infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,607 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

2015 Commits (afe3168a363355aecb64e1dd20db20512b728e3e)

Author SHA1 Message Date
sinn3r 2536cf0308 Add feature #5779 2011-11-14 01:49:26 -06:00
Steve Tornio a0c9297500 add osvdb ref 2011-11-12 06:01:41 -06:00
sinn3r 170c4f5451 Fix author email format 2011-11-12 01:53:25 -06:00
sinn3r b8b8732d85 Correct disclosure date 2011-11-12 01:12:28 -06:00
sinn3r ed5bae6441 oops, I don't need that extra comment 2011-11-12 01:04:00 -06:00
sinn3r 84c5268ab4 Add Aviosoft DTV exploit 2011-11-12 01:02:40 -06:00
Patrick Webster f54b622ad3 Added BID ref for amlibweb module. 2011-11-11 12:04:40 +11:00
wchen-r7 c569ec4a33 Don't really need a revision # in source 2011-11-09 22:10:52 -06:00
Wei Chen 32bb3af298 Add feature #5946 2011-11-09 21:49:34 -06:00
Matt Weeks fdf13e5e0e Fixes #5927 
git-svn-id: file:///home/svn/framework3/trunk@14196 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 21:45:17 +00:00
Wei Chen c4fa5b4674 Fix #5937. Vista is currently taken down because it's not stable enough. 
git-svn-id: file:///home/svn/framework3/trunk@14188 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 09:35:18 +00:00
Wei Chen 0b981b0db0 Add OSVDB reference 
git-svn-id: file:///home/svn/framework3/trunk@14179 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-07 02:01:42 +00:00
Wei Chen e767214411 Fix: whitespaces, svn propset, author e-mail format 
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-06 22:02:26 +00:00
Wei Chen 49dddf1396 Yeah, don't really need the bottom comment anymore 
git-svn-id: file:///home/svn/framework3/trunk@14172 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-06 20:16:34 +00:00
Wei Chen 43a22d3fa0 Add Office 2007 SP2 target, thanks Juan 
git-svn-id: file:///home/svn/framework3/trunk@14171 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-06 17:33:29 +00:00
Wei Chen 1a2f60f4c0 Add MS11-021 (#5917) 
git-svn-id: file:///home/svn/framework3/trunk@14169 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-05 23:05:42 +00:00
James Lee 155c3ff9ac whitespace 
git-svn-id: file:///home/svn/framework3/trunk@14157 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-04 17:17:10 +00:00
Steve Tornio 7a07e069da add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@14156 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-04 14:15:00 +00:00
Wei Chen 3d6f631780 Upgrade mini_stream as a remote module. Account for all variables that affect the offset to EIP. Also digital1 = Ron. 
git-svn-id: file:///home/svn/framework3/trunk@14155 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-04 08:20:43 +00:00
Wei Chen b809f00979 Add NJStar MiniSMTP bof (Feature #5901) 
git-svn-id: file:///home/svn/framework3/trunk@14135 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-01 08:19:55 +00:00
Mario Ceballos 0890cca02a much needed patch worked like a champ in my enviroment. 
git-svn-id: file:///home/svn/framework3/trunk@14132 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 20:37:30 +00:00
Wei Chen 3eff1cfaa5 This exploit does not work at all, and could not be fixed in time. See #5854 
git-svn-id: file:///home/svn/framework3/trunk@14088 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-27 01:47:48 +00:00
Mario Ceballos 7b099bbaef remove Rex::Text.pattern_create() 
git-svn-id: file:///home/svn/framework3/trunk@14076 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-26 22:16:26 +00:00
Wei Chen ded364c8ef Feature #5621 
git-svn-id: file:///home/svn/framework3/trunk@14075 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-26 21:25:46 +00:00
David Rude 086af94b5d Adds Foxit PDF Reader Exploit CVE-2009-0837 
git-svn-id: file:///home/svn/framework3/trunk@14069 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 20:15:12 +00:00
Joshua Drake 32cde1d45a don't use the pattern creator 
git-svn-id: file:///home/svn/framework3/trunk@14050 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 19:43:54 +00:00
Wei Chen fa2355a766 Damn comma 
git-svn-id: file:///home/svn/framework3/trunk@14048 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 16:42:07 +00:00
Wei Chen 68286561f5 Add #5742 
git-svn-id: file:///home/svn/framework3/trunk@14047 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 16:38:02 +00:00
Wei Chen c0d362bd83 Fix tabs, and the correct the bottom comment 
git-svn-id: file:///home/svn/framework3/trunk@14041 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 01:39:11 +00:00
Wei Chen a8d62ae01a Add feature #5592 (Cytel Studio) 
git-svn-id: file:///home/svn/framework3/trunk@14040 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 01:37:32 +00:00
Joshua Drake 7bfa29ace4 clean up exploit HTML print_status 
git-svn-id: file:///home/svn/framework3/trunk@14036 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-23 14:21:57 +00:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues 
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-23 11:56:13 +00:00
Steve Tornio 27cba3d7ec add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@14020 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-21 11:50:59 +00:00
Wei Chen 06aa776a77 Bleh, fix BID reference 
git-svn-id: file:///home/svn/framework3/trunk@14016 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-20 17:40:21 +00:00
Wei Chen e5f7bfceaf Add HP Power Manager module by ipax, thx! 
git-svn-id: file:///home/svn/framework3/trunk@14015 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-20 17:29:48 +00:00
David Rude 091b9779e2 Add commas 
git-svn-id: file:///home/svn/framework3/trunk@14007 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-19 20:41:09 +00:00
David Rude 521aec205b Return on error 
git-svn-id: file:///home/svn/framework3/trunk@14006 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-19 19:55:04 +00:00
Wei Chen 0f1ba8dcf1 Change user agent check 
git-svn-id: file:///home/svn/framework3/trunk@13993 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 15:48:03 +00:00
HD Moore e4290e40c4 Fix the check to not report empty user/pass 
git-svn-id: file:///home/svn/framework3/trunk@13989 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 09:10:00 +00:00
Wei Chen 8e4f4a2672 Add CVE-2011-1774 (Safari libxslt arbitrary file creation) 
git-svn-id: file:///home/svn/framework3/trunk@13987 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 07:39:50 +00:00
Wei Chen fbbec1fa92 This exploit falls between NormalRanking to GoodRanking. I'll class it as Normal for now. 
git-svn-id: file:///home/svn/framework3/trunk@13984 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 03:48:10 +00:00
Wei Chen 975cc52bac Fix spelling errors 
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 00:54:05 +00:00
Wei Chen 0304702b14 Mention where the getpc code is from, request by corelanc0d3r 
git-svn-id: file:///home/svn/framework3/trunk@13974 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 14:56:44 +00:00
Tod Beardsley c336d063da Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip. 
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 04:20:53 +00:00
Tod Beardsley 3c36b0c975 Msftidy: knocking out all those trailing spaces. Screw those guys. 
git-svn-id: file:///home/svn/framework3/trunk@13967 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 03:49:49 +00:00
Wei Chen 39a4488da5 Patch #5740 for Firefox Array.reduceRight() exploit 
git-svn-id: file:///home/svn/framework3/trunk@13958 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 20:28:15 +00:00
Tod Beardsley d059670d67 Fixes #5570, commits TecR0c's exploit module, after running through msftidy.rb. Thanks! 
git-svn-id: file:///home/svn/framework3/trunk@13952 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 15:47:04 +00:00
HD Moore 594b0687c7 Fix CVE reference format 
git-svn-id: file:///home/svn/framework3/trunk@13950 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 09:55:07 +00:00
HD Moore cf8524b1b4 Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types 
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 09:53:53 +00:00
Tod Beardsley 020abd926b A handful of rankings changes, also converting whitespace. 
git-svn-id: file:///home/svn/framework3/trunk@13941 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 22:58:20 +00:00
Wei Chen 14d7db1641 Add disclosure dates to all the exploit modules that didn't have one 
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 21:09:17 +00:00
Wei Chen 1adb31747d This module is missing a ranking. Adding one. 
git-svn-id: file:///home/svn/framework3/trunk@13936 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 20:35:18 +00:00
Wei Chen 2b746b3505 This module never got a ranking, adding one 
git-svn-id: file:///home/svn/framework3/trunk@13934 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 20:07:59 +00:00
Wei Chen 4f4c0bc0be Add CVE-2011-2371 Firefox Array.reduceRight() vuln 
git-svn-id: file:///home/svn/framework3/trunk@13909 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-13 03:16:15 +00:00
Wei Chen 90a426cec6 Add PcVue 10 LoadObject/SaveObject vuln (Feature #5647) 
git-svn-id: file:///home/svn/framework3/trunk@13889 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 10:57:31 +00:00
James Lee 6578874439 don't bother escaping a tick 
git-svn-id: file:///home/svn/framework3/trunk@13887 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 01:45:10 +00:00
Wei Chen c1b1917dce Change correct name for Lincoln. Also, this is feature #5646 
git-svn-id: file:///home/svn/framework3/trunk@13868 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-11 03:30:14 +00:00
Wei Chen e3111e0261 Add CVE-2008-4779 
git-svn-id: file:///home/svn/framework3/trunk@13867 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-11 03:28:08 +00:00
Wei Chen f54939cda9 Change target name and description. The module works on multiple systems. 
git-svn-id: file:///home/svn/framework3/trunk@13853 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-10 16:47:33 +00:00
Wei Chen 8488343e46 Add CVE-2011-2595 (Feature #5645) 
git-svn-id: file:///home/svn/framework3/trunk@13852 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-10 16:11:05 +00:00
Wei Chen 756aafd7f2 Add CVE and OSVDB refs 
git-svn-id: file:///home/svn/framework3/trunk@13848 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 22:56:17 +00:00
Joshua Drake eab8a2434b fix typo in description 
git-svn-id: file:///home/svn/framework3/trunk@13845 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 19:39:15 +00:00
Wei Chen 487ee5b46e Does not work against Win 7 SP0/SP1 and Windows Server 2003 SP2. Definitely not an universal target. 
git-svn-id: file:///home/svn/framework3/trunk@13841 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 05:36:42 +00:00
Wei Chen a3cc25615d Add bug #5505 (scriptftp_list module) 
git-svn-id: file:///home/svn/framework3/trunk@13839 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 04:17:03 +00:00
HD Moore 3d8a18cfd1 Fix tab indent 
git-svn-id: file:///home/svn/framework3/trunk@13836 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-08 18:39:23 +00:00
Joshua Drake 2e7edeff81 See #3585: Happy Third Birthday MS08-067! 
Adds an AlwaysOn DEP bypass for XP SP2 and SP3

git-svn-id: file:///home/svn/framework3/trunk@13835 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-08 07:26:37 +00:00
Steve Tornio 93f8d73b0c add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13810 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-02 17:03:23 +00:00
Mario Ceballos 711bfa7d53 initial coverage for ca total defense sqli 
git-svn-id: file:///home/svn/framework3/trunk@13809 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-02 15:53:44 +00:00
Wei Chen 2b3a277124 Found an instance that causes the win 7 target to fail. This fix corrects it. 
git-svn-id: file:///home/svn/framework3/trunk@13797 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-27 08:55:07 +00:00
Matt Weeks de9e99bd3d Fix some TOCTOU confusion and database errors. 
git-svn-id: file:///home/svn/framework3/trunk@13779 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-23 15:12:19 +00:00
Wei Chen ec6f290fbd Add Windows 7 target and all kinds of stuff. 
git-svn-id: file:///home/svn/framework3/trunk@13775 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-22 17:40:35 +00:00
Steve Tornio e93341f9f1 add cve and osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@13768 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-21 11:55:56 +00:00
Wei Chen 5d4f68a6f2 Fix JS 
git-svn-id: file:///home/svn/framework3/trunk@13767 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-21 03:13:45 +00:00
Wei Chen 936f3de84c This simple math would do the trick 
git-svn-id: file:///home/svn/framework3/trunk@13766 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-20 18:56:21 +00:00
Wei Chen 742edf1ad1 Add eSignal and eSignal Pro exploit 
git-svn-id: file:///home/svn/framework3/trunk@13765 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-20 17:39:53 +00:00
Joshua Drake 3318b132c8 add x90c's email address 
git-svn-id: file:///home/svn/framework3/trunk@13757 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 19:40:48 +00:00
Steve Tornio ee09c028a0 add cve and osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@13756 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 11:38:49 +00:00
Matt Weeks 1d2ddc55e8 Add UI for PXE attack reset. 
git-svn-id: file:///home/svn/framework3/trunk@13753 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-18 20:44:16 +00:00
James Lee f4be092ac1 include the CVE with more details that definitely applies to this bug, in addition to the ambiguous one that may or may not 
git-svn-id: file:///home/svn/framework3/trunk@13751 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-18 03:57:27 +00:00
Wei Chen bf315b09ed Add DAQFactory bof 
git-svn-id: file:///home/svn/framework3/trunk@13750 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-18 02:45:55 +00:00
Tod Beardsley 10c76f66ba Adding an extra print line to adobe_cooltype_sing that clearly displays the user-agent. 
git-svn-id: file:///home/svn/framework3/trunk@13748 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-17 20:12:51 +00:00
Wei Chen 56025609f0 Add fix commit url to reference. Thx jduck! 
git-svn-id: file:///home/svn/framework3/trunk@13745 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-17 06:48:33 +00:00
Wei Chen 2ebef435a0 Add CVE-2011-2950 Real Player heap overflow 
git-svn-id: file:///home/svn/framework3/trunk@13738 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-16 19:22:29 +00:00
Wei Chen 6443ee024c Add Measuresoft ScadaPro exploit 
git-svn-id: file:///home/svn/framework3/trunk@13737 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-16 08:23:59 +00:00
Wei Chen 7569cad178 Correct variable use in heap spray js function 
git-svn-id: file:///home/svn/framework3/trunk@13735 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-15 22:37:13 +00:00
Wei Chen 70fa0e630b Add Windows 7 + IE 8 target. Also use a different approach to get code execution. 
git-svn-id: file:///home/svn/framework3/trunk@13734 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-15 20:51:01 +00:00
Steve Tornio de98758f2b add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13728 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-13 20:10:28 +00:00
Wei Chen 9e5d07b201 Add ScadaTEC ScadaPhone bof 
git-svn-id: file:///home/svn/framework3/trunk@13727 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-13 17:25:03 +00:00
Steve Tornio e6ce90c551 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13724 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-12 21:42:36 +00:00
Wei Chen 8b8388ed44 Add CVE-2011-3322 Procyon Core Server HMI 
git-svn-id: file:///home/svn/framework3/trunk@13721 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-12 17:54:31 +00:00
Wei Chen e597891a1f Add support for DEP bypass 
git-svn-id: file:///home/svn/framework3/trunk@13711 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-09 18:15:50 +00:00
James Lee e31acef6e9 whitespace cleanup 
git-svn-id: file:///home/svn/framework3/trunk@13702 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-07 15:30:08 +00:00
Mario Ceballos 6f28911d3d added patch from joshua taylor. 
git-svn-id: file:///home/svn/framework3/trunk@13698 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-06 19:58:40 +00:00
Wei Chen 819e673b88 Mention about the RSA attack in the description, also add a reference for it 
git-svn-id: file:///home/svn/framework3/trunk@13697 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-06 17:22:00 +00:00
HD Moore 7fb4a3c571 Fix up the disablenops syntax 
git-svn-id: file:///home/svn/framework3/trunk@13694 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-05 16:27:04 +00:00
Mario Ceballos 2f2421badc initial coverage of the pnsize bug (fileformat) 
git-svn-id: file:///home/svn/framework3/trunk@13691 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-03 21:17:58 +00:00
Wei Chen 44ba7e80d5 This module still works against 2.5 (most current as of Sept 2 2011) 
git-svn-id: file:///home/svn/framework3/trunk@13688 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-03 04:52:04 +00:00
David Rude 8a070b81a2 Add the noobfuscation arg to the heaplib call 
git-svn-id: file:///home/svn/framework3/trunk@13675 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-01 09:00:20 +00:00
Wei Chen 4e92190fa8 Add additional references, correct disclosure date 
git-svn-id: file:///home/svn/framework3/trunk@13673 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-01 05:20:47 +00:00
Wei Chen 717b0eddee Add DVD X plf playlist buffer overflow 
git-svn-id: file:///home/svn/framework3/trunk@13672 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-01 05:14:21 +00:00
Wei Chen 22dc0ed551 Fix disclosure date 
git-svn-id: file:///home/svn/framework3/trunk@13670 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-31 00:15:46 +00:00
David Rude c5fe6ed503 Reset the target to allow for multiple client connections 
git-svn-id: file:///home/svn/framework3/trunk@13669 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-30 22:29:14 +00:00
David Rude 70dffd6afb Adds Citrix Gateway ActiveX Stack Based Buffer Overflow module 
git-svn-id: file:///home/svn/framework3/trunk@13666 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-30 22:22:32 +00:00
Matt Weeks 6853221762 Fixes #5313 by adding logging support to pivoted PXE attacks, and displaying results as the module runs. 
git-svn-id: file:///home/svn/framework3/trunk@13646 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-27 15:46:49 +00:00
Matt Weeks f9e651d382 Report to DB too. 
git-svn-id: file:///home/svn/framework3/trunk@13640 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-25 22:56:22 +00:00
Matt Weeks 23b4f4ed98 Address #5313 for locally-launched PXE attacks. 
git-svn-id: file:///home/svn/framework3/trunk@13639 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-25 22:48:33 +00:00
amaloteaux 9cfba23558 psexec: allow o upload payload in a subfolder 
git-svn-id: file:///home/svn/framework3/trunk@13638 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-25 22:30:46 +00:00
Matt Weeks 06c3dabe31 Fixes #5312 for pivoted PXE attacks. 
git-svn-id: file:///home/svn/framework3/trunk@13634 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-25 02:07:35 +00:00
David Rude b331073851 cleaned up some column width issues, added on_new_session clean up code to remove files 
git-svn-id: file:///home/svn/framework3/trunk@13599 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-20 17:47:03 +00:00
Wei Chen 6723c7fb3e Minor metadata format fix 
git-svn-id: file:///home/svn/framework3/trunk@13593 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-20 00:11:22 +00:00
Wei Chen 8fbd81a0f0 Add HP Easy Printer xmlsimpleaccessor exploit 
git-svn-id: file:///home/svn/framework3/trunk@13592 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 23:49:45 +00:00
Mario Ceballos aef764de08 working on moving things referenced in Feature #653. added different param for secure backup 
git-svn-id: file:///home/svn/framework3/trunk@13591 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 18:35:29 +00:00
Wei Chen fe53151324 fix tabs 
git-svn-id: file:///home/svn/framework3/trunk@13590 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 16:58:50 +00:00
Wei Chen 056adf7063 Add Win 7 target 
git-svn-id: file:///home/svn/framework3/trunk@13589 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 16:57:19 +00:00
Wei Chen 2a62ac35ac Fix bug #5267 
git-svn-id: file:///home/svn/framework3/trunk@13573 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-17 06:14:51 +00:00
Wei Chen 6c58dad979 ugh, why the extra spaces 
git-svn-id: file:///home/svn/framework3/trunk@13566 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-15 15:34:49 +00:00
Wei Chen eaa5cf6b5d Use heaplib on IE 8, allow obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13565 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-15 15:32:17 +00:00
Wei Chen 55d60a1af2 Allow JavaScript obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13556 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-13 02:28:49 +00:00
Wei Chen c29a4d5ea3 Specify UUID offset for the custom .Net binary 
git-svn-id: file:///home/svn/framework3/trunk@13555 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-13 02:15:05 +00:00
Wei Chen f8bf910fbb missing var 
git-svn-id: file:///home/svn/framework3/trunk@13554 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-13 02:05:08 +00:00
Wei Chen 8bf7a9990b Improve javascript obfuscation, and allow it as an option 
git-svn-id: file:///home/svn/framework3/trunk@13553 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-12 23:03:11 +00:00
Wei Chen 20f4280d9f Exploit is much more reliable than before, it gets a promotion 
git-svn-id: file:///home/svn/framework3/trunk@13549 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-12 19:17:23 +00:00
Wei Chen bfc59e4c62 Add MS10-026 exploit 
git-svn-id: file:///home/svn/framework3/trunk@13547 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-12 19:04:25 +00:00
Wei Chen 3b04e7bd9e Add routine to check target before exploiting it 
git-svn-id: file:///home/svn/framework3/trunk@13535 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 23:05:45 +00:00
Wei Chen 0d9908435a Allow JavaScript obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13533 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 22:18:25 +00:00
Wei Chen 456aeeb90b Allow JavaScript obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13530 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 18:47:21 +00:00
Wei Chen 4ac431948a Allow JavaScript obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13524 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 15:50:43 +00:00
Wei Chen a1526e86b8 Use heaplib to spray, and use obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13523 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 15:25:14 +00:00
Steve Tornio a6a444930e add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13522 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 11:17:30 +00:00
Wei Chen 950a4215a0 Fix a problem where resp.index() might return nil 
git-svn-id: file:///home/svn/framework3/trunk@13521 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 09:03:19 +00:00
Wei Chen 6a89cf5859 Add TeeChart Professional ActiveX exploit 
git-svn-id: file:///home/svn/framework3/trunk@13520 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 08:41:30 +00:00
Matt Weeks dad6103944 Fix documentation to match change; will only affect windows. 
git-svn-id: file:///home/svn/framework3/trunk@13519 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 03:05:58 +00:00
Matt Weeks f12742a05f Better cleanup for PXE attacks. 
git-svn-id: file:///home/svn/framework3/trunk@13518 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 02:57:02 +00:00
Wei Chen 58198f37ba Fix reference link 
git-svn-id: file:///home/svn/framework3/trunk@13513 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-10 18:58:20 +00:00
Wei Chen 8dc4228ee0 Fix very minor typo 
git-svn-id: file:///home/svn/framework3/trunk@13508 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-10 17:05:49 +00:00
Wei Chen 3b1769d621 Add Mozilla Firefox 3.6.16 mChannel Use After Free exploit by Rh0 
git-svn-id: file:///home/svn/framework3/trunk@13507 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-10 05:58:02 +00:00
Matt Weeks b2733c04db More PXE dust for extra magic! 
git-svn-id: file:///home/svn/framework3/trunk@13493 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-05 17:10:27 +00:00
Wei Chen a0168d59a8 Minor fix to comply with the 100 columns per line guideline 
git-svn-id: file:///home/svn/framework3/trunk@13467 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-01 21:20:29 +00:00
David Rude bee7fba3c8 Small typo fix and some minor formatting 
git-svn-id: file:///home/svn/framework3/trunk@13466 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-01 19:34:01 +00:00
David Rude 118ca372b3 adding CA Arcserve D2D GWT Credential Information Disclosure module 
git-svn-id: file:///home/svn/framework3/trunk@13465 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-01 14:40:52 +00:00
Tod Beardsley df52bfaa4f Ensure that we check for pcaprub before doing much anything else for those modules that actually require it. In some cases, that means moving open_pcap() up to be the first method call, in others, insert check_pcaprub_loaded first. Also removes a few cases of redundant checking (the Capture mixin does all this already anyway). 
git-svn-id: file:///home/svn/framework3/trunk@13381 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-27 20:21:47 +00:00
Wei Chen 6fc59d5287 Fill in BID reference 
git-svn-id: file:///home/svn/framework3/trunk@13330 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-24 19:42:40 +00:00
Wei Chen 6bf90f884e Fix debug mode and some extra tabs in JS 
git-svn-id: file:///home/svn/framework3/trunk@13325 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-24 00:22:29 +00:00
Wei Chen f47a2c7565 Format dictatorship round 2: Fix author e-mail format for all exploit modules 
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-22 20:17:58 +00:00
Wei Chen 25c89c2e7a Put the short jmp in there 
git-svn-id: file:///home/svn/framework3/trunk@13224 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-19 15:07:00 +00:00
HD Moore 7dbb56b38b No longer default a target for XP systems; some obscure builds of XP Embedded SP1 have a different offset and not good way to differentiate 
git-svn-id: file:///home/svn/framework3/trunk@13214 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-19 01:40:26 +00:00
Wei Chen 3ca9b51984 oops, a little mistake in the description 
git-svn-id: file:///home/svn/framework3/trunk@13212 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-18 20:46:08 +00:00
Wei Chen 821e9dd68b Updated metadata, merged code with #4923. Thx Joff. 
git-svn-id: file:///home/svn/framework3/trunk@13211 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-18 20:39:27 +00:00
HD Moore 764bb36f44 Wait a little longer for a session (5 seconds) 
git-svn-id: file:///home/svn/framework3/trunk@13208 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-18 16:05:51 +00:00
HD Moore 8887fe86b8 Either the offset or the env page moves around for this exploit on some non-english systems, do not default the target for 2003 SP0 
git-svn-id: file:///home/svn/framework3/trunk@13206 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-18 14:59:55 +00:00
Wei Chen 2eeffc39fc Add Iconics GENESIS32 GenBroker exploit by lincoln and corelanc0d3r 
git-svn-id: file:///home/svn/framework3/trunk@13197 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-17 15:01:46 +00:00
Wei Chen 681563adc9 Fix that extra tab in the description 
git-svn-id: file:///home/svn/framework3/trunk@13194 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-16 05:21:20 +00:00
Wei Chen 2e93ba06ba Add HP NNM ToolBar.exe exploit aganist the OvOSLocale cookie parameter 
git-svn-id: file:///home/svn/framework3/trunk@13193 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-16 05:14:33 +00:00
Wei Chen 86b40e894b Make room for another exploit against ToolBar.exe 
git-svn-id: file:///home/svn/framework3/trunk@13192 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-16 04:45:21 +00:00
James Lee c412a836ed add VERBOSE option to all modules and vprint_* methods to use it 
git-svn-id: file:///home/svn/framework3/trunk@13183 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-15 15:33:35 +00:00
Steve Tornio 9278b0a5f5 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13152 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-11 06:59:00 +00:00
Wei Chen 94aea207d3 Remove extra tabs and spaces 
git-svn-id: file:///home/svn/framework3/trunk@13148 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 21:10:45 +00:00
Wei Chen 9892eb39eb Syntax fix 
git-svn-id: file:///home/svn/framework3/trunk@13147 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 20:50:52 +00:00
Wei Chen 32a7eb0000 svn propset 
git-svn-id: file:///home/svn/framework3/trunk@13146 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 19:19:00 +00:00
David Rude 7958516549 Adds Xeros Firefox nstreerange exploit 
git-svn-id: file:///home/svn/framework3/trunk@13143 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 17:12:53 +00:00
Wei Chen 5b69b52ec4 "InitialAutoRunScript" is more like it 
git-svn-id: file:///home/svn/framework3/trunk@13142 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 07:28:12 +00:00
Wei Chen 6448daf571 MS10-018, y u no InitialAutoRunScript 
git-svn-id: file:///home/svn/framework3/trunk@13141 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 07:02:38 +00:00
Wei Chen 15f82402af I changed my mind. The ATTEMPTS options is required. 
git-svn-id: file:///home/svn/framework3/trunk@13137 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-09 04:10:52 +00:00
Wei Chen 1246fd5731 Added Blue Coat Authentication Authorization Agent exploit 
git-svn-id: file:///home/svn/framework3/trunk@13134 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-09 01:40:29 +00:00
Steve Tornio 94640b6bc4 add osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@13115 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-07 11:54:54 +00:00
Wei Chen 47e6c4a89f Added #4870 - MicroP .mppl buffer overflow exploit 
git-svn-id: file:///home/svn/framework3/trunk@13114 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-07 06:29:37 +00:00
HD Moore 78f2525fdc Fixes #4879 by adding a new target from bperry 
git-svn-id: file:///home/svn/framework3/trunk@13110 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-07 03:33:04 +00:00
Wei Chen 1058948419 Updated ROP, no more hardcoded ntdll addresses 
git-svn-id: file:///home/svn/framework3/trunk@13106 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-06 07:22:24 +00:00
Wei Chen 7589f8d2f1 Updated target name that works against multiple systems (thx corelanc0d3r) 
git-svn-id: file:///home/svn/framework3/trunk@13105 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-06 01:59:24 +00:00
Wei Chen 1e4dfaf6de Change author name for dookie 
git-svn-id: file:///home/svn/framework3/trunk@13096 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-04 22:33:47 +00:00
Wei Chen 2f6b89516a Added HP Data Protector omniinet buffer overflow with opcode 20 
git-svn-id: file:///home/svn/framework3/trunk@13092 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-04 17:02:40 +00:00
HD Moore db6b8c3545 Probably time to fess up :) 
git-svn-id: file:///home/svn/framework3/trunk@13088 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-02 01:09:46 +00:00
Wei Chen dbd04d754a Change to a better P/P/R, tested on 4 different machines. Thx fdiskyou. 
git-svn-id: file:///home/svn/framework3/trunk@13081 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-01 22:26:12 +00:00
Mario Ceballos b6e1c6a967 add exploit module hp_omniinet_3.rb 
git-svn-id: file:///home/svn/framework3/trunk@13080 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-01 17:07:38 +00:00
Wei Chen fc33b1d20e '\x00' isn't the same as "\x00" 
git-svn-id: file:///home/svn/framework3/trunk@13051 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-28 19:45:51 +00:00
Wei Chen 73dc5c605b Change ranking. Because looks like it works better than "average" 
git-svn-id: file:///home/svn/framework3/trunk@13042 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-27 18:00:12 +00:00
Wei Chen e6995b4912 Added ZDI-11-023 Citrix Provisioning Services bof exploit (Feature #4798) 
git-svn-id: file:///home/svn/framework3/trunk@13041 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-27 17:54:18 +00:00
Wei Chen 1b25cf3c43 Using SEH instead of egghunter. Verified again on Win2k3. thx to MC. 
git-svn-id: file:///home/svn/framework3/trunk@13036 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 19:28:14 +00:00
Wei Chen 6325515ca7 Minor name change 
git-svn-id: file:///home/svn/framework3/trunk@13034 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 16:09:53 +00:00
Wei Chen 07f415f4e0 Forgot to switch back to random paddings 
git-svn-id: file:///home/svn/framework3/trunk@13033 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 16:06:39 +00:00
Wei Chen f0e6159a35 Minor name change for the exploit 
git-svn-id: file:///home/svn/framework3/trunk@13031 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 06:01:21 +00:00
Wei Chen 13b2209f3d Added Microsoft Visio DXF File Buffer Overflow Exploit by Juan 
git-svn-id: file:///home/svn/framework3/trunk@13030 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 05:59:37 +00:00
Wei Chen 0cf51f8d5a Exploit name change. Also, this thing doesn't use seh. 
git-svn-id: file:///home/svn/framework3/trunk@13026 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-25 14:25:45 +00:00
Steve Tornio 27eb48f650 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13025 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-25 11:27:55 +00:00
Wei Chen f16f850fc6 Added Siemens FactoryLink 8 csservice.exe (port 7580) 
git-svn-id: file:///home/svn/framework3/trunk@13019 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-25 00:54:18 +00:00
David Rude 37b7345fea Adds Ranking and Fileformat version of the Lotus Notes LZH Exploit 
git-svn-id: file:///home/svn/framework3/trunk@13015 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-23 15:43:54 +00:00
Steve Tornio 59943cb367 add osvdb and cve refs 
git-svn-id: file:///home/svn/framework3/trunk@13014 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-23 12:05:09 +00:00
David Rude 7b5860d0ab Fix a bug if the RHOST length is 15 or longer 
git-svn-id: file:///home/svn/framework3/trunk@13013 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-23 09:58:50 +00:00
David Rude df8bf68722 Adds Lotus Notes .lzh Autonomy Keyview Exploit 
git-svn-id: file:///home/svn/framework3/trunk@13012 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-23 09:51:16 +00:00
Wei Chen 1223275330 Change ranking for now until we have a better solution for SP3 
git-svn-id: file:///home/svn/framework3/trunk@13009 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-23 01:04:29 +00:00
Wei Chen bd62c13fb0 Added RealWin SCADA Server DATAC Login Buffer Overflow (Feature #4787)) 
git-svn-id: file:///home/svn/framework3/trunk@13007 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-22 22:36:55 +00:00
James Lee 57cf0b04a7 stack overflow != stack buffer overflow 
git-svn-id: file:///home/svn/framework3/trunk@13001 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 23:27:16 +00:00
Steve Tornio 465bc8ce88 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13000 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 22:42:53 +00:00
Mario Ceballos a5a1f1587f add another scada module. winlog_runtime.rb 
git-svn-id: file:///home/svn/framework3/trunk@12999 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 21:48:30 +00:00
Wei Chen 0400a72ab0 RCA, description update, and some text randomness 
git-svn-id: file:///home/svn/framework3/trunk@12998 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 21:08:57 +00:00
Joshua Drake 69963a45ab Fixes #4752 - Auto-detect the windows directory and use it for subsequent requests 
git-svn-id: file:///home/svn/framework3/trunk@12997 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 18:55:28 +00:00
Steve Tornio 03464a168e add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@12996 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 18:02:35 +00:00
David Rude d796f523a6 Adds FactorLink vrn.exe exploit from hal 
git-svn-id: file:///home/svn/framework3/trunk@12995 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 13:20:18 +00:00
Wei Chen fdbc038bd0 Add BlackIce Cover Page ActiveX downloadimagefileurl exploit 
git-svn-id: file:///home/svn/framework3/trunk@12992 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 02:51:39 +00:00
Steve Tornio 8ee3bf7f54 add cve, osvdb and bugtraq id. 
git-svn-id: file:///home/svn/framework3/trunk@12978 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-20 11:07:22 +00:00
HD Moore 3831e49455 See #4506 for Macro handling 
git-svn-id: file:///home/svn/framework3/trunk@12977 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-20 07:23:16 +00:00
Wei Chen 0b30256203 Add licensing 
git-svn-id: file:///home/svn/framework3/trunk@12975 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-20 04:01:47 +00:00
Wei Chen eff703b3ad Add SCADA Realwin On_FC_CONNECT_FCS_a_FILE buffer overflow 
git-svn-id: file:///home/svn/framework3/trunk@12974 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-20 00:37:13 +00:00
Steve Tornio 650762517f update CVE and OSVDB to match what the author said 
git-svn-id: file:///home/svn/framework3/trunk@12964 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-17 17:35:57 +00:00
Steve Tornio 7c47b48f5b add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@12962 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-17 01:56:20 +00:00
Wei Chen 23cc89482b CVE correction, thanks Kurt. 
git-svn-id: file:///home/svn/framework3/trunk@12961 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-17 00:56:11 +00:00
Wei Chen eae350b88b CVE-2011-1260 seems to be the right one 
git-svn-id: file:///home/svn/framework3/trunk@12959 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-16 22:27:10 +00:00
Wei Chen 0a04835138 Added MS11-050 by d0c_s4vage 
git-svn-id: file:///home/svn/framework3/trunk@12956 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-16 21:19:12 +00:00
HD Moore d11e1f3294 Make all keywords consistent for modules. 
git-svn-id: file:///home/svn/framework3/trunk@12936 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-13 03:38:31 +00:00
David Rude 04d280fdd0 minor fixes 
git-svn-id: file:///home/svn/framework3/trunk@12925 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-12 00:04:55 +00:00
David Rude ee7454c5e6 Added IBM Tivoli Endpoint Manager HTTP POST query buffer overflow exploit 
git-svn-id: file:///home/svn/framework3/trunk@12922 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-11 23:48:18 +00:00
Steve Tornio 579d823070 add osvdb and cve refs 
git-svn-id: file:///home/svn/framework3/trunk@12893 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-09 20:44:52 +00:00
David Rude 247251ac07 Remove references to OUTPUTPATH options, unless files are created using a different method 
git-svn-id: file:///home/svn/framework3/trunk@12892 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-09 19:51:56 +00:00
Wei Chen 24bb7c3d8d 7-Technologies IGSS v9.0 Rename command buffer overflow 
git-svn-id: file:///home/svn/framework3/trunk@12886 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-09 06:04:04 +00:00
David Rude e2820918ad adds Windows XP SP3 target and updates the reference link 
git-svn-id: file:///home/svn/framework3/trunk@12873 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-06 20:29:02 +00:00
David Rude b9e398c706 adds support for SSL 
git-svn-id: file:///home/svn/framework3/trunk@12872 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-06 20:15:51 +00:00
David Rude 31a659e55a Fixed this up to use the new JS obfuscation hotness thanks to egyp7s rkelly fu! 
git-svn-id: file:///home/svn/framework3/trunk@12871 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-06 19:49:33 +00:00
Steve Tornio 377a18030a add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@12869 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-06 19:06:18 +00:00
David Rude 3d7715ce60 Added Cisco AnyConnect VPN Client ActiveX download and execute exploit 
git-svn-id: file:///home/svn/framework3/trunk@12868 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-06 18:52:26 +00:00
Wei Chen 2e861a2fa8 Added CVE 
git-svn-id: file:///home/svn/framework3/trunk@12865 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-06 02:35:40 +00:00
James Lee bee19278d7 add a new javascript obfuscation engine using rkelly for parsing. use it in browser_autopwn and ms10_018_ie_behaviors. see #1003 
git-svn-id: file:///home/svn/framework3/trunk@12839 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-03 00:36:26 +00:00
Steve Tornio 6890ec5610 add cve and osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@12816 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-02 12:24:25 +00:00
David Rude bfdb3a2a36 Added GoldenFTP exploit 
git-svn-id: file:///home/svn/framework3/trunk@12812 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-02 01:10:22 +00:00
Steve Tornio f43368ebe4 add osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@12779 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-31 14:33:19 +00:00
Wei Chen 396e476a03 Updated description, documented packet header a bit 
git-svn-id: file:///home/svn/framework3/trunk@12774 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-30 21:17:35 +00:00
Wei Chen b950219b0d Fix typo 
git-svn-id: file:///home/svn/framework3/trunk@12773 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-30 21:06:56 +00:00
Wei Chen 4d044ee592 Added 7-Technologies IGSS 9.0 Write File / EXE packet handling exploit 
git-svn-id: file:///home/svn/framework3/trunk@12772 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-30 21:00:49 +00:00
Jonathan Cran ef7a7adc1e escape slashes, thanks aushack 
git-svn-id: file:///home/svn/framework3/trunk@12738 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-27 06:14:52 +00:00
Steve Tornio 782b1c6dd6 add stratsec ref, update disclosure to match public timeline 
git-svn-id: file:///home/svn/framework3/trunk@12716 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-25 13:57:12 +00:00
Wei Chen c1233db428 ugh! It's visiwavereport.exe, not visiwave.exe. 
git-svn-id: file:///home/svn/framework3/trunk@12711 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-25 04:48:25 +00:00
Wei Chen 0c60fe5a4b Couldn't help but patch-diff it and updated the description again 
git-svn-id: file:///home/svn/framework3/trunk@12710 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-25 04:45:17 +00:00
Wei Chen 6b6c6b2f64 We're actually not using 'Ret', it is removed. 
git-svn-id: file:///home/svn/framework3/trunk@12706 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-24 23:15:06 +00:00
Wei Chen af4b8bfef6 RCA done, the new description explains what really happens that causes the vulnerability. 
git-svn-id: file:///home/svn/framework3/trunk@12705 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-24 22:58:10 +00:00
Wei Chen f80c66ee8f Disclosure date is actually May 10 2011, confirmed by Mr_Me. 
git-svn-id: file:///home/svn/framework3/trunk@12698 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-23 23:55:03 +00:00
Steve Tornio fd6a3def6e add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@12695 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-23 19:50:57 +00:00
Wei Chen d900892da8 Disclosure date change. '2007' wouldn't make sense now, would it? 
git-svn-id: file:///home/svn/framework3/trunk@12692 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-23 16:30:07 +00:00
Wei Chen 8089d10618 Added VisiWave Site Survey Report buffer overflow exploit 
git-svn-id: file:///home/svn/framework3/trunk@12691 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-23 16:28:38 +00:00
Steve Tornio 28d5febfad add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@12688 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-22 23:41:15 +00:00
Wei Chen e916a61eec Date format fix 
git-svn-id: file:///home/svn/framework3/trunk@12685 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-22 22:09:52 +00:00
Wei Chen d9c0d1c941 Added Magix Musik Maker 16 buffer overflow exploit 
git-svn-id: file:///home/svn/framework3/trunk@12684 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-22 22:08:09 +00:00
James Lee 36983436db play a little nicer with browser autopwn by not spraying the heap if creating the vulnerable object failed 
git-svn-id: file:///home/svn/framework3/trunk@12667 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-19 19:45:14 +00:00
James Lee 0b88468617 out with the new, in with the old. css_clip is pretty unreliable in my tests, go back to using ie_behaviors in browser autopwn 
git-svn-id: file:///home/svn/framework3/trunk@12663 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-19 16:33:55 +00:00
Wei Chen f9c49ef9ce Comment update (this is still for the egghunter fix: bug #4552) 
git-svn-id: file:///home/svn/framework3/trunk@12657 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-18 19:50:22 +00:00
Wei Chen 6345fec06c checksum support for egghunter disabled, because not enough room for it. See r4552. 
git-svn-id: file:///home/svn/framework3/trunk@12656 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-18 19:48:06 +00:00
Steve Tornio 72692d27f7 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@12643 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-17 11:28:25 +00:00
Wei Chen 4f56444f2c Fix for nops 
git-svn-id: file:///home/svn/framework3/trunk@12639 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-16 19:30:17 +00:00
Wei Chen 95700687de Added IGSS 9 buffer overflow 
git-svn-id: file:///home/svn/framework3/trunk@12638 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-16 19:02:05 +00:00
Wei Chen 40894c3726 Moving Iconics webhmi activeX exploit from browser to scada directory 
git-svn-id: file:///home/svn/framework3/trunk@12584 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-11 20:45:54 +00:00
Steve Tornio d0c93f7e49 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@12582 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-11 11:33:16 +00:00
Wei Chen 5d59d819ac Added SPlayer Content-Type bof 
git-svn-id: file:///home/svn/framework3/trunk@12581 4d416f70-5f16-0410-b530-b9f4589650da
 2011-05-11 00:18:11 +00:00