Commit Graph

11711 Commits (b02e21a1d3a01e72ee50c6821785eff0a0efb5ec)

Author SHA1 Message Date
jvazquez-r7 b02e21a1d3
Land #2779, @wchen-r7's mod to raise Msf::OptionValidateError when PORTS is invalid 2013-12-26 09:27:27 -06:00
sinn3r 78db7429d0 Turns out the latest Safari is still vulnerable.
The version check is currently disabled because turns out the latest
Safari (6.1.1) is still vulnerable - I can still loot it in plain
text.
2013-12-24 19:27:45 -06:00
sinn3r a26e12b746 Updates descriiption and improves regex for safari_lastsession.rb
This updates two things for the safari_lastsession post module:

1. The description is updated: More information is added to describe
how Safari would end up storing the Gmail credential in the last
session state, and what it means to you as an attacker.

2. Regex update for the domain to search for: Before the module starts
extract the session data, it needs to know which domain to extract from.
Originally I only added mail.google.com, but turns out the sensitive info
can be found in accounts.google.com, so I added that one.
2013-12-24 14:00:55 -06:00
rbsec 86a94022c0 Fix lotus_domino_hashes not working.
Some Lotus Domino servers prefix the "dspHTTPPassword" with a dollar
sign. Updated regex to take this into account.
2013-12-24 11:57:13 +00:00
sinn3r 90ce761681
Land #2790 - RealNetworks RealPlayer Version Attribute Buffer Overflow 2013-12-24 00:39:54 -06:00
sinn3r 367dce505b Minor details 2013-12-24 00:39:15 -06:00
sgabe f687a14539 Added support for opening via menu. 2013-12-24 03:12:49 +01:00
sinn3r 213556761a
Land #2765 - Added Poison Ivy Command and Control Scanner 2013-12-23 17:36:18 -06:00
sinn3r 0a07bbdf2e Minor changes 2013-12-23 17:35:42 -06:00
sinn3r 9c484dd0a3
Land #2786 - HP SiteScope issueSiebelCmd Remote Code Execution 2013-12-23 02:34:01 -06:00
sinn3r 5b647ba6f8 Change description
Pre-auth is implied.
2013-12-23 02:33:17 -06:00
sgabe 287271cf98 Fixed date format. 2013-12-22 01:32:16 +01:00
sgabe 0ac495fef8 Replaced hex with plain text. 2013-12-22 01:31:37 +01:00
jvazquez-r7 f43bc02297 Land #2787, @mwulftange's exploit for CVE-2013-6955 2013-12-20 17:03:10 -06:00
jvazquez-r7 163a54f8b1 Do send_request_cgi final clean up 2013-12-20 17:00:57 -06:00
sgabe 44ab583611 Added newline to end of file. 2013-12-20 22:40:45 +01:00
sgabe 62f71f6282 Added module for CVE-2013-6877 2013-12-20 22:37:09 +01:00
SeawolfRN bf2dc97595 Merge branch 'poisonivyscanner' of github.com:SeawolfRN/metasploit-framework into poisonivyscanner 2013-12-20 18:46:35 +00:00
SeawolfRN ae7a0159e7 Changed to Puts and get_once - also forgot the timeout... 2013-12-20 18:44:42 +00:00
jvazquez-r7 8be481f324
Land #2681, @mcantoni and @todb-r7's support for chargen 2013-12-20 11:53:08 -06:00
jvazquez-r7 12efa99ce5 Fix udp_sweep 2013-12-20 11:47:48 -06:00
jvazquez-r7 2dc7ef4398 Fix udp_probe 2013-12-20 11:45:27 -06:00
jvazquez-r7 af13334c84 Revert gsub! 2013-12-20 11:39:49 -06:00
sinn3r ce8b8e8ef9
Land #2783 - OpenSIS 'modname' PHP Code Execution 2013-12-20 11:29:10 -06:00
sinn3r d0ef860f75 Strip default username/password
There isn't one. So force the user to supply one.
2013-12-20 11:28:18 -06:00
sinn3r 52a4e55804
Land #2781 - Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution 2013-12-20 11:25:50 -06:00
jvazquez-r7 1da961343a Do final (minor) cleanup 2013-12-20 11:20:29 -06:00
Tod Beardsley 2f34f8458b
Downcase chargen service name 2013-12-20 10:41:53 -06:00
Tod Beardsley 35c847da94
Add chargen to udp_probe and udp_sweep
This simplifies the checks considerably for PR #2681 from @mcantoni
2013-12-20 10:32:15 -06:00
jvazquez-r7 a043d384d4
Land #2738, @jiuweigui update to enum_prefetch 2013-12-20 10:26:54 -06:00
Markus Wulftange 929f3ea35c Turn Auxiliary module into Exploit module 2013-12-20 16:45:38 +01:00
jvazquez-r7 eba164d2e3 Clean chargen_probe 2013-12-20 09:10:15 -06:00
Markus Wulftange 15f6a62f90 Msf::Exploit::Remote::HttpClient already provides 'peer' 2013-12-20 15:10:10 +01:00
Markus Wulftange 0718c27f47 Use 'unless' instead of 'if not' 2013-12-20 15:09:32 +01:00
Markus Wulftange fe66d2437b Add module for CVE-2013-6955
Auxiliary module for Synology DiskStation Manager (DMS) SLICEUPLOAD
vulnerability, which allows unauthenticated remote command execution
under root privileges.
2013-12-20 11:50:02 +01:00
bcoles fb6cd9c149 add osvdb+url refs and module tidy up 2013-12-20 20:27:07 +10:30
sinn3r 2510580c19
Land #2784 - Remove EOL whitespace from OS X hashdump 2013-12-20 03:54:37 -06:00
OJ 0db062a1ce
Merge branch 'meatballs-vncdll-submodule' 2013-12-20 18:29:27 +10:00
OJ 34cdec5155
Update project VS 2013, clean CLI build
* Project system updated to VS 2013.
* Clean builds, had to remove a bunch of warnings.
* `make.bat` for building from the command line.
* Removed RDI stuff that shouldn't be there any more.
* Renamed the x86 DLL to include the platform name.
2013-12-20 09:49:15 +10:00
jvazquez-r7 4816abe63b Add module for ZDI-13-263 2013-12-19 17:48:52 -06:00
Matteo Cantoni a199dc39af used the recvfrom timeout 2013-12-19 20:56:11 +01:00
Joe Vennix 8e27e87c81 Use the right disclosure date. 2013-12-19 12:58:52 -06:00
Joe Vennix 955dfe5d29 msftidy it up. 2013-12-19 12:53:58 -06:00
Joe Vennix b50bbc2f84 Update module to use sinn3r's beautiful browserexploitserver. 2013-12-19 12:49:24 -06:00
William Vu 9434d60021 Remove EOL whitespace from OS X hashdump 2013-12-19 10:39:49 -06:00
bcoles fc2da15c87 Add OpenSIS 'modname' PHP Code Execution module for CVE-2013-1349 2013-12-19 19:10:48 +10:30
Joe Vennix eb08a30293 Update description with new version support. 2013-12-19 02:08:55 -06:00
Joe Vennix 5ee6c77901 Add a patch for 15.x support.
* Also add authors i forgot, oops
2013-12-19 02:05:45 -06:00
Joe Vennix 2add2acc8f Use a smaller key size, harder to spot. 2013-12-18 21:02:23 -06:00
Joe Vennix 8d183d8afc Update versions, 4.0.1 does not work on windows. 2013-12-18 20:57:47 -06:00