-13 05:55:10 +00:00
HD Moore fd256ec4a1 This massive commit changes the metasploit 3 module format. The new syntax allows for greater scalability and future improvements to the metasploit module loader. This change also makes it easier for users to add new modules, since the class name no longer needs to match the directory structure. 
git-svn-id: file:///home/svn/framework3/trunk@5709 4d416f70-5f16-0410-b530-b9f4589650da
 2008-10-02 05:23:59 +00:00
James Lee 647118f333 remove debug statements, add disabled_functions evasion in php findsock stuff 
git-svn-id: file:///home/svn/framework3/trunk@5700 4d416f70-5f16-0410-b530-b9f4589650da
 2008-09-30 19:56:16 +00:00
James Lee 36a06e7576 initial commit of php findsock. This patch makes all http connections global and removes the "close if (!pipelining)" checks, so beware of bugs. 
git-svn-id: file:///home/svn/framework3/trunk@5678 4d416f70-5f16-0410-b530-b9f4589650da
 2008-09-24 04:41:51 +00:00
Patrick Webster 3effb133cc Added spamassassin_exec module. 
git-svn-id: file:///home/svn/framework3/trunk@5560 4d416f70-5f16-0410-b530-b9f4589650da
 2008-07-19 15:40:30 +00:00
Patrick Webster 405637297f Added guestbook_ssi_exec.rb module. 
git-svn-id: file:///home/svn/framework3/trunk@5517 4d416f70-5f16-0410-b530-b9f4589650da
 2008-06-04 12:19:43 +00:00
HD Moore 6a329ea831 Update title to match code 
git-svn-id: file:///home/svn/framework3/trunk@5474 4d416f70-5f16-0410-b530-b9f4589650da
 2008-04-14 18:24:06 +00:00
Patrick Webster 66d8f7e8b6 Added clamav_milter_blackhole.rb exploit module 
git-svn-id: file:///home/svn/framework3/trunk@5447 4d416f70-5f16-0410-b530-b9f4589650da
 2008-03-17 11:51:30 +00:00
Patrick Webster 1f7eb2147f phpBB2_highlight module port 
git-svn-id: file:///home/svn/framework3/trunk@5432 4d416f70-5f16-0410-b530-b9f4589650da
 2008-03-05 09:42:57 +00:00
James Lee dfa0f6c0c4 More reliable reverse shell 
git-svn-id: file:///home/svn/framework3/trunk@5429 4d416f70-5f16-0410-b530-b9f4589650da
 2008-03-04 07:34:26 +00:00
Patrick Webster e15dd5a7dc Added SPHPBlog exploit module. 
git-svn-id: file:///home/svn/framework3/trunk@5193 4d416f70-5f16-0410-b530-b9f4589650da
 2007-11-11 09:17:49 +00:00
Patrick Webster 0ebb7c95bd Updated module by Matteo Cantoni 
git-svn-id: file:///home/svn/framework3/trunk@5187 4d416f70-5f16-0410-b530-b9f4589650da
 2007-10-30 13:22:46 +00:00
fab 5b3768ef29 added exploit module squirrelmail_pgp_plugin from Nicob 
git-svn-id: file:///home/svn/framework3/trunk@5047 4d416f70-5f16-0410-b530-b9f4589650da
 2007-07-14 17:59:53 +00:00
HD Moore f915504cfa Fix #53, use Author, not Authors 
git-svn-id: file:///home/svn/framework3/trunk@4529 4d416f70-5f16-0410-b530-b9f4589650da
 2007-03-12 01:08:18 +00:00
Matt Miller d42194e14a updated modules to use base class rand_xxx methods 
git-svn-id: file:///home/svn/framework3/trunk@4498 4d416f70-5f16-0410-b530-b9f4589650da
 2007-03-01 08:21:36 +00:00
HD Moore abbeb2e87e Adding an Id tag and a standard header to all modules 
git-svn-id: file:///home/svn/framework3/trunk@4419 4d416f70-5f16-0410-b530-b9f4589650da
 2007-02-18 00:10:39 +00:00
HD Moore b278bef22d Reference updates 
git-svn-id: file:///home/svn/framework3/trunk@4266 4d416f70-5f16-0410-b530-b9f4589650da
 2007-01-05 14:44:09 +00:00
HD Moore 9dc2148eb9 Moved the other web app bugs into the right place, added php_wordpress_lastpost 
git-svn-id: file:///home/svn/framework3/trunk@4262 4d416f70-5f16-0410-b530-b9f4589650da
 2007-01-05 05:58:13 +00:00
HD Moore 752cc9f978 Added the PAJAX exploit 
git-svn-id: file:///home/svn/framework3/trunk@4261 4d416f70-5f16-0410-b530-b9f4589650da
 2007-01-05 05:38:28 +00:00
HD Moore d09046a5b9 Accessing res['header'] is now case insensitive for HTTP responses 
Added the Google Appliance exploit



git-svn-id: file:///home/svn/framework3/trunk@4259 4d416f70-5f16-0410-b530-b9f4589650da
 2007-01-05 05:22:39 +00:00
HD Moore de5c27e39f Exploit ports 
git-svn-id: file:///home/svn/framework3/trunk@4257 4d416f70-5f16-0410-b530-b9f4589650da
 2007-01-05 04:28:32 +00:00
HD Moore 8fd09e3880 Renamed 
git-svn-id: file:///home/svn/framework3/trunk@4256 4d416f70-5f16-0410-b530-b9f4589650da
 2007-01-05 03:48:16 +00:00
HD Moore b221af7791 Integration of the new HTTP Client API 
git-svn-id: file:///home/svn/framework3/trunk@4241 4d416f70-5f16-0410-b530-b9f4589650da
 2006-12-28 23:42:36 +00:00
HD Moore 810f80612b Reference updates 
git-svn-id: file:///home/svn/framework3/trunk@4154 4d416f70-5f16-0410-b530-b9f4589650da
 2006-11-28 17:18:43 +00:00
HD Moore d0bc17f17a Minor updates 
git-svn-id: file:///home/svn/framework3/trunk@3778 4d416f70-5f16-0410-b530-b9f4589650da
 2006-07-30 21:31:02 +00:00
HD Moore d086a1bedf BSD license the default for non-msfdev created modules. 
git-svn-id: file:///home/svn/incoming/trunk@3636 4d416f70-5f16-0410-b530-b9f4589650da
 2006-05-06 16:34:39 +00:00
bmc 9eaa03d43b * uniq exploit class name 
git-svn-id: file:///home/svn/incoming/trunk@3540 4d416f70-5f16-0410-b530-b9f4589650da
 2006-02-22 20:34:43 +00:00
HD Moore e249d9ebe5 Massive update to tab indentation (used ./dev/tabify.rb) 
git-svn-id: file:///home/svn/incoming/trunk@3450 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-27 05:00:35 +00:00
bmc 6ab42be37d * wee, more php bullshit 
git-svn-id: file:///home/svn/incoming/trunk@3448 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-26 02:07:59 +00:00
HD Moore 1bffccf605 New licensing terms, revision bump to v3 
git-svn-id: file:///home/svn/incoming/trunk@3425 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-21 22:10:20 +00:00
HD Moore c18e5a10a9 distcc 
git-svn-id: file:///home/svn/incoming/trunk@3423 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-21 05:05:19 +00:00
bmc 164520753c * kill the debugging info 
git-svn-id: file:///home/svn/incoming/trunk@3415 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-20 20:25:07 +00:00
bmc d6608d4dd5 * xmlrpc vuln 
git-svn-id: file:///home/svn/incoming/trunk@3414 4d416f70-5f16-0410-b530-b9f4589650da
 2006-01-20 20:18:55 +00:00