Commit Graph

88 Commits (af16f11784e4bd4addb1b909194e96d9a6d84cde)

Author SHA1 Message Date
sinn3r af16f11784 Another update 2013-12-06 14:39:26 -06:00
sinn3r 87e77b358e Use the correct URI 2013-12-06 12:08:19 -06:00
sinn3r 5d4acfa274 Plenty of changes 2013-12-06 11:57:02 -06:00
sinn3r c07686988c random uri 2013-12-05 18:07:24 -06:00
sinn3r 8e9723788d Correct description 2013-12-04 17:25:58 -06:00
sinn3r fb2fcf429f This one actually works 2013-12-04 17:22:42 -06:00
sinn3r d0071d7baa Add CVE-2013-6414 Rails Action View DoS 2013-12-04 14:57:30 -06:00
Tod Beardsley 23448b58e7
Remove timeout checkers that are rescued anyway 2013-11-25 12:37:23 -06:00
Tod Beardsley f311b0cd1e
Add user-controlled verbs.
GET, HEAD, POST, and PROPFIND were tested on WebRick, all successful.
2013-11-25 12:29:05 -06:00
Tod Beardsley 6a28aa298e
Module for CVE-2013-4164
So far, just a DoS. So far, just tested on recent Rails with Webrick and
Thin front ends -- would love to see some testing on ngix/apache with
passenger/mod_rails but I don't have it set up at the moment.
2013-11-22 16:51:02 -06:00
jvazquez-r7 f963f960cb Update title 2013-11-18 15:07:59 -06:00
jvazquez-r7 274247bfcd
Land #2647, @jvennix-r7's module for Gzip Memory Bomb DoS 2013-11-18 15:06:46 -06:00
joev 589660872e Kill FILEPATH datastore option. 2013-11-18 14:13:25 -06:00
joev 8e889c61f7 Update description. 2013-11-17 15:48:27 -06:00
joev f7820139dc Add a content_type datastore option. 2013-11-17 15:38:55 -06:00
joev 43d2711b98 Default to 1 round compression. 2013-11-17 15:35:35 -06:00
joev 1e3860d648 Add gzip bomb dos aux module. 2013-11-17 14:44:33 -06:00
William Vu 2c485c509e Fix caps on module titles (first pass) 2013-11-15 00:03:42 -06:00
Tod Beardsley 9045eb06b0
Various title and description updates 2013-10-28 14:00:19 -05:00
jvazquez-r7 bdf07456ba Last cleanup for nodejs_pipelining 2013-10-22 15:00:58 -05:00
Jonathan Rudenberg db447b65f9 Add exploit for Node.js HTTP Pipelining DoS 2013-10-22 15:12:14 -04:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
FireFart 09fa7b7692 remove rport methods since it is already defined in Msf::Exploit::Remote::HttpClient 2013-09-25 23:50:34 +02:00
FireFart 84ec2cbf11 remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient 2013-09-25 23:42:44 +02:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
Tod Beardsley bc24f99f8d Various description and title updates 2013-07-01 15:37:37 -05:00
sinn3r 6168eb7590 Land #1981 - Canon Wireless Printer Denial of Service 2013-06-18 19:04:48 -05:00
sinn3r 7d15dc379d Make msftidy happy 2013-06-18 19:04:03 -05:00
Matt Andreko 0533ca68dc Added DoS result checking
Lowered the http timeout
2013-06-18 19:48:21 -04:00
Matt Andreko 8c28631d4b Fixed the date format
Removed the rport option
These are items that were code-review for my other related module, so
I figured they should be done here too
2013-06-18 12:17:50 -04:00
Tod Beardsley 4ca9a88324 Tidying up grammar and titles 2013-06-17 16:49:14 -05:00
Matt Andreko d877e4d489 Added CVE and disclosure date 2013-06-17 17:41:50 -04:00
Matt Andreko 3923bbeee9 Update 2013-06-15 18:28:58 -04:00
Matt Andreko 0494ac9218 Added Canon Wireless Printer DoS module 2013-06-15 18:23:04 -04:00
jvazquez-r7 fd74390952 Clean monkey_headers 2013-06-13 18:07:35 -05:00
sinn3r 73aff97053 Land #1950 - Monkey HTTPD Header Parsing Denial-of-Service
This is the reviewed/updated version of pull request #1950. We're
landing this one instead because the other one has a lot of
unnecessary commit messages.
2013-06-13 15:56:34 -05:00
sinn3r a09b3b8023 Lands #1169 - Adds a check
[Closes #1169]

Conflicts:
	modules/auxiliary/dos/http/apache_range_dos.rb
2013-04-22 15:50:15 -05:00
sinn3r 882b084cba Changes the default action 2013-04-22 15:47:38 -05:00
sinn3r 7e28a4ddb0 Uses "ACTIONS" keys instead of datastore options
It's better to use ACTIONS instead of datastore in this case. Also,
did some cleanup.
2013-04-22 15:41:47 -05:00
James Lee 2f11796dfa Fix typo
[SeeRM #7800]
2013-03-13 16:10:20 -05:00
sinn3r 92093cd7d8 There's no HttpClient, so it shouldn't be using normalize_uri 2013-02-19 15:04:18 -06:00
sinn3r c174e6a208 Correctly use normalize_uri()
normalize_uri() should be used when you're joining URIs.  Because if
you're merging URIs after it's normalized, you could get double
slashes again.
2013-01-30 23:23:41 -06:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
T0X1C-1 1714fa21b1 adjusted DOS part to use HttpClient 2012-12-17 15:46:39 +01:00
T0X1C-1 a48c14124b added CHECK functionality to the existing module 2012-12-13 16:54:50 +01:00
sinn3r 64a8b59ff9 Change CVE forma
Although the original text should work perfectly, for better
consistency, it's best to remove the "CVE" part. This may not
be a big deal in framework, but stands out a lot in Pro.
2012-12-09 01:09:21 -06:00
HD Moore 93a69ea62e Fix instances of invalid lower-case datastore use 2012-11-29 00:05:36 -06:00
Tod Beardsley 6b4c131cf5 Avoiding a future conflict with release 2012-11-20 13:24:19 -06:00