HD Moore
12395c719f
Remove debugging code
2012-03-08 16:16:42 -06:00
HD Moore
87274987c1
Remove the now obsolete text about SWF_PLAYER
2012-03-08 16:16:13 -06:00
sinn3r
181fdb7365
A small title change
2012-03-08 16:10:16 -06:00
HD Moore
1271368b6f
Redirect to a trailing slash to make sure relative resources load
...
properly
2012-03-08 15:37:06 -06:00
HD Moore
b0db18674c
Test out new player code
2012-03-08 15:05:12 -06:00
HD Moore
eb847a3dfb
Add a nicer prefix to the target selection message
2012-03-08 13:46:14 -06:00
Tod Beardsley
5b566b43b4
Catching an update from @hdmoore-r7
...
wrt the nuclear option.
2012-03-08 12:08:39 -06:00
sinn3r
edb3f19c12
A little more padding for Win Vista target
2012-03-08 12:04:04 -06:00
Tod Beardsley
18962e1180
Checking in the new Flash exploit to the release
...
Using the checkout master directly:
git checkout master external/source/exploits/CVE-2012-0754/Exploit.as
git checkout master
modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb
2012-03-08 11:55:01 -06:00
HD Moore
86fc45810b
Remove the resource during cleanup
2012-03-07 23:04:53 -06:00
HD Moore
b4e0daf3ca
Small tweaks to the adobe mp4 exploit
2012-03-07 22:53:47 -06:00
James Lee
8d93e3ad44
Actually use the password we were given...
2012-03-08 10:17:39 -07:00
sinn3r
9ece7b08fc
Add vendor's advisory as a reference
2012-03-08 00:46:34 -06:00
sinn3r
5f92bff697
Make sure no encoder will break the exploit again
2012-03-08 00:44:57 -06:00
sinn3r
2e94b97c82
Fix description
2012-03-07 23:59:51 -06:00
Tod Beardsley
57376a976d
Fixes descriptions on new modules.
...
Fixing up grammar and removing some editorial verbiage.
2012-03-07 09:18:47 -06:00
sinn3r
0550b77522
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-03-07 20:04:04 -06:00
sinn3r
3b4ed13aee
Fix typo
2012-03-07 20:03:46 -06:00
Tod Beardsley
33460b6bf4
Fixups on the Adobe Flash exploit description
...
Massaged the lines about the phishing campagin use in the wild.
2012-03-07 19:37:49 -06:00
sinn3r
c76f43c066
Add CVE-2012-0754: Adobe Flash Player MP4 cprt overflow
2012-03-07 19:24:00 -06:00
Tod Beardsley
f97dc8dee7
Fix spelling of the IBM product iSeries
...
Was I-Series.
2012-03-07 15:24:15 -06:00
sinn3r
7dfba9c00d
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-03-07 14:51:39 -06:00
sinn3r
0ee7788028
Add a check to detect the vulnerable version of Sysax SSH
2012-03-07 14:51:21 -06:00
Tod Beardsley
ba2bf194fd
Fixes descriptions on new modules.
...
Fixing up grammar and removing some editorial verbiage.
2012-03-07 09:17:22 -06:00
James Lee
02ea38516f
Add a check method for tomcat_mgr_deploy
2012-03-06 23:22:44 -07:00
James Lee
2b9acb61ad
Clean up some incosistent verbosity
...
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
2012-03-06 12:01:20 -07:00
sinn3r
22a12a6dfc
Add Lotus CMS exploit (OSVDB-75095)
2012-03-06 11:36:28 -06:00
HD Moore
99177e9d5e
Small commit to fix bad reference and old comment
2012-03-06 01:44:26 -06:00
James Lee
70162fde73
A few more author typos
2012-03-05 13:28:46 -07:00
sinn3r
4b1e67f94f
Add ROP target for Win2k3 SP1 and SP2
2012-03-04 17:18:34 -06:00
Steve Tornio
8f93a5abbb
add osvdb ref
2012-03-03 12:28:30 -06:00
sinn3r
fa916d863d
Add Sysax SSH buffer overflow exploit
2012-03-03 10:11:51 -06:00
sinn3r
67f788768d
Fix tabs
2012-03-01 22:31:08 -06:00
sinn3r
fd2d9ae0ea
Add MP4 file generating function. Update the description regarding exploit usage.
2012-03-01 22:24:35 -06:00
sinn3r
b1b2ec2c7d
Merge branch 'CVE-2008-5036_vlc_realtext' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2008-5036_vlc_realtext
2012-03-01 21:13:33 -06:00
sinn3r
8bad0033d3
Update description
2012-03-01 19:16:29 -06:00
sinn3r
0bc26c1665
Add CVE-2009-4656: DJ Studio .pls buffer overflow
2012-03-01 19:09:25 -06:00
juan
f1a6d8f535
Added exploit module for CVE-2008-5036
2012-03-01 23:06:40 +01:00
sinn3r
5a5e5eab95
Add msvcrt ROP target for IE8
2012-03-01 15:23:41 -06:00
Steve Tornio
2d802750e3
fix osvdb ref
2012-03-01 08:07:11 -06:00
Steve Tornio
256fee3626
add osvdb ref
2012-03-01 08:06:53 -06:00
Tod Beardsley
4369f73c7a
Msftidy fixes on new modules
...
Dropped a cryptic year reference from jducks' java module, found a
spurious space in thelightcosine's telnet module.
2012-02-29 10:42:43 -06:00
sinn3r
74cdb5dabc
It's a two-space tab, not one space. OMG.
2012-02-29 10:13:29 -06:00
sinn3r
986807e525
Add CVE-2012-0201 IBM Personal Communications .ws buffer overflow
2012-02-28 19:01:54 -06:00
sinn3r
5560087006
Add OSVDB 79438 Asus Net4Switch ActiveX Buffer Overflow
2012-02-28 18:58:28 -06:00
Steve Tornio
ef4cdb516d
add osvdb ref
2012-02-26 07:13:13 -06:00
sinn3r
7281a0ebdd
Add CVE-2011-0923: HP Data Protector CMD_EXEC module (submitted by wireghoul)
2012-02-24 12:06:47 -06:00
sinn3r
339fb8d266
eh, I mean Win2k3 SP0 to SP1
2012-02-23 17:33:49 -06:00
Joshua J. Drake
e262d7a7ff
Add CVE-2012-0500 Sun Java Web Start exploit
2012-02-23 13:30:45 -06:00
Steve Tornio
08fb03276f
add osvdb ref
2012-02-23 07:39:31 -06:00
sinn3r
144fa0dc0e
Comment what \x0b\x04 is for
2012-02-22 22:59:43 -06:00
sinn3r
291e083d65
Add CVE-2011-5001: TrendMicro Control Manager 5.5 CmdProcessor Stack Bof
2012-02-22 19:44:47 -06:00
sinn3r
4ee1f989a6
Merge branch 'CVE-2008-1602_orbit_download_failed_bof' of https://github.com/juanvazquez/metasploit-framework
2012-02-22 19:40:56 -06:00
James Lee
5e6c40edfd
Remove unnecessary space restrictions.
...
This allows using the full range of PHP payloads
2012-02-21 23:21:07 -07:00
James Lee
464cf7f65f
Normalize service names
...
Downcases lots and standardizes a few. Notably, modules that reported a
service name of "TNS" are now "oracle". Modules that report http
now check for SSL and report https instead.
[Fixes #6437 ]
2012-02-21 22:59:20 -07:00
James Lee
7ca573a1b4
Give these two old modules a chance to work by setting a proper arch
...
These must have been broken for quite some time. =/ They should
probably both be ARCH_PHP but I'm reluctant to make that big of a change
without having the target software to test.
2012-02-21 22:59:20 -07:00
HD Moore
4932a9ca25
Dont dump an HTML document to the console
2012-02-21 23:45:25 -06:00
juan
d6310829ea
Added module for CVE-2008-1602
2012-02-21 22:36:57 +01:00
Tod Beardsley
4a631e463c
Module title normalization
...
Module titles should read like titles. For
capitalization rules in English, see:
http://owl.english.purdue.edu/owl/resource/592/01/
The only exceptions are function names (like 'thisFunc()') and specific
filenames (like thisfile.ocx).
2012-02-21 11:07:44 -06:00
HD Moore
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
HD Moore
ab92e38628
Small cosmetic change to module descriptions
2012-02-20 19:29:51 -06:00
HD Moore
af56807668
Cleanup the titles of many exploit modules
2012-02-20 19:25:55 -06:00
sinn3r
dc4bade78c
Use OptEnum to validate delivery method
2012-02-17 21:03:05 -06:00
sinn3r
5bb9afe789
Correct disclosure date format
2012-02-16 18:15:51 -06:00
Joshua J. Drake
01a6b02c3e
Add exploit for CVE-2012-0209, thx eromang!
2012-02-16 03:10:55 -06:00
Joshua J. Drake
d2444e1cf6
fix a few typos
2012-02-16 03:10:22 -06:00
juan
e69037959f
Added CVE-2010-0842
2012-02-15 23:32:31 +01:00
Tod Beardsley
829040d527
A bunch of msftidy fixes, no functional changes.
2012-02-10 19:44:03 -06:00
Steve Tornio
daca3e93a5
add osvdb ref
2012-02-10 07:05:42 -06:00
Steve Tornio
782fcb040d
add osvdb ref
2012-02-10 07:05:26 -06:00
Steve Tornio
1a240648fa
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2012-02-10 06:51:02 -06:00
sinn3r
5ea20a332b
Clearly I had the wrong disclosure date. This one is based on Adobe's security bulletin.
2012-02-10 00:13:39 -06:00
sinn3r
e5ea2961f5
Add CVE-2011-2140 Adobe Flash SequenceParameterSetNALUnit (mp4) bof
2012-02-10 00:10:28 -06:00
sinn3r
2bd330da33
Add ZDI-12-009 Citrix Provisioning Services 5.6 streamprocess buffer overflow exploit
2012-02-10 00:06:48 -06:00
Steve Tornio
1b7fffbf8a
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2012-02-05 07:30:08 -06:00
Patroklos Argyroudis
ed34fd70fd
Modified (and tested) to work on Lion 10.7.2 and 10.7.3
2012-02-03 12:39:22 +02:00
Steve Tornio
d90fe9b9b7
add osvdb ref
2012-02-02 13:43:03 -06:00
sinn3r
aa44eb955e
Correct author e-mail format
2012-02-02 11:27:43 -06:00
sinn3r
6b29af5c23
Add user-agent check. Auto-migrate.
2012-02-02 03:11:10 -06:00
sinn3r
6be65acfe2
Merge branch 'CVE-2008-2551_c6_DownloaderActiveX' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2008-2551_c6_DownloaderActiveX
2012-02-02 02:54:02 -06:00
sinn3r
de675c349a
Upgrade exploit rank, because it fits the description
2012-02-02 02:49:06 -06:00
sinn3r
28b4f4b60d
Add Sunway ForceControl NetDBServer.exe Buffer Overflow (Feature #6331 )
2012-02-02 02:43:32 -06:00
juan
82eacbe2fd
Added module for CVE-2008-2551
2012-02-01 23:26:28 +01:00
Tod Beardsley
e371f0f64c
MSFTidy commits
...
Whitespace fixes, grammar fixes, and breaking up a multiline SOAP
request.
Squashed commit of the following:
commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9
Author: Tod Beardsley <todb@metasploit.com>
Date: Wed Feb 1 10:58:53 2012 -0600
Break up the multiline SOAP thing
commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e
Author: Tod Beardsley <todb@metasploit.com>
Date: Wed Feb 1 10:48:16 2012 -0600
More whitespace and indent
commit 12c42aa1efdbf633773096418172e60277162e22
Author: Tod Beardsley <todb@metasploit.com>
Date: Wed Feb 1 10:39:36 2012 -0600
Whitespace fixes
commit 32d57444132fef3306ba2bc42743bfa063e498df
Author: Tod Beardsley <todb@metasploit.com>
Date: Wed Feb 1 10:35:37 2012 -0600
Grammar fixes for new modules.
2012-02-01 10:59:58 -06:00
Jonathan Cran
c3bd151197
add a ranking
2012-01-31 20:43:32 -06:00
Jonathan Cran
47c7f47f4e
Merge branch 'master' of r7.github.com:rapid7/metasploit-framework
2012-01-31 20:38:30 -06:00
Jonathan Cran
d9ee43d3dc
add disclosure date
2012-01-31 20:38:05 -06:00
Jonathan Cran
a814a9dce7
add disclosure date
2012-01-31 20:35:58 -06:00
Oliver-Tobias Ripka
0ba7557865
Fix typo in seattlelab_pass.rb exploit.
...
Also remove the $ from the end of the regex which stopped
the exploit from being executed.
2012-01-31 21:09:51 +01:00
Steve Tornio
e392958d90
add osvdb ref
2012-01-31 07:06:33 -06:00
sinn3r
bfd4734cbf
Forgot to add CMD as a datastore option, here it is
2012-01-30 17:34:58 -06:00
sinn3r
08134ad600
Add Exploit-DB reference
2012-01-30 16:17:25 -06:00
sinn3r
f3c340a9ab
Add vBSEO proc_deutf() Remote Code Execution (Feature #6307 )
2012-01-30 16:15:27 -06:00
sinn3r
1dec4c0c45
These modules should use vprint_xxx() instead of print_xxx() ... if datastore['VERBOSE']
2012-01-30 13:08:35 -06:00
sinn3r
fbac9a7239
Forgot to remove this comment
2012-01-28 13:18:15 -06:00
sinn3r
7b866eee86
Use the proper function for verbose prints
2012-01-27 12:50:01 -06:00
sinn3r
64651e52a8
Credit Shane of X-Force for the discovery
2012-01-27 11:18:34 -06:00
HD Moore
b4e2228404
Fix exitfunc option name
2012-01-27 09:15:31 -06:00
sinn3r
298b94d397
Add MS12-004 MIDI Heap Overflow Remote Code Execution Exploit (CVE-2012-003)
2012-01-27 03:48:39 -06:00
sinn3r
3952a06292
Minor changes
2012-01-26 11:35:43 -06:00