Commit Graph

1436 Commits (b6d9f2fac557da891c9e2cdd71e3dae418bcd387)

Author SHA1 Message Date
Joshua Drake e9083bda0d add exploit module for cve-2010-0805 - from zsploit
git-svn-id: file:///home/svn/framework3/trunk@9018 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 20:25:56 +00:00
Joshua Drake b35559e1ec add a 6.1.22.0 target (from WorldMail3.1.2x_installer.exe)
git-svn-id: file:///home/svn/framework3/trunk@9015 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 03:48:07 +00:00
Joshua Drake 7d45b8fdf0 update targets, add auto_target functionality
git-svn-id: file:///home/svn/framework3/trunk@9012 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 02:09:32 +00:00
HD Moore 52faebea30 Typo
git-svn-id: file:///home/svn/framework3/trunk@9006 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 04:57:42 +00:00
HD Moore 3258f30ba7 Typo
git-svn-id: file:///home/svn/framework3/trunk@9005 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 04:46:28 +00:00
HD Moore 8f0e3ced67 Correct spelling typo
git-svn-id: file:///home/svn/framework3/trunk@9004 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 00:46:49 +00:00
HD Moore cd2760f2c2 Bug fixes and size improvements for the reverse_https stager
git-svn-id: file:///home/svn/framework3/trunk@9001 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-03 13:53:35 +00:00
Joshua Drake eb003518ce add auto_target to apache_chunked exploit - should reduce run duration in most cases
git-svn-id: file:///home/svn/framework3/trunk@8980 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 16:26:01 +00:00
Joshua Drake 776259e3c6 bleh, fix comma
git-svn-id: file:///home/svn/framework3/trunk@8979 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 15:51:55 +00:00
Joshua Drake 5c34cce14a add note about possibly incorrect references
git-svn-id: file:///home/svn/framework3/trunk@8978 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 15:38:11 +00:00
Joshua Drake 82b6f05fa9 add exploit module from m_101
git-svn-id: file:///home/svn/framework3/trunk@8975 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 17:10:07 +00:00
Joshua Drake 61b4500ffd remove svn:executable from various files
git-svn-id: file:///home/svn/framework3/trunk@8974 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 16:20:34 +00:00
Steve Tornio 970efbc628 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8971 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 11:27:56 +00:00
natron b5ee26770b Cameled all vars on accident, uncameling regular opts. Also, broke native osx payload, oops.
git-svn-id: file:///home/svn/framework3/trunk@8970 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 05:15:26 +00:00
Mario Ceballos f10d0fbb41 added exploit module hp_nnm_ovwebhelp.rb
git-svn-id: file:///home/svn/framework3/trunk@8969 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 00:47:31 +00:00
Joshua Drake ff8cdc29aa update description with a little history
git-svn-id: file:///home/svn/framework3/trunk@8968 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:36:10 +00:00
Joshua Drake 516a6f47e5 move USERNAME/PASSWORD setting to exploit instead of auto_target so manual targets work - fixes #1416
git-svn-id: file:///home/svn/framework3/trunk@8967 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:29:47 +00:00
natron c1fa8d60f7 Expose exe :template and :insert via advanced options plus formatting changes. Thanks MarkBagget for the kick in the pants and the example options to to_win32pe\!
git-svn-id: file:///home/svn/framework3/trunk@8966 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:05:32 +00:00
Joshua Drake da874c323a renamed and udpated "iepeers" vuln with latest information/name
git-svn-id: file:///home/svn/framework3/trunk@8965 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 20:15:22 +00:00
Joshua Drake 477a424cab silly comma...
git-svn-id: file:///home/svn/framework3/trunk@8959 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 06:42:59 +00:00
Joshua Drake ee90abb049 author fix
git-svn-id: file:///home/svn/framework3/trunk@8958 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 04:26:14 +00:00
Joshua Drake c9d321b352 clean up comments
git-svn-id: file:///home/svn/framework3/trunk@8957 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 01:40:26 +00:00
Joshua Drake b2f3e91c8b add a target for v8.6.0.1936
git-svn-id: file:///home/svn/framework3/trunk@8955 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-29 18:19:59 +00:00
Joshua Drake 0a6547045d add exploit module for cve-2007-2888
git-svn-id: file:///home/svn/framework3/trunk@8953 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-29 17:21:15 +00:00
HD Moore 4bac76cc9e Fix XOR encoding for this module
git-svn-id: file:///home/svn/framework3/trunk@8940 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 20:17:33 +00:00
Joshua Drake 79e277450a add reliable IE7 trigger from Nanika
git-svn-id: file:///home/svn/framework3/trunk@8935 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 01:31:19 +00:00
Joshua Drake 3dc30aeed6 minor whitespace change
git-svn-id: file:///home/svn/framework3/trunk@8934 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 01:30:40 +00:00
Joshua Drake 89d6907a8f fix typoez
git-svn-id: file:///home/svn/framework3/trunk@8933 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 00:35:48 +00:00
Joshua Drake f649c4a92c raise exception if unable to login
git-svn-id: file:///home/svn/framework3/trunk@8932 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-26 19:00:23 +00:00
HD Moore 22cb5a6bea 1.9 compatibility fixes for lpd exploits, clarification in the print messages that we are *trying* to exploit something, not absolutely doing so
git-svn-id: file:///home/svn/framework3/trunk@8916 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 14:52:35 +00:00
James Lee a27c941714 targ_host -> target_host
git-svn-id: file:///home/svn/framework3/trunk@8909 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 01:09:04 +00:00
Joshua Drake 4f657ef868 add exploit module for cve-2009-1260
git-svn-id: file:///home/svn/framework3/trunk@8900 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 19:35:29 +00:00
HD Moore 2b419a421d Add default timeouts to autopwn, control with -T
git-svn-id: file:///home/svn/framework3/trunk@8892 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 00:11:21 +00:00
Joshua Drake 5c1cf6aefb correction to target descriptions
git-svn-id: file:///home/svn/framework3/trunk@8889 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 06:54:45 +00:00
Joshua Drake 39537bfc53 add an office xp sp0 target
git-svn-id: file:///home/svn/framework3/trunk@8888 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 06:00:54 +00:00
Joshua Drake b8b11338b1 add linux x86/x86_64 support for tomcat manger deploy, see #1016
git-svn-id: file:///home/svn/framework3/trunk@8853 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-19 02:13:02 +00:00
Joshua Drake d270d8aa95 update author comments
git-svn-id: file:///home/svn/framework3/trunk@8852 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-18 23:52:28 +00:00
Joshua Drake a940d9a810 add exploit module for VariCAD 2010-2.05 DWB bug
git-svn-id: file:///home/svn/framework3/trunk@8851 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-18 23:47:52 +00:00
Joshua Drake ef299e71d2 candy mountain whitespace fixes!
git-svn-id: file:///home/svn/framework3/trunk@8834 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-16 18:07:49 +00:00
Joshua Drake 7fcad1f4b8 add exploit module for cve-2010-0188 (possibly cve-2006-3549)
git-svn-id: file:///home/svn/framework3/trunk@8833 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-16 18:06:50 +00:00
Joshua Drake 40dd65494e add notes about vulnerable versions
git-svn-id: file:///home/svn/framework3/trunk@8811 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-13 18:15:06 +00:00
HD Moore 13410d4daa Rename aurora module to the MSB naming convention
git-svn-id: file:///home/svn/framework3/trunk@8780 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 05:49:45 +00:00
HD Moore a23344b5d0 Consistency in how IE/Internet Explorer is named
git-svn-id: file:///home/svn/framework3/trunk@8779 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 05:49:14 +00:00
Steve Tornio d3da883aa2 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8774 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:07:04 +00:00
HD Moore baf64ed999 Remove trailing
git-svn-id: file:///home/svn/framework3/trunk@8771 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:01:43 +00:00
Joshua Drake 3c57fe6e81 add exploit module for cve-2010-0806
git-svn-id: file:///home/svn/framework3/trunk@8770 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:01:32 +00:00
HD Moore aaea62bb92 Report the correct local/peer names for the session information. Fix a return value check
git-svn-id: file:///home/svn/framework3/trunk@8765 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 07:13:18 +00:00
Joshua Drake b419a40c45 finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
also some minor cleanups here and there

git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:58:01 +00:00
Joshua Drake 3b9524697f add verbose option
git-svn-id: file:///home/svn/framework3/trunk@8761 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:55:47 +00:00
Joshua Drake 52647260b3 add offset for alternative file open methods
git-svn-id: file:///home/svn/framework3/trunk@8757 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 05:57:22 +00:00
Joshua Drake fbc157df56 add exploit module for cve-2010-0688
git-svn-id: file:///home/svn/framework3/trunk@8754 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 01:04:44 +00:00
HD Moore b1973c6630 Adds detection and exploitation coverage for the Energizer Duo trojan
git-svn-id: file:///home/svn/framework3/trunk@8749 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 19:06:50 +00:00
Joshua Drake 83419da78b check for vulnerable version in JS prior to triggering vuln, closes #1011
git-svn-id: file:///home/svn/framework3/trunk@8731 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 04:36:16 +00:00
Joshua Drake 35c4a1d123 handle missing targets more gracefully, stub out linux and x86_64 support detection
git-svn-id: file:///home/svn/framework3/trunk@8729 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:35:18 +00:00
Joshua Drake 28f4eb2fd9 handle failed logins - fixes #1014
git-svn-id: file:///home/svn/framework3/trunk@8728 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:05:12 +00:00
Joshua Drake de9e944ad9 fix compile error
git-svn-id: file:///home/svn/framework3/trunk@8723 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 06:47:19 +00:00
Joshua Drake 73da75a931 big update to cmd stager
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there

git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:29:44 +00:00
Joshua Drake 1629bf7bf0 move http_send_cmd into cmdweb test exploit
git-svn-id: file:///home/svn/framework3/trunk@8716 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 21:00:58 +00:00
Joshua Drake 0900314a15 redirect requests without subdirectories
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 18:28:05 +00:00
Joshua Drake 4bd857b53e add exploit module for cve-2008-3558
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 17:41:26 +00:00
Joshua Drake e8f22a7136 add exploit module for cve-2008-3878
git-svn-id: file:///home/svn/framework3/trunk@8705 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 06:19:37 +00:00
Joshua Drake 5aebed8fe7 add exploit module for cve-2008-5002
git-svn-id: file:///home/svn/framework3/trunk@8703 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 21:17:31 +00:00
Joshua Drake fb5906385d add exploit module for cve-2009-1534
git-svn-id: file:///home/svn/framework3/trunk@8698 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:12:37 +00:00
Joshua Drake d86575701d added CVE, KB references
git-svn-id: file:///home/svn/framework3/trunk@8696 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 03:20:58 +00:00
Steve Tornio 074b4ada44 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8688 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 12:23:17 +00:00
Joshua Drake 4b59410507 rename module per ms bulletin
git-svn-id: file:///home/svn/framework3/trunk@8686 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 07:50:25 +00:00
Joshua Drake d0153225a0 add exploit module for cve-2009-1612
git-svn-id: file:///home/svn/framework3/trunk@8685 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:55 +00:00
Joshua Drake cc9113397c add exploit for IE Windows Help vulnerability
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 23:14:20 +00:00
Joshua Drake e80df81350 correct the CVE reference
git-svn-id: file:///home/svn/framework3/trunk@8678 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 19:47:13 +00:00
Joshua Drake cc891bce80 whitespace cleanups
git-svn-id: file:///home/svn/framework3/trunk@8677 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 15:13:04 +00:00
James Lee 3b59bc7cfc use the same option names for user/pass
git-svn-id: file:///home/svn/framework3/trunk@8674 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 22:14:58 +00:00
Stephen Fewer b4339930e7 rename this module with the updated MSB and swap out the hard coded kernel stager for the new kernel stager mixin.
git-svn-id: file:///home/svn/framework3/trunk@8656 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 13:42:17 +00:00
Joshua Drake 541a409f44 remove app_name variable
git-svn-id: file:///home/svn/framework3/trunk@8619 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-24 16:53:55 +00:00
Joshua Drake afd2df315b rename module part deux!
git-svn-id: file:///home/svn/framework3/trunk@8607 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 18:12:10 +00:00
Joshua Drake 705a4626e4 remove dash from file name
git-svn-id: file:///home/svn/framework3/trunk@8605 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 18:06:35 +00:00
Joshua Drake 81f93d48e7 add german target from contributor, thx!
git-svn-id: file:///home/svn/framework3/trunk@8601 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 17:23:05 +00:00
Joshua Drake b810e9665f add comment about autofilter mapping
git-svn-id: file:///home/svn/framework3/trunk@8592 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:30:38 +00:00
Joshua Drake b818536e46 corrected comment text
git-svn-id: file:///home/svn/framework3/trunk@8590 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:27:15 +00:00
Joshua Drake e3b009471b move code in autofilter into check
git-svn-id: file:///home/svn/framework3/trunk@8589 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:26:28 +00:00
Joshua Drake 1faec528de fix InitAutoRunScript -> InitialAutoRunScript
git-svn-id: file:///home/svn/framework3/trunk@8582 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 17:52:19 +00:00
Joshua Drake 6414821ea8 add exploit modules for CVEs 2005-2877 and 2004-1037
git-svn-id: file:///home/svn/framework3/trunk@8578 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 20:31:09 +00:00
Joshua Drake 865969e059 whitespace adjustments - finally closes #773
git-svn-id: file:///home/svn/framework3/trunk@8575 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 01:44:34 +00:00
Joshua Drake 32bf50c627 add exploit module to get code exec from jboss.system:MainDeployer access
git-svn-id: file:///home/svn/framework3/trunk@8574 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 01:41:24 +00:00
Joshua Drake 8446a0c305 add auto-targeting to tomcat_mgr_deploy, fixes #887
git-svn-id: file:///home/svn/framework3/trunk@8564 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 01:14:39 +00:00
Steve Tornio 93acc977fe fix osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8563 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 19:42:08 +00:00
Joshua Drake 6e8eddcf5e add exploit module for cve-2008-0506
git-svn-id: file:///home/svn/framework3/trunk@8562 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 07:31:12 +00:00
HD Moore 1a53411282 Filter out the other test modules from automation
git-svn-id: file:///home/svn/framework3/trunk@8559 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:18:43 +00:00
HD Moore 0db3ada840 Filter this from automation
git-svn-id: file:///home/svn/framework3/trunk@8558 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:15:03 +00:00
natron 5b3c87c9c5 Add option to save java code to file.
git-svn-id: file:///home/svn/framework3/trunk@8557 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:11:56 +00:00
Joshua Drake 2e77c76824 add exploit module to get code exec on a tomcat manager instance, closes #772
git-svn-id: file:///home/svn/framework3/trunk@8552 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 18:18:43 +00:00
Patrick Webster 350c189a34 Added exploit module qbik_wingate_wwwproxy.
git-svn-id: file:///home/svn/framework3/trunk@8547 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 15:58:26 +00:00
Joshua Drake 797ab55f52 add exploit module for cve-2009-2011
git-svn-id: file:///home/svn/framework3/trunk@8541 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 20:14:40 +00:00
Joshua Drake b4ead057f6 add exploit module for cve-2000-0917
git-svn-id: file:///home/svn/framework3/trunk@8530 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 00:56:28 +00:00
Joshua Drake 4800d6841c commit cmd stager stuff from bannedit
git-svn-id: file:///home/svn/framework3/trunk@8518 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 16:38:19 +00:00
et cf29ff333e Added a path to prepend
git-svn-id: file:///home/svn/framework3/trunk@8514 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 05:24:31 +00:00
Joshua Drake 48b7aec12d corrected cve reference
git-svn-id: file:///home/svn/framework3/trunk@8512 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 00:30:17 +00:00
Joshua Drake a996668cfa added payload notes
git-svn-id: file:///home/svn/framework3/trunk@8511 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 00:27:45 +00:00
Joshua Drake 82369aa9e8 add exploit module for cve-2007-2447
git-svn-id: file:///home/svn/framework3/trunk@8510 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 00:26:41 +00:00
Joshua Drake 8c59c9cfdc fix typos
git-svn-id: file:///home/svn/framework3/trunk@8508 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 22:42:16 +00:00
Joshua Drake b1ef6075c0 add exploit module for cve-2007-5208
git-svn-id: file:///home/svn/framework3/trunk@8507 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 22:38:50 +00:00