Commit Graph

12587 Commits (b5fc8e4a779ca13a7babaaecda771dcdaecc42e6)

Author SHA1 Message Date
sinn3r fef1e31e2a Merge branch 'olliwolli-3cdaemonsp3' 2012-03-23 08:52:19 -05:00
Tod Beardsley e30623a2c9 Merge pull request #264 from wchen-r7/ricoh_dc_exploit
Add Ricoh DC DL-10 FTP Buffer Overflow
2012-03-23 06:45:02 -07:00
sinn3r 20f0a58c6a Minor fixes 2012-03-23 08:23:30 -05:00
sinn3r 41bc8ded3d Add HP Data Protector aux module for executing commands on Windows 2012-03-23 07:57:13 -05:00
Oliver-Tobias Ripka 30a3d8bb96 Add Windows SP3 to targets. 2012-03-23 13:52:18 +01:00
James Lee 17a044db89 Print the full URI
Makes everything obvious from output alone, don't need to show options
to see what RHOST is.
2012-03-22 18:44:55 -06:00
HD Moore e9d6309143 Fix 1.9.2 compatibility issues and C99 warnings 2012-03-22 19:09:16 -05:00
sinn3r 6625d97599 Add Ricoh DC DL-10 FTP Buffer Overflow 2012-03-22 15:30:00 -05:00
Tod Beardsley b2b2580dbf Adding the correct url for exploit-db exploits. 2012-03-22 14:26:46 -05:00
Patrick Webster 3dc0e97998 Updating description and refs to Patrick's module
There was some weirdness with the commit log on this module but it
should all be kosher now.

[Closes #260]
2012-03-22 10:30:25 -05:00
Tod Beardsley 348d0b6278 Merge pull request #263 from rsmudge/armitage
Armitage 03.22.12
2012-03-22 08:18:28 -07:00
Raphael Mudge b176e660a0 last minute change to how I highlight pivots. 2012-03-22 10:22:59 -04:00
sinn3r 434b56824b Merge pull request #261 from rsmudge/armitage
Armitage 03.22.12
2012-03-22 00:21:15 -07:00
Raphael Mudge 38b379ef88 Armitage 03.22.12
This release tweaks the payload selection logic, improves the built-in nmap profiles, and adds DNS enumeration to the Hosts menu.
2012-03-21 23:42:55 -04:00
James Lee 2d29184adc Use interpolation to ensure LPORT is a string for gsub
[Fixes #6542]
2012-03-21 21:05:05 -06:00
sinn3r ddacf1dde8 Merge pull request #258 from wchen-r7/ms10_002_ie
Add CVE-2010-0248 Internet Explorer Object Handling Use After Free
2012-03-21 17:20:27 -07:00
sinn3r 0a24c354db Update ms10-002 with dyphens 2012-03-21 19:19:20 -05:00
Tod Beardsley 7d12a3ad3a Manual fixup on remaining exploit-db references 2012-03-21 16:43:21 -05:00
Tod Beardsley 2f3bbdc00c Sed replacement of exploit-db links with EDB refs
This is the result of:

find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/\([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
Tod Beardsley c589420f42 Typo fix, missing comma 2012-03-21 16:43:21 -05:00
Tod Beardsley 75785a8b9f Got tired of writing out Exploit-DB identifiers
There are 143 modules with exploit-db references, may as well make them
easier to write and find. This change introduces the EDB identifier.
2012-03-21 16:43:21 -05:00
sinn3r 2c16eb29b6 Add CVE-2010-0248 Internet Explorer Object Handling Use After Free exploit 2012-03-21 16:11:26 -05:00
Chris John Riley b49b947b9a Added Base32 Support 2012-03-21 22:02:46 +01:00
Tod Beardsley 31228ed65a Comment indentation 2012-03-21 15:21:10 -05:00
Tod Beardsley 482a1a8511 Merge pull request #253 from corelanc0d3r/dnspayload
rewrote DNS TXT query out-of-band payload delivery shellcode
2012-03-21 13:19:55 -07:00
Tod Beardsley 8f17cc3f5c MS12-020 not MS12-002 2012-03-21 13:58:18 -05:00
Tod Beardsley 23c9c51014 Fixing CVE format on sit_file_upload. 2012-03-21 09:59:20 -05:00
Tod Beardsley b09d91d1c7 Removing enum_bing_url
Moving this over to unstable until the described http request problem
gets resolved.
2012-03-21 09:33:31 -05:00
Peter Van Eeckhoutte 89d7363a8f fixed crash 2012-03-21 10:39:05 +01:00
sinn3r c64226f4b8 Fix regex 2012-03-21 04:31:49 -05:00
sinn3r 056985625d damn comma 2012-03-21 04:06:54 -05:00
sinn3r e973da7c6d Add Chicken of the VNC client profile collector module 2012-03-21 04:04:35 -05:00
Peter Van Eeckhoutte f81730a7e1 changes to the way jmp to payload is done 2012-03-21 09:52:22 +01:00
corelanc0d3r 45ef7fc35d reset author 2012-03-20 20:43:56 +01:00
sinn3r ed542e2b6c Change dns_enum to enum_dns for naming style consistency 2012-03-20 14:11:04 -05:00
sinn3r b8b5c79957 No need for net/http 2012-03-20 14:09:40 -05:00
sinn3r 777e221232 Add Bing URL enumerator by Royce (Feature #6499) 2012-03-20 14:07:42 -05:00
Tod Beardsley 582a9e9f73 Merge pull request #248 from todb-r7/master
Test pull request, please ignore.
2012-03-20 07:14:45 -07:00
Tod Beardsley da963fc8b2 Adding OSVDB for dell_webcam_crazytalk.rb 2012-03-20 07:52:50 -05:00
Tod Beardsley e325469f6e Grammar fix for dell_webcam_crazytalk module 2012-03-20 07:43:02 -05:00
sinn3r f4dac59894 Add Dell Webcam CrazyTalk component BackImage overflow exploit 2012-03-20 03:46:37 -05:00
James Lee bba98136b6 Clarify the driver situation a bit
Tell the user what's really going on instead of what was going on before
4.2 was released and we still supported databases other than postgres.
2012-03-19 21:13:49 -06:00
Tod Beardsley 826fdc014d Whitespace on the readme.
This readme really ought to be formatted with some markup some day.

However, today is not that day.
2012-03-19 21:17:33 -05:00
Peter Van Eeckhoutte a3035dc6d0 Adding corelandc0d3r's http/https/ftp payload
Picks up the one http/https/ftp payload, but not the other two DNS
payloads listed as part of the original pull request.

[Closes #173]
2012-03-19 16:50:59 -05:00
Tod Beardsley bff860c62d s/brute force/bruteforce
This is the preferred spelling in Metasploit, at least, according to
grep consensus:

./metasploit-framework$ grep -ri "brute force" . | wc -l
111
./metasploit-framework$ grep -ri "bruteforce" .  | wc -l
183
2012-03-19 16:14:00 -05:00
James Lee 8265fc4b82 Clarify that we're looking at sniffer ifaces 2012-03-19 15:04:40 -06:00
Tod Beardsley 4391c24d2f Trivial touchups on RDP DoS module.
Dropping a line about what it can't do, adding freenode comment.
2012-03-19 14:27:27 -05:00
sinn3r 3a851ef2c2 Fix typo 2012-03-19 13:20:59 -05:00
sinn3r 3d72d52625 Add reporting to MS12-020 2012-03-19 13:18:51 -05:00
sinn3r fa4504e1f6 Let's make this clear, it's just a DoS 2012-03-19 13:00:29 -05:00