3ca440089e
Add checks for .NET requisites
...
Also standardizes print_status format to look nicer with lots of cilents
2012-04-09 01:23:44 -06:00
a6b106e867
Remove autopwn support for enjoysapgui_comp_download
...
No automatic targeting, the payload doesn't execute immediately, and
requires the browser be running as Admin. Bascially just not a great
candidate for being run automatically.
2012-04-09 01:05:37 -06:00
409ba3139b
Add bap checks for blackice exploit
2012-04-09 00:50:04 -06:00
da1cb2b81d
ActiveX controls require IE
2012-04-08 22:07:09 -06:00
4e955e5870
replace spaces with tabs
2012-04-06 10:45:10 -05:00
67e6c7b850
tomcat_mgr_deploy may report successful creds
...
Using following code for 'check' as 'exploit':
report_auth_info(
:host => rhost,
:port => rport,
:sname => (ssl ? "https" : "http"),
:user => datastore['BasicAuthUser'],
:pass => datastore['BasicAuthPass'],
:proof => "WEBAPP=\"Tomcat Manager App\", VHOST=#{vhost}, PATH=#{datastore['PATH']}",
:active => true
)
Resulting in:
Credentials
===========
host port user pass type active?
---- ---- ---- ---- ---- -------
192.168.x.xxx 8080 tomcat s3cret password true
2012-04-06 10:45:10 -05:00
56b10d4d23
Merge branch 'CVE-2012-0270_csound_getnum_bof' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2012-0270_csound_getnum_bof
2012-04-06 02:28:26 -05:00
68c81e3ae0
Add OSVDB-80661 TRENDnet SecurView ActiveX BoF
2012-04-06 02:26:04 -05:00
14e3cd75dc
Revert "tomcat_mgr_deploy may report successful creds"
...
This reverts commit 937f8f035a
2012-04-05 16:17:06 -05:00
5c6856539e
.idea dir deleted
2012-04-05 22:46:43 +02:00
955de5a68c
comment fixed
2012-04-05 22:46:13 +02:00
c5f73d3d7a
added module for CVE-2012-0270_csound_getnum_bof
2012-04-05 22:35:42 +02:00
eb39b5f6aa
Msftidy on netop
2012-04-05 10:33:57 -05:00
8628991b1d
Merge pull request #305 from jlee-r7/bap-refactor
...
Bap refactor
2012-04-05 08:02:43 -07:00
937f8f035a
tomcat_mgr_deploy may report successful creds
2012-04-05 11:09:56 +02:00
974d95b175
Both of these are obsoleted by java_atomicreferencearray
2012-04-03 18:23:42 -06:00
c79060915a
Add Chap0's netop exploit
2012-04-03 11:51:58 -05:00
48d6157d6e
New NetOp Guest msf module http://www.netop.com/
2012-04-02 16:53:51 -07:00
bd5f43c918
Add another good reference by @mihi42
2012-04-01 01:30:50 -05:00
bab4cddd83
Add Jeroen Frijters for finding/reporting the bug
2012-03-31 03:01:09 -05:00
cc54a260f5
Merge remote branch 'upstream/master'
2012-03-30 14:31:12 -06:00
0547369966
Add bap support for flash mp4 and new java bug
...
Also fixes a silly issue where adobe_flash_mp4_cprt was adding the
/test.mp4 resource after every request instead of just once at startup.
2012-03-30 12:59:07 -06:00
ae21c05e69
add osvdb ref
2012-03-30 07:26:07 -05:00
e018c6604f
Modify CVE-2012-0507
2012-03-30 02:06:56 -05:00
f069a32223
Merge pull request #288 from wchen-r7/cve_2012_0507
...
Adding sinn3r and juan's exploit for CVE-2012-0507. Blog post coming soon.
2012-03-29 08:46:49 -07:00
791ebdb679
Add CVE-2012-0507 (Java)
2012-03-29 10:31:14 -05:00
5248ec87b5
Fixing EDB reference
2012-03-27 16:49:47 -05:00
e2606764cb
forgot to add renamed module
2012-03-25 09:08:38 -07:00
7ea37253a0
modifications recommended by sinn3r
2012-03-25 09:04:35 -07:00
d8ddb19b56
cve-2008-0610 windows exploit module
2012-03-25 00:14:19 -07:00
e1783acd6f
Adding newline to end of ricoh_dl_bof.rb
2012-03-23 16:31:11 -05:00
2bcf259301
Setting correct LFs on freepbx_callmenum.rb
2012-03-23 16:29:42 -05:00
71462bc73d
Merging in freepbx_callmenum.rb and ricoh_dl_bof.rb
...
[Closes #266 ]
2012-03-23 16:23:36 -05:00
fbfd308d79
This actually shouldn't go it now because it's still being code reviewed
2012-03-23 15:32:24 -05:00
47493af103
Merge pull request #259 from todb-r7/edb-2
...
Convert Exploit-DB references to first-tier "EDB-12345" references
2012-03-23 12:09:07 -07:00
fef1e31e2a
Merge branch 'olliwolli-3cdaemonsp3'
2012-03-23 08:52:19 -05:00
e30623a2c9
Merge pull request #264 from wchen-r7/ricoh_dc_exploit
...
Add Ricoh DC DL-10 FTP Buffer Overflow
2012-03-23 06:45:02 -07:00
20f0a58c6a
Minor fixes
2012-03-23 08:23:30 -05:00
30a3d8bb96
Add Windows SP3 to targets.
2012-03-23 13:52:18 +01:00
17a044db89
Print the full URI
...
Makes everything obvious from output alone, don't need to show options
to see what RHOST is.
2012-03-22 18:44:55 -06:00
6625d97599
Add Ricoh DC DL-10 FTP Buffer Overflow
2012-03-22 15:30:00 -05:00
0a24c354db
Update ms10-002 with dyphens
2012-03-21 19:19:20 -05:00
7d12a3ad3a
Manual fixup on remaining exploit-db references
2012-03-21 16:43:21 -05:00
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
2c16eb29b6
Add CVE-2010-0248 Internet Explorer Object Handling Use After Free exploit
2012-03-21 16:11:26 -05:00
23c9c51014
Fixing CVE format on sit_file_upload.
2012-03-21 09:59:20 -05:00
da963fc8b2
Adding OSVDB for dell_webcam_crazytalk.rb
2012-03-20 07:52:50 -05:00
e325469f6e
Grammar fix for dell_webcam_crazytalk module
2012-03-20 07:43:02 -05:00
f4dac59894
Add Dell Webcam CrazyTalk component BackImage overflow exploit
2012-03-20 03:46:37 -05:00
cdd7a16603
Apply egypt's fix for "\n"
2012-03-19 10:19:10 -05:00
James Lee
andurin
sinn3r
Tod Beardsley
juan
sinn3r
chap0
Steve Tornio
Tod Beardsley
Kurtis Miller
Oliver-Tobias Ripka