f26b60a082
functions and some tweaking
2013-07-19 07:57:27 +02:00
a1a6aac229
Delete debug code from mutiny_frontend_upload
2013-07-18 14:03:19 -05:00
8fd6dd50de
Check session and CSRF variables as per review
2013-07-16 14:30:55 -03:00
dc51c8a3a6
Change URIPATH option to TARGETURI as per review
2013-07-16 14:27:47 -03:00
3dbe8fab2c
Add foreman_openstack_satellite_code_exec.rb
...
This module exploits a code injection vulnerability in the 'create'
action of 'bookmarks' controller of Foreman and Red Hat
OpenStack/Satellite (Foreman 1.2.0-RC1 and earlier).
2013-07-16 12:07:31 -03:00
f594c4b128
small cleanup
2013-07-15 08:48:18 +02:00
393c1b2a99
session stuff
2013-07-15 07:57:30 +02:00
a6b48f3082
HTTP GET
2013-07-14 19:02:53 +02:00
9f65264af4
make msftidy happy
2013-07-14 15:45:14 +02:00
47ca4fd48f
session now working
2013-07-14 15:42:41 +02:00
9133dbac4a
some feedback included and some playing
2013-07-14 14:14:06 +02:00
49c70911be
dlink upnp command injection
2013-07-09 13:24:12 +02:00
4df943d1a2
CVE and OSVDB update
2013-06-25 02:06:20 -05:00
b86b4d955a
Make random strings also length random
2013-06-24 12:01:30 -05:00
6672679530
Add local privilege escalation for ZPanel zsudo abuse
2013-06-23 11:00:39 -05:00
81b4efcdb8
Fix requires for PhpEXE
...
And incidentally fix some msftidy complaints
2013-06-19 16:27:59 -05:00
f58e279066
Cleanup on module names, descriptions.
2013-06-10 10:52:22 -05:00
f55edac0ca
Title and description update
2013-06-07 22:38:53 -05:00
a510084f1c
Description change.
2013-06-07 22:35:46 -05:00
600494817d
Fix typo and target name
2013-06-07 21:08:38 -05:00
9025b52951
make the payload build more clear
2013-06-07 18:05:11 -05:00
d76e14fc9c
Add module for OSVDB 93004 - Exim Dovect exec
2013-06-07 17:59:04 -05:00
4d26299de3
add osvdb ref 93881 and edb ref 21191
2013-06-05 18:57:33 -05:00
3111013991
Minor cleanup for miniupnpd_soap_bof
2013-06-04 08:53:52 -05:00
6497e5c7a1
Move exploit under the linux tree
2013-06-04 08:53:18 -05:00
c705928052
Landing #1899 - Add OSVDB ref 85462 for esva_exec.rb
2013-06-03 10:40:31 -05:00
76faba60b7
add osvdb ref 85462
2013-06-03 06:16:43 -05:00
e612a3d017
add osvdb ref 77183
2013-06-03 05:42:56 -05:00
e74c1d957f
Landing #1897 - Add OSVDB ref 93444 for mutiny_frontend_upload.rb
2013-06-03 02:15:35 -05:00
093830d725
Landing #1896 - Add OSVDB ref 82925 for symantec_web_gateway_exec.rb
2013-06-03 02:13:34 -05:00
c2c630c338
add osvdb ref 93444
2013-06-02 21:03:44 -05:00
bc993b76fc
add osvdb ref 82925
2013-06-02 20:43:16 -05:00
ae17e9f7b5
add osvdb ref 56992
2013-06-02 18:32:46 -05:00
61c8861fcf
add osvdb ref
2013-06-02 08:33:42 -05:00
90117c322c
Landing #1874 - Post API cleanup
2013-05-31 16:15:23 -05:00
e7a1f06fbc
Modules shouldn't be +x
2013-05-29 15:11:35 -05:00
f3ff5b5205
Factorize and remove includes
...
Speeds up compilation and removes dependency on bionic source
2013-05-28 15:46:06 -05:00
75d6c8079a
Spelling, whitespace
...
Please be sure to run msftidy.rb on new modules. Thanks!
2013-05-28 10:03:37 -05:00
bfcd86022d
Add code cleanup for nginx_chunked_size.
2013-05-22 14:37:42 -05:00
81b690ae4b
Initial check in of nginx module
2013-05-22 13:52:00 -04:00
f4498c3916
Remove $Id tags
...
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
94bc3bf8eb
Fix msftidy warning
2013-05-20 10:35:59 -05:00
395aac90c2
Do minor cleanup for linksys_wrt160nv2_apply_exec
2013-05-20 10:34:39 -05:00
08b2c9db1e
Land #1801 , @m-1-k-3's linksys wrt160n exploit
2013-05-20 10:33:44 -05:00
1a904ccf7d
tftp download
2013-05-19 20:37:46 +02:00
dfa19cb46d
Do minor cleanup for dlink_dir615_up_exec
2013-05-19 12:43:01 -05:00
348705ad46
Land #1800 , @m-1-k-3's exploit for DLINK DIR615
2013-05-19 12:42:02 -05:00
f3a2859bed
removed user,pass in request
2013-05-19 18:50:12 +02:00
aee5b02f65
tftp download check
2013-05-19 18:45:01 +02:00
4816925f83
feeback included
2013-05-19 16:19:45 +02:00
3009bdb57e
Add a few more references for those without
2013-05-16 14:32:02 -05:00
649a8829d3
Add modules for Mutiny vulnerabilities
2013-05-15 09:02:25 -05:00
5e925f6629
Description update
2013-05-14 14:20:27 -05:00
42cfa72f81
Update data after test kloxo 6.1.12
2013-05-13 19:09:06 -05:00
58f2373171
Added module for EDB 25406
2013-05-13 18:08:23 -05:00
981cc891bc
description
2013-05-12 20:07:32 +02:00
09bf23f4d6
linksys wrt160n tftp download module
2013-05-06 16:18:15 +02:00
22d850533a
dir615 down and exec exploit
2013-05-06 15:33:45 +02:00
60e0cfb17b
Trivial description cleanup
2013-04-29 14:11:20 -05:00
2b4144f20f
Add module for US-CERT-VU 345260
2013-04-24 10:47:16 -05:00
0115833724
SyntaxError fixes
2013-04-21 20:22:41 +00:00
19a158dce9
Do final cleanup for netgear_dgn2200b_pppoe_exec
2013-04-19 15:50:23 -05:00
c1819e6ecc
Land #1700 , @m-1-k-3's exploit for Netgear DGN2200B
2013-04-19 15:49:30 -05:00
2713991c64
timeout and HTTP_Delay
2013-04-17 20:25:59 +02:00
59045f97fb
more testing, reworking of config restore, rework of execution
2013-04-17 18:10:27 +02:00
513b3b1455
Minor cleanup on DLink module
2013-04-15 13:27:47 -05:00
7e5d4bc893
Landing #1614 , @jwpari nagios nrpe exploit
2013-04-11 17:53:52 +02:00
a1605184ed
Landing #1719 , @m-1-k-3 dlink_diagnostic_exec_noauth exploit module
2013-04-10 11:17:29 +02:00
4f2e3f0339
final cleanup for dlink_diagnostic_exec_noauth
2013-04-10 11:15:32 +02:00
8fbade4cbd
OSVDB
2013-04-10 10:45:30 +02:00
157f25788b
final cleanup for linksys_wrt54gl_apply_exec
2013-04-09 12:39:57 +02:00
b090495ffb
Landing pr #1703 , m-1-k-3's linksys_wrt54gl_apply_exec exploit
2013-04-09 12:38:49 +02:00
b93ba58d79
EDB, BID
2013-04-09 11:56:53 +02:00
cbefc44a45
correct waiting
2013-04-08 21:40:50 +02:00
955efc7009
final cleanup
2013-04-07 17:59:57 +02:00
9f89a996b2
final regex, dhcp check and feedback from juan
2013-04-07 17:57:18 +02:00
0e69edc89e
fixing use of regex
2013-04-07 11:39:29 +02:00
6a410d984d
adding get_config where I forgot
2013-04-06 19:13:42 +02:00
0c25ffb4de
Landing #1695 , agix's smhstart local root exploit
2013-04-06 17:32:12 +02:00
55302ee07f
Merge remote-tracking branch 'origin/pr/1695' into landing-pr1695
2013-04-06 17:30:02 +02:00
9a2f409974
first cleanup for linksys_wrt54gl_apply_exec
2013-04-06 01:05:09 +02:00
ecaaaa34bf
dlink diagnostic - initial commit
2013-04-05 19:56:15 +02:00
96b444c79e
ManualRanking
2013-04-04 17:40:53 +02:00
67f0b1b6ee
little cleanump
2013-04-04 17:33:46 +02:00
f07117fe7d
replacement of wrt54gl auxiliary module - initial commit
2013-04-04 17:30:36 +02:00
b947dc71e9
english :) "must be"
2013-04-03 13:47:57 +02:00
60dfece55c
add opcode description
2013-04-03 13:46:56 +02:00
ce88d8473a
cleanup for netgear_dgn1000b_setup_exec
2013-04-03 12:44:04 +02:00
3c27678168
Merge branch 'netgear-dgn1000b-exec-exploit' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-netgear-dgn1000b-exec-exploit
2013-04-03 12:43:42 +02:00
a93ec3aea3
fix name
2013-04-03 10:40:52 +02:00
2ceecabede
make msftidy happy
2013-04-03 10:34:28 +02:00
91b0e5f800
netgear dgn2200b pppoe exec exploit - initial commit
2013-04-03 10:32:52 +02:00
642d8b846f
netgear_dgn1000b_setup_exec - initial commit
2013-04-02 14:41:50 +02:00
7f3c6f7629
netgear_dgn1000b_setup_exec - initial commit
2013-04-02 14:39:04 +02:00
1b27d39591
netgear dgn1000b mipsbe exploit
2013-04-02 14:34:09 +02:00
7359151c14
decrement esp to fix crash in the middle of shellcode
2013-04-02 13:25:31 +02:00
6a6fa5b39e
module filename changed
2013-04-02 10:50:50 +02:00
b3feb51c49
cleanup for linksys_e1500_up_exec
2013-04-02 10:49:09 +02:00
5e42b8472b
Merge branch 'linksys_e1500_exploit' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-linksys_e1500_exploit
2013-04-02 10:48:28 +02:00
579c499f43
Juans SRVHOST check included
2013-04-02 07:50:51 +02:00
m-1-k-3
jvazquez-r7
Ramon de C Valle
sinn3r
James Lee
Tod Beardsley
Steve Tornio
LinuxGeek247
Antoine
Tod Beardsley
agix