84aaf2334a
Retab new material
2013-09-03 11:47:26 -05:00
0c1e6546af
Update from master
2013-09-03 11:45:39 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
0bfc12ada1
Fix the way to get a session over a telnet connection
2013-08-27 11:38:49 -05:00
462ccc3d36
Missed these little devils
2013-08-15 16:50:13 -05:00
6c1ba9c9c9
Switch to Failure vs Exploit::Failure
2013-08-15 14:14:46 -05:00
178a7b0dbb
Fix author's email format
2013-08-14 11:56:47 -05:00
2a4b8e4a64
Add useful comment
2013-08-14 11:49:32 -05:00
e6c36864c4
Fix telnet related stuff
2013-08-14 11:47:57 -05:00
5436ec7dd3
Title change for dlink_dir300_exec_telnet
...
Title change for dlink_dir300_exec_telnet. Also correct the email
format.
2013-08-09 15:41:50 -05:00
74eeacf9f2
Fix regex
2013-08-08 08:40:45 -05:00
821673c4d2
Try to fix a little description
2013-08-07 10:26:39 -05:00
33ac0c5c3f
Make exploit more print friendly
2013-08-07 10:21:14 -05:00
32436973e4
Land #2192 , @m-1-k-3's exploit for OSVDB-89861
2013-08-07 10:16:49 -05:00
ae685ac41d
Beautify description
2013-08-07 09:52:29 -05:00
afb8a95f0a
Land #2179 , @m-1-k-3's exploit for OSVDB-92698
2013-08-07 09:00:41 -05:00
dd35495fb8
dir 300 and 600 auxiliary module replacement
2013-08-05 22:28:59 +02:00
786f16fc91
feedback included
2013-08-05 21:55:30 +02:00
e7206af5b5
OSVDB and comment doc fixes
2013-08-05 09:08:17 -05:00
a19afd163a
feedback included
2013-08-02 17:30:39 +02:00
15906b76db
dir300 and 615 command injection
2013-07-31 14:36:51 +02:00
6b514bb44a
dir300 and 615 command injection telnet session
2013-07-31 14:34:03 +02:00
5efcbbd474
Land #2167 - PineApp Mail-SeCure livelog.html Exec
2013-07-29 13:18:18 -05:00
7967426db1
Land #2166 - PineApp Mail-SeCure ldapsyncnow.php EXEC
2013-07-29 13:16:42 -05:00
a1d9ed300e
Add module for ZDI-13-184
2013-07-28 09:57:41 -05:00
f4e35b62ac
Add module for ZDI-13-185
2013-07-27 12:12:06 -05:00
fab9d33092
Fix disclosure date
2013-07-27 12:10:21 -05:00
ac7bb1b07f
Add module for ZDI-13-188
2013-07-27 03:25:39 -05:00
147d432b1d
Move from DLink to D-Link
2013-07-23 14:11:16 -05:00
af1bd01b62
Change datastore options names for consistency
2013-07-22 16:57:32 -05:00
5e55c506cd
Land #2140 , add CWS as a first-class reference.
2013-07-22 13:50:38 -05:00
164153f1e6
Minor updates to titles and descriptions
2013-07-22 13:04:54 -05:00
77e8250349
Add support for CWE
2013-07-22 12:13:56 -05:00
6158415bd3
Clean CWE reference, will ad in new pr
2013-07-22 12:03:55 -05:00
da4fda6cb1
Land #2110 , @rcvalle's exploit for Foreman Ruby Injection
2013-07-22 12:02:43 -05:00
04e9398ddd
Fix CSRF regular expressions as per review
2013-07-22 13:10:56 -03:00
de6e2ef6f4
Final cleanup for dlink_upnp_exec_noauth
2013-07-22 10:53:09 -05:00
c1c72dea38
Land @2127, @m-1-k-3's exploit for DLink UPNP SOAP Injection
2013-07-22 10:52:13 -05:00
11ef4263a4
Remove call to handler as per review
2013-07-22 12:49:42 -03:00
4beea52449
Use instance variables
2013-07-19 14:46:17 -05:00
6761f95892
Change print_error/ret to fail_with as per review
2013-07-19 12:19:29 -03:00
e93eef4534
fixing server header check
2013-07-19 08:00:02 +02:00
f26b60a082
functions and some tweaking
2013-07-19 07:57:27 +02:00
a1a6aac229
Delete debug code from mutiny_frontend_upload
2013-07-18 14:03:19 -05:00
8fd6dd50de
Check session and CSRF variables as per review
2013-07-16 14:30:55 -03:00
dc51c8a3a6
Change URIPATH option to TARGETURI as per review
2013-07-16 14:27:47 -03:00
3dbe8fab2c
Add foreman_openstack_satellite_code_exec.rb
...
This module exploits a code injection vulnerability in the 'create'
action of 'bookmarks' controller of Foreman and Red Hat
OpenStack/Satellite (Foreman 1.2.0-RC1 and earlier).
2013-07-16 12:07:31 -03:00
f594c4b128
small cleanup
2013-07-15 08:48:18 +02:00
393c1b2a99
session stuff
2013-07-15 07:57:30 +02:00
a6b48f3082
HTTP GET
2013-07-14 19:02:53 +02:00
Tab Assassin
jvazquez-r7
sinn3r
HD Moore
m-1-k-3
Tod Beardsley
Ramon de C Valle