Commit Graph

1436 Commits (b6d9f2fac557da891c9e2cdd71e3dae418bcd387)

Author SHA1 Message Date
Joshua Drake 53fd14c9c0 updated description, added PATH variable
git-svn-id: file:///home/svn/framework3/trunk@8315 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 01:04:23 +00:00
natron 69ad365b46 Added STDERR to pure java payload, cleaned up user's view.
git-svn-id: file:///home/svn/framework3/trunk@8308 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 22:53:36 +00:00
Steve Tornio 70c0cb7530 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8307 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 21:04:40 +00:00
Steve Tornio a3f4d4f65e add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@8306 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 21:04:01 +00:00
Joshua Drake c0e556f7ad oops, broke the tree again!
git-svn-id: file:///home/svn/framework3/trunk@8305 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 20:37:44 +00:00
Joshua Drake 4751d83cb8 some cleanups, added some CVE references
git-svn-id: file:///home/svn/framework3/trunk@8304 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 20:15:32 +00:00
Joshua Drake 7789db860d add exploit module for Audiotran .pls file bof
git-svn-id: file:///home/svn/framework3/trunk@8303 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 19:24:41 +00:00
Joshua Drake d9e5de5683 note the CLSID of this control
git-svn-id: file:///home/svn/framework3/trunk@8302 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 19:17:50 +00:00
Joshua Drake 15e13348c0 add exploit module for AOL phobos bug
git-svn-id: file:///home/svn/framework3/trunk@8300 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 18:58:14 +00:00
Joshua Drake 0fbe42395f added automatic target detection
git-svn-id: file:///home/svn/framework3/trunk@8287 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 07:34:47 +00:00
Joshua Drake 008755b025 add exploit module for yassl CertDecoder::GetName vuln
also renames old mysql_yassl exploit to _hello

git-svn-id: file:///home/svn/framework3/trunk@8282 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 23:24:44 +00:00
natron 9891d60dfc Move applet generation up for slight speed improvement and less spamminess to the user.
git-svn-id: file:///home/svn/framework3/trunk@8281 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 23:15:36 +00:00
natron 5e4442a4d4 Fix a bug missed due to caching issues.
git-svn-id: file:///home/svn/framework3/trunk@8276 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 20:58:13 +00:00
natron c135462768 <@jduck> natron: you need some svn keywords magic
git-svn-id: file:///home/svn/framework3/trunk@8274 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 20:20:32 +00:00
natron cd5e5880d2 Initial commit of Msf::Exploit::Java mixin and multi/browser/java_signed_applet exploit.
git-svn-id: file:///home/svn/framework3/trunk@8267 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 19:46:39 +00:00
Joshua Drake 31949c4343 svn keywords fixups
fixed a bunch of $Id$ and $Revision$ typos
added keywords property to files missing it



git-svn-id: file:///home/svn/framework3/trunk@8242 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-26 20:12:13 +00:00
HD Moore 1bdd286936 This bug actually affected 9.2 as well according to adobe, reference updated
git-svn-id: file:///home/svn/framework3/trunk@8222 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-25 14:22:13 +00:00
Joshua Drake 87adb7714f fixed whitespace
git-svn-id: file:///home/svn/framework3/trunk@8219 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-25 04:52:49 +00:00
Joshua Drake 83f47796fe add reference to ms09-032 (the mitigation)
git-svn-id: file:///home/svn/framework3/trunk@8212 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-24 00:05:19 +00:00
Joshua Drake 14862e0106 added another target
git-svn-id: file:///home/svn/framework3/trunk@8204 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 21:43:40 +00:00
Joshua Drake 6fd20d411f add exploit module for cve-2009-4179
git-svn-id: file:///home/svn/framework3/trunk@8192 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 05:52:53 +00:00
Joshua Drake 409d44bfad fix another typo
git-svn-id: file:///home/svn/framework3/trunk@8190 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 19:26:04 +00:00
Joshua Drake 9cb3ac9340 fix typo
git-svn-id: file:///home/svn/framework3/trunk@8189 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 19:24:54 +00:00
Joshua Drake ab1a1c58db escape more format specifiers passed to util.printd
prevents mucking with the allocation size (hopefully)
a better solution would be to find a different way to allocate the freed memory..


git-svn-id: file:///home/svn/framework3/trunk@8188 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 18:32:01 +00:00
Joshua Drake a87d4e7eb4 escape randomly generated format specifiers passed to util.printd
prevents mucking with the allocation size (hopefully)


git-svn-id: file:///home/svn/framework3/trunk@8186 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 17:09:46 +00:00
Joshua Drake 2b8a2d56a1 some variable renaming
git-svn-id: file:///home/svn/framework3/trunk@8184 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 04:55:16 +00:00
Joshua Drake 72e1b9bb50 added a couple better error messages
git-svn-id: file:///home/svn/framework3/trunk@8183 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:30:08 +00:00
Joshua Drake 97c3159293 fixed version command, check function
git-svn-id: file:///home/svn/framework3/trunk@8182 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:15:20 +00:00
Joshua Drake e8048704be add exploit module for cve-2009-1979 (oracle pre-auth bof)
git-svn-id: file:///home/svn/framework3/trunk@8181 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:05:18 +00:00
Joshua Drake 310be42bfa try not to repeatedly load static files - see #694
git-svn-id: file:///home/svn/framework3/trunk@8166 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 19:12:42 +00:00
Joshua Drake db5097af91 bump ranking up, comment about crash recovery
git-svn-id: file:///home/svn/framework3/trunk@8154 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 07:23:22 +00:00
Joshua Drake 477468147b cleanup exceptions, optimize query length, add some entropy
git-svn-id: file:///home/svn/framework3/trunk@8153 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 05:09:40 +00:00
Joshua Drake 7c402d1d79 changed a comment
git-svn-id: file:///home/svn/framework3/trunk@8152 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 01:56:31 +00:00
Joshua Drake 52b71077d3 major overhaul of ms09-004 (cve-2008-5416) exploit
git-svn-id: file:///home/svn/framework3/trunk@8151 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 01:51:48 +00:00
James Lee bbe10b439f let the user know when a client connects
git-svn-id: file:///home/svn/framework3/trunk@8140 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-16 01:00:01 +00:00
HD Moore 69f609bdcd Updated description to make the source of the exploit clear and why it only triggers reliably vs 6 now. Adjusts the heap spray to be slightly bigger
git-svn-id: file:///home/svn/framework3/trunk@8138 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-16 00:55:42 +00:00
Steve Tornio a0326fc842 add CVE and OSVDB refs
git-svn-id: file:///home/svn/framework3/trunk@8137 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 22:05:02 +00:00
HD Moore 579a6fe799 Metasploit port of the IE "Aurora" exploit, based on this sample: http://wepawet.iseclab.org/view.php?hash=1aea206aa64ebeabb07237f1e2230d0f&type=js
git-svn-id: file:///home/svn/framework3/trunk@8136 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 21:36:04 +00:00
Joshua Drake fba8a1d110 added a German target with 0x0a0a0a0a as the spray addr
git-svn-id: file:///home/svn/framework3/trunk@8125 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 22:24:56 +00:00
HD Moore b1f79c6342 Use nohup to prevent the telnet session close from killing the command
git-svn-id: file:///home/svn/framework3/trunk@8082 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-07 00:10:03 +00:00
Joshua Drake 8399ff46b2 oops, left out a var
git-svn-id: file:///home/svn/framework3/trunk@8081 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:55:41 +00:00
Joshua Drake c51c14bcba fix typos :-/
git-svn-id: file:///home/svn/framework3/trunk@8080 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:09:34 +00:00
Joshua Drake 97338e6848 add exploit module for cve-2007-2280 (split from other)
git-svn-id: file:///home/svn/framework3/trunk@8079 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:04:58 +00:00
Joshua Drake 75ff9d327a _2 == cve-2009-3844
git-svn-id: file:///home/svn/framework3/trunk@8078 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:01:08 +00:00
Joshua Drake 3a9b384554 renamed the moduled
git-svn-id: file:///home/svn/framework3/trunk@8077 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 19:29:11 +00:00
Joshua Drake 4a0051d93a lots of updates, preparing to split into two modules
git-svn-id: file:///home/svn/framework3/trunk@8076 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 19:28:19 +00:00
Steve Tornio 888b7637c0 Add OSVDB ref, fixed exploit-db refs
git-svn-id: file:///home/svn/framework3/trunk@8071 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 11:49:12 +00:00
Joshua Drake 905d391d5e add exploit module for bigant 2.52 usv bug
git-svn-id: file:///home/svn/framework3/trunk@8070 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 08:24:35 +00:00
Joshua Drake efb3dbb2af minor tweaks
git-svn-id: file:///home/svn/framework3/trunk@8069 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 00:35:46 +00:00
Joshua Drake 789d875d24 record addr for stack hijacking
git-svn-id: file:///home/svn/framework3/trunk@8068 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 00:02:15 +00:00
Joshua Drake 9a9c92d785 added description, sql2ksp3 target, minor reliability improvement
git-svn-id: file:///home/svn/framework3/trunk@8067 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-04 22:07:03 +00:00
Steve Tornio c62e314ac4 Add OSVDB ref
git-svn-id: file:///home/svn/framework3/trunk@8063 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-04 13:02:18 +00:00
Mario Ceballos 1239ce132e added exploit module nettransport.rb from dookie
git-svn-id: file:///home/svn/framework3/trunk@8062 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-03 16:07:54 +00:00
Joshua Drake bb07ea9854 many updates, now supporting two diff techniques
git-svn-id: file:///home/svn/framework3/trunk@8061 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-03 08:10:28 +00:00
James Lee 3c6cbbc47e make sure IE service packs don't throw off the version comparison
git-svn-id: file:///home/svn/framework3/trunk@8049 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 21:24:00 +00:00
Joshua Drake e2a0ff92ce add check and auto-target selection
git-svn-id: file:///home/svn/framework3/trunk@8048 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 16:26:32 +00:00
Steve Tornio 64e524545e Update OSVDB ref
git-svn-id: file:///home/svn/framework3/trunk@8045 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 13:30:35 +00:00
Joshua Drake 23d7f53f3a add exploit module for cve-2008-5416
git-svn-id: file:///home/svn/framework3/trunk@8044 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 05:18:55 +00:00
Joshua Drake 2283e029db crossing fingers, big cr removal batch
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-30 22:24:22 +00:00
Joshua Drake 4827d81966 formatting fixes
git-svn-id: file:///home/svn/framework3/trunk@8029 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-30 00:48:16 +00:00
Joshua Drake 48c2184fb2 reinstated linux bruteforce target from msf2 exploit
git-svn-id: file:///home/svn/framework3/trunk@8025 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-29 22:57:02 +00:00
Joshua Drake 57fd341f4a added auto targeting, XPSP1 target, updated 2ksp4 target, notes, description
git-svn-id: file:///home/svn/framework3/trunk@8023 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-29 19:22:43 +00:00
HD Moore 922cef26fa Store the domain name in the SMB client object, along with other fields provided by NTLMSSP responses. Show the domain name and netbios name in the version scanner. Update MS06-070 to remove the default target, use the domain name from the server response, and use a more reliable return address for 2000 SP4.
git-svn-id: file:///home/svn/framework3/trunk@8022 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-29 14:00:49 +00:00
Joshua Drake 6170998ba3 add exploit module for cve-2006-4691
git-svn-id: file:///home/svn/framework3/trunk@8021 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-29 05:13:57 +00:00
Joshua Drake 1f2c1e7866 corrected cve, removed cr's, added keywords
git-svn-id: file:///home/svn/framework3/trunk@8012 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 21:12:11 +00:00
Joshua Drake 45a9d50d0d add exploit module for CVE-2008-4193
git-svn-id: file:///home/svn/framework3/trunk@8010 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 20:38:50 +00:00
HD Moore 364880fb4d Bump the session wait to 10 seconds
git-svn-id: file:///home/svn/framework3/trunk@8004 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 14:27:33 +00:00
Steve Tornio 5ac485eb48 Add OSVDB reference
git-svn-id: file:///home/svn/framework3/trunk@8002 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 12:33:40 +00:00
HD Moore 4728a29bae Two new modules from dijital1
git-svn-id: file:///home/svn/framework3/trunk@8000 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 04:36:25 +00:00
HD Moore 16062eed2d Holiday present from EgiX
git-svn-id: file:///home/svn/framework3/trunk@7989 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-26 18:50:44 +00:00
HD Moore d0969746a4 Mostly cosmetic changes from local tree
git-svn-id: file:///home/svn/framework3/trunk@7970 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-26 03:31:20 +00:00
HD Moore 87176f9591 Correct a syntax error in adobe_u3d_meshdecl
git-svn-id: file:///home/svn/framework3/trunk@7959 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-23 12:50:55 +00:00
HD Moore 92c703ba6f Wait a second before deleting the file, catch an exception on delete, combined these reduce some of the issues around psexec
git-svn-id: file:///home/svn/framework3/trunk@7954 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-23 04:02:59 +00:00
James Lee b933f49ec3 this exploit always uses an exe, so default EXITFUNC to process so we don't leave processes lying around
git-svn-id: file:///home/svn/framework3/trunk@7950 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-23 01:29:16 +00:00
Joshua Drake 1e6c9bef74 fix uri for check/detect
git-svn-id: file:///home/svn/framework3/trunk@7942 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 23:10:38 +00:00
Joshua Drake 6219116ebf removed exit calls
git-svn-id: file:///home/svn/framework3/trunk@7940 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 23:03:03 +00:00
Joshua Drake d0098095a4 hopefully resolved some hang issues
git-svn-id: file:///home/svn/framework3/trunk@7939 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 22:57:36 +00:00
Joshua Drake 9afb67aa5f removed exit call
git-svn-id: file:///home/svn/framework3/trunk@7936 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 22:10:18 +00:00
Joshua Drake 5830e359b6 corrected "privileged" flag
git-svn-id: file:///home/svn/framework3/trunk@7932 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 18:18:18 +00:00
Joshua Drake 19d32b6c97 add jabra to author list
git-svn-id: file:///home/svn/framework3/trunk@7931 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 17:01:12 +00:00
Steve Tornio 544efd879b Add OSVDB references
git-svn-id: file:///home/svn/framework3/trunk@7929 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 11:53:20 +00:00
Joshua Drake 47ef693b77 add CVE references!
git-svn-id: file:///home/svn/framework3/trunk@7928 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 09:38:42 +00:00
Joshua Drake 86dc8da1bb bump ranking up
git-svn-id: file:///home/svn/framework3/trunk@7927 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 07:56:48 +00:00
Joshua Drake 4b883322f5 moved length adjustment
git-svn-id: file:///home/svn/framework3/trunk@7926 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-20 22:45:33 +00:00
Joshua Drake 3767b6be7a add exploit module for cve-2008-4828
git-svn-id: file:///home/svn/framework3/trunk@7925 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-20 22:40:14 +00:00
Joshua Drake 6f243f6515 add exploit module for cve-2009-3853
git-svn-id: file:///home/svn/framework3/trunk@7924 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-20 11:09:39 +00:00
Joshua Drake 6a1f43b3df rename again :)
git-svn-id: file:///home/svn/framework3/trunk@7920 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:09:03 +00:00
Joshua Drake 7ef085f9b2 resolved conflict, attempt #2 to rename
git-svn-id: file:///home/svn/framework3/trunk@7919 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:08:41 +00:00
Joshua Drake 8f7c820ac9 renamed module
git-svn-id: file:///home/svn/framework3/trunk@7918 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:04:03 +00:00
HD Moore be42efdd1b Update the PDF modules to work on a wider range of versions
git-svn-id: file:///home/svn/framework3/trunk@7917 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:02:32 +00:00
Mario Ceballos de84d7e989 updated badchars and removed alphnumeric encoding.
git-svn-id: file:///home/svn/framework3/trunk@7916 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 00:08:32 +00:00
James Lee 82d84605e4 advisory says it should work against 5.5, but this module causes js syntax errors, so only run it on 6
git-svn-id: file:///home/svn/framework3/trunk@7914 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-18 19:38:52 +00:00
Joshua Drake c8495272a8 add exploit module for cve-2009-3214
git-svn-id: file:///home/svn/framework3/trunk@7911 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-18 00:19:04 +00:00
Joshua Drake 442bbe9e14 language cleanup
git-svn-id: file:///home/svn/framework3/trunk@7910 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 23:02:01 +00:00
HD Moore f2ec7795e2 Reliability improvement for the Acrobat bug - use the lame old 0x0c0c0c0c, but this works on the widest range of versions
git-svn-id: file:///home/svn/framework3/trunk@7907 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 14:43:05 +00:00
HD Moore 80fa601a2c Fixes #667. Automigrates this to avoid timer
git-svn-id: file:///home/svn/framework3/trunk@7905 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 06:02:34 +00:00
Joshua Drake 5ef4545a1b fd.read -> fd.read(fd.stat.size)
git-svn-id: file:///home/svn/framework3/trunk@7903 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:22:40 +00:00
Joshua Drake 026924c9b6 fixed sync issues between browser/fileformat modules
git-svn-id: file:///home/svn/framework3/trunk@7902 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:19:30 +00:00
Joshua Drake 2baa4a1efa port changes from Lurene to browser version
git-svn-id: file:///home/svn/framework3/trunk@7901 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:16:35 +00:00
Joshua Drake aef9a5c7b2 re-commit of changes from r7892
git-svn-id: file:///home/svn/framework3/trunk@7900 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 05:11:45 +00:00
Joshua Drake b37c34579b add exploit module for cve-2009-3869
NOTE: no policy change is required for this exploit to succeed.



git-svn-id: file:///home/svn/framework3/trunk@7899 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 04:52:40 +00:00
HD Moore d0a37bd506 Fix tab indentations
git-svn-id: file:///home/svn/framework3/trunk@7898 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 04:00:00 +00:00
pusscat 0fa275b53b Cleanups
Allow arbitrary (non-unicode) targets




git-svn-id: file:///home/svn/framework3/trunk@7895 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-16 21:44:18 +00:00
Joshua Drake e563e91d35 added browser versions of yesterdays adobe pdf exploits from jabra
git-svn-id: file:///home/svn/framework3/trunk@7894 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-16 20:37:57 +00:00
Joshua Drake 9a6839e412 add exploit module for cve-2009-2459
git-svn-id: file:///home/svn/framework3/trunk@7893 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-16 03:32:44 +00:00
Joshua Drake 82dc3eb3bf added reference, couple of test results
git-svn-id: file:///home/svn/framework3/trunk@7892 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-16 00:14:47 +00:00
Joshua Drake 191e98dc54 changed module name
git-svn-id: file:///home/svn/framework3/trunk@7890 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 23:17:24 +00:00
Joshua Drake 1875e86f7a remove executable bit
git-svn-id: file:///home/svn/framework3/trunk@7889 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 23:14:15 +00:00
Joshua Drake d9aca586a2 tested against 9.1.0
git-svn-id: file:///home/svn/framework3/trunk@7888 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 23:12:08 +00:00
James Lee 115899d24d add minver and maxver. slightly tricky because the vuln affects moz 1.7 and ff 1.0
git-svn-id: file:///home/svn/framework3/trunk@7886 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 21:54:24 +00:00
James Lee 008c72e255 add proper version
git-svn-id: file:///home/svn/framework3/trunk@7885 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 21:49:32 +00:00
Joshua Drake 2070bd4756 took notes on targets from various other exploits
git-svn-id: file:///home/svn/framework3/trunk@7884 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 20:37:34 +00:00
Joshua Drake 56c2d32b1e typo fix
git-svn-id: file:///home/svn/framework3/trunk@7883 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 20:37:15 +00:00
Steve Tornio 3677711cb0 adding OSVDB ref
git-svn-id: file:///home/svn/framework3/trunk@7882 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 20:34:01 +00:00
Joshua Drake 7b34f7b0f2 add exploit module for cve-2009-4324
git-svn-id: file:///home/svn/framework3/trunk@7881 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 20:15:08 +00:00
James Lee 2570fcee15 get rid of some more ^Ms
git-svn-id: file:///home/svn/framework3/trunk@7880 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:47:29 +00:00
James Lee 48c3709a25 correct maxver
git-svn-id: file:///home/svn/framework3/trunk@7879 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:46:53 +00:00
James Lee 196ee82179 bye-bye crlf
git-svn-id: file:///home/svn/framework3/trunk@7878 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:13:27 +00:00
Joshua Drake f3a0bbc6d6 rename to make a bit more sense
git-svn-id: file:///home/svn/framework3/trunk@7875 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 06:05:30 +00:00
Joshua Drake 2c88e2eb62 rename to make a bit more sense
git-svn-id: file:///home/svn/framework3/trunk@7874 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 05:41:29 +00:00
Joshua Drake d81c581f21 oops, remove hard coded payload
git-svn-id: file:///home/svn/framework3/trunk@7873 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 05:32:52 +00:00
Joshua Drake 4c1034ad7f add exploit module for cve-2006-2502
git-svn-id: file:///home/svn/framework3/trunk@7871 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 04:41:31 +00:00
Joshua Drake d5eb4d8217 add svn:keywords property
git-svn-id: file:///home/svn/framework3/trunk@7869 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 02:08:43 +00:00
Joshua Drake 8a95baa810 add exploit module for cve-2008-1697 from bannedit/muts
git-svn-id: file:///home/svn/framework3/trunk@7868 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 00:32:42 +00:00
Joshua Drake 1813a0fb9a updated technique
git-svn-id: file:///home/svn/framework3/trunk@7867 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 00:32:07 +00:00
James Lee 0cf566c0b9 fixes 688. better return address for greater reliability, works against FF-1.0.4 and Moz-1.7.1 on XPSP3 and 2kAS-SP0
git-svn-id: file:///home/svn/framework3/trunk@7865 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 23:27:28 +00:00
Mario Ceballos c799df8559 target is no good. offsets change on different installs.
git-svn-id: file:///home/svn/framework3/trunk@7864 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 23:07:21 +00:00
Joshua Drake 88b9ee18af clarified some version info
git-svn-id: file:///home/svn/framework3/trunk@7863 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 23:01:34 +00:00
Joshua Drake c831cda3f5 milworm/exploitdb 9277 only covers m3u and mpf, not pls
git-svn-id: file:///home/svn/framework3/trunk@7862 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 22:59:32 +00:00
Joshua Drake 8317b69aca corrected disclosure date
git-svn-id: file:///home/svn/framework3/trunk@7860 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 22:44:37 +00:00
Joshua Drake 2524840348 renamed, new targets, now using seh...
git-svn-id: file:///home/svn/framework3/trunk@7859 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 22:40:56 +00:00
Steve Tornio 1dc2c41837 added OSVDB and exploit-db refs
git-svn-id: file:///home/svn/framework3/trunk@7858 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 22:29:10 +00:00
Joshua Drake 4d645796af add exploit module from dookie
git-svn-id: file:///home/svn/framework3/trunk@7856 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 21:27:43 +00:00
HD Moore 837c70715d Reference updates from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7854 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 20:09:46 +00:00
Joshua Drake ef0d86720a updated description, added xp sp2+sp3 target, see #687
git-svn-id: file:///home/svn/framework3/trunk@7853 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 19:04:40 +00:00
HD Moore 0efbe3baf9 Remove the debug print
git-svn-id: file:///home/svn/framework3/trunk@7852 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 18:56:19 +00:00
HD Moore 97757c37a0 Adds an exploit module for the zabbix agent command execution flaw (no cve/bid/osvdb)
git-svn-id: file:///home/svn/framework3/trunk@7851 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 18:24:24 +00:00
HD Moore e02f62e3aa Switch to a return address that also works on SP0
git-svn-id: file:///home/svn/framework3/trunk@7849 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 17:14:08 +00:00
Joshua Drake f1a975a14e fix typo, remove automatic target
git-svn-id: file:///home/svn/framework3/trunk@7834 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-12 21:44:04 +00:00
Mario Ceballos ea0a1eea7d add ranking...
git-svn-id: file:///home/svn/framework3/trunk@7833 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-12 20:14:24 +00:00
Mario Ceballos 002b043d4c added exploit module hp_nnm_snmp.rb
git-svn-id: file:///home/svn/framework3/trunk@7832 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-12 20:06:14 +00:00
Joshua Drake 5f65d6bb32 properly commit references from Steve Tornio :)
git-svn-id: file:///home/svn/framework3/trunk@7828 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-11 21:24:18 +00:00
Joshua Drake 34408c5e3e add exploit module for CVE-2009-3867 (JRE getSoundbank)
git-svn-id: file:///home/svn/framework3/trunk@7827 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-11 21:18:31 +00:00
Joshua Drake 740fd67b74 add OSVDB reference from Steven Tornio
git-svn-id: file:///home/svn/framework3/trunk@7826 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-11 20:41:37 +00:00
Mario Ceballos 3ac51c7396 added exploit module symantec_altirisdeployment_runcmd.rb.
git-svn-id: file:///home/svn/framework3/trunk@7821 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-11 02:36:01 +00:00
Joshua Drake 95f9c1dacf note file version
git-svn-id: file:///home/svn/framework3/trunk@7820 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 23:23:16 +00:00
Joshua Drake dea639229b rank exploit
git-svn-id: file:///home/svn/framework3/trunk@7819 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 23:20:36 +00:00
Joshua Drake 18f96c3395 add exploit module for xenorate bof
git-svn-id: file:///home/svn/framework3/trunk@7818 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 23:19:44 +00:00
Joshua Drake fc8a2b2a2e add exploit module for audio workstation from dookie
git-svn-id: file:///home/svn/framework3/trunk@7814 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 20:46:53 +00:00
Joshua Drake fb1a8a8283 add exploit module for audio workstation from dookie
git-svn-id: file:///home/svn/framework3/trunk@7813 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 20:46:34 +00:00
Joshua Drake e724ceaf33 add exploit for gAlan from loneferret
git-svn-id: file:///home/svn/framework3/trunk@7812 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 20:41:40 +00:00
Joshua Drake 076c8d92ea clarification
git-svn-id: file:///home/svn/framework3/trunk@7811 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 20:31:34 +00:00
Joshua Drake 9eb6063448 hopefully an improvement in reliability
git-svn-id: file:///home/svn/framework3/trunk@7810 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 20:28:32 +00:00
Joshua Drake 21cbb87fac fixup whitespace
git-svn-id: file:///home/svn/framework3/trunk@7804 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 18:07:16 +00:00
Joshua Drake d8a4926a22 add framework tag comments to top
git-svn-id: file:///home/svn/framework3/trunk@7803 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 17:35:40 +00:00
Joshua Drake 11bbbbd38f add exploit module for cve-2009-3837 from dookie
git-svn-id: file:///home/svn/framework3/trunk@7802 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 17:34:58 +00:00
Joshua Drake 6c98f3c03d add exploit module for cve-2009-1394
git-svn-id: file:///home/svn/framework3/trunk@7797 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-10 08:24:37 +00:00
Joshua Drake 4cb050010b add exploitability detection (by trying %n)
git-svn-id: file:///home/svn/framework3/trunk@7791 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 23:53:26 +00:00
Joshua Drake 215879334a minor tweaks to targets
git-svn-id: file:///home/svn/framework3/trunk@7788 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 23:19:19 +00:00
Joshua Drake d56daab7d8 little comment heh
git-svn-id: file:///home/svn/framework3/trunk@7784 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 22:27:11 +00:00
Joshua Drake 164dd4201a updated badchars, rh6.2 target, added %8x detection check
git-svn-id: file:///home/svn/framework3/trunk@7782 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 21:51:46 +00:00
HD Moore 4fcdceccb7 No ruby access on the common target
git-svn-id: file:///home/svn/framework3/trunk@7776 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 15:13:35 +00:00
HD Moore 3c08bc0c80 Rename and reference update from the microsoft patch
git-svn-id: file:///home/svn/framework3/trunk@7775 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 15:06:26 +00:00
HD Moore 8a784339c4 Remove a debug print
git-svn-id: file:///home/svn/framework3/trunk@7774 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 14:00:21 +00:00
HD Moore ba1b032207 Adds coverage for the QTSS metachar injection bug
git-svn-id: file:///home/svn/framework3/trunk@7772 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 13:23:59 +00:00
Joshua Drake 88de26e46c re-enable pdf obfuscation
git-svn-id: file:///home/svn/framework3/trunk@7771 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 06:19:32 +00:00
Joshua Drake e2f70c8928 detect fmt str specifier capabilities, rework stack dumping
git-svn-id: file:///home/svn/framework3/trunk@7769 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 02:19:07 +00:00
Joshua Drake 1fec10cb44 finish and test target for redhat 6.2
git-svn-id: file:///home/svn/framework3/trunk@7765 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 23:52:11 +00:00
Joshua Drake 4bcc8a93a3 attempt to improve reliability of u3d pdf exploits
git-svn-id: file:///home/svn/framework3/trunk@7762 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 22:08:32 +00:00
Joshua Drake 87c85b5176 removed executable generation routines from Rex::Text (use Msf::Util::EXE), Fixes #660
git-svn-id: file:///home/svn/framework3/trunk@7760 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 21:24:45 +00:00
Joshua Drake 9b4f521df5 two more similar exploit modules, cleaned up naming
git-svn-id: file:///home/svn/framework3/trunk@7759 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 20:20:30 +00:00
Joshua Drake 9da59988a6 updated disclosure date
git-svn-id: file:///home/svn/framework3/trunk@7758 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 20:10:17 +00:00
Joshua Drake 5995ddca97 reduce ranking due to egghunter instability
git-svn-id: file:///home/svn/framework3/trunk@7757 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 19:53:11 +00:00
Joshua Drake cb5d02af20 remove debug code
git-svn-id: file:///home/svn/framework3/trunk@7756 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 19:52:15 +00:00
Joshua Drake 6ae2293a79 add exploit module for cve-2009-0133
git-svn-id: file:///home/svn/framework3/trunk@7755 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 19:50:21 +00:00
Joshua Drake bfa405cb2b add exploit module for cve-2009-0133
git-svn-id: file:///home/svn/framework3/trunk@7754 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 19:50:00 +00:00
Joshua Drake d86bfedc3e osvdb reference from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7752 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 16:29:53 +00:00
Joshua Drake 0961ce3523 add exploit module for cve-2009-3693
git-svn-id: file:///home/svn/framework3/trunk@7749 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 03:08:46 +00:00
Joshua Drake 2dfcd26370 oops, dupe of auxiliary/admin/symantec/cba_exec.rb
git-svn-id: file:///home/svn/framework3/trunk@7745 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 21:28:53 +00:00
Joshua Drake cb6fbe8894 add exploit module for cve-2009-1429
git-svn-id: file:///home/svn/framework3/trunk@7744 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 20:39:00 +00:00
Joshua Drake e04a491905 updated references
git-svn-id: file:///home/svn/framework3/trunk@7743 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 20:26:43 +00:00
Joshua Drake ce42156e38 minor tweaks
git-svn-id: file:///home/svn/framework3/trunk@7742 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 20:24:30 +00:00
Joshua Drake f6d491a996 add exploit module from dookie
git-svn-id: file:///home/svn/framework3/trunk@7741 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 20:24:12 +00:00
Joshua Drake 90342d0fa0 add exploit module from dookie
git-svn-id: file:///home/svn/framework3/trunk@7740 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-07 20:21:25 +00:00
Joshua Drake ff83f1cd2f add ranking to every exploit module, pfew!
git-svn-id: file:///home/svn/framework3/trunk@7724 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:50:37 +00:00
Joshua Drake 2cf9c3ce2b revision fixups
git-svn-id: file:///home/svn/framework3/trunk@7723 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:16:11 +00:00
Joshua Drake 17249f29d3 cve roulette also cve-2009-4054
git-svn-id: file:///home/svn/framework3/trunk@7722 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:00:06 +00:00
Joshua Drake 619f82a420 ugh, rh6.1 isn't vulnerable either
git-svn-id: file:///home/svn/framework3/trunk@7720 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 03:42:37 +00:00
Joshua Drake 576d55f821 added some missing CVE references
git-svn-id: file:///home/svn/framework3/trunk@7719 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 02:30:42 +00:00
Joshua Drake d93be3e873 typo in description
git-svn-id: file:///home/svn/framework3/trunk@7702 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 18:46:45 +00:00
Joshua Drake 5c271db9b5 add OSVDB reference from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7695 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 15:52:20 +00:00
Joshua Drake e8e98b9be6 add exploit module for cve-2000-0573
git-svn-id: file:///home/svn/framework3/trunk@7693 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 07:50:53 +00:00
Mario Ceballos 80422f24c4 added exploit module ca_arcserve_342.rb
git-svn-id: file:///home/svn/framework3/trunk@7690 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-04 02:55:00 +00:00
HD Moore 9ebcd40a4e Updated references to work better with NeXpose integration
git-svn-id: file:///home/svn/framework3/trunk@7683 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 15:27:29 +00:00
James Lee 8e0eef03c6 see #594. remove some extraneous junk, don't run the shell in a terminal (it dies immediately). space is the only badchar. still doesn't actually work without a modification to encoder/cmd/generic_sh.
git-svn-id: file:///home/svn/framework3/trunk@7680 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 09:09:56 +00:00
Joshua Drake b8302e6f61 changed default target
git-svn-id: file:///home/svn/framework3/trunk@7675 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 00:04:33 +00:00
Joshua Drake b9a97f310e fixed typo in targets
git-svn-id: file:///home/svn/framework3/trunk@7674 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 23:50:09 +00:00
Joshua Drake 267ed23223 this exploits an ssh server, moving to ssh dir
git-svn-id: file:///home/svn/framework3/trunk@7673 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 22:31:13 +00:00
Joshua Drake dcc05c7494 typo fix
git-svn-id: file:///home/svn/framework3/trunk@7672 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 21:06:36 +00:00
Mario Ceballos faa27f93b9 updated with the bid id
git-svn-id: file:///home/svn/framework3/trunk@7669 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 12:20:40 +00:00
Joshua Drake b48e5d34e7 added svn keywords
git-svn-id: file:///home/svn/framework3/trunk@7660 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 20:36:55 +00:00
HD Moore b0403cfde2 OSVDB references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7658 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 16:44:25 +00:00
Joshua Drake 38d04631e6 recorded some additional test results
git-svn-id: file:///home/svn/framework3/trunk@7657 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 16:42:58 +00:00
Joshua Drake ec45ea8c22 minor cleanups, removed 0day text, Fixes #573
git-svn-id: file:///home/svn/framework3/trunk@7646 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-30 18:42:00 +00:00
Mario Ceballos 09cb98678f added exploit module intersystems_cache.rb
git-svn-id: file:///home/svn/framework3/trunk@7631 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-28 15:26:21 +00:00
Joshua Drake f845a7db54 dissected most of the u3d data
git-svn-id: file:///home/svn/framework3/trunk@7628 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 07:26:08 +00:00
Joshua Drake 623f3b88ec minor cleanups, fixed u3d_pad function
git-svn-id: file:///home/svn/framework3/trunk@7626 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 06:21:39 +00:00
Joshua Drake 8e8a52fe26 removed meta data, randomized mesh name
git-svn-id: file:///home/svn/framework3/trunk@7624 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 04:42:42 +00:00
Joshua Drake dd713f96de broke up u3d data a bit, first pass
git-svn-id: file:///home/svn/framework3/trunk@7619 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-26 00:34:22 +00:00
Joshua Drake f88dee904a add exploit module for cve-2009-2994
git-svn-id: file:///home/svn/framework3/trunk@7617 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 22:24:10 +00:00
HD Moore 927563c135 Correct some assumptions about client-side exploit signature development, remove the prepend since we dont use .net anymore
git-svn-id: file:///home/svn/framework3/trunk@7616 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 21:18:26 +00:00
Joshua Drake e3a1a7958e cleaned up the descriptions
git-svn-id: file:///home/svn/framework3/trunk@7615 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 20:05:18 +00:00
Joshua Drake a4dd52543c removed .net dll bypass, recorded some crash addresses
git-svn-id: file:///home/svn/framework3/trunk@7614 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 19:39:15 +00:00
James Lee 00eaff0550 stupid ruby string differences
git-svn-id: file:///home/svn/framework3/trunk@7611 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 17:16:45 +00:00
HD Moore 0c19f50718 Fix broken .NET method
git-svn-id: file:///home/svn/framework3/trunk@7610 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 17:11:38 +00:00
Joshua Drake f733856974 add exploit module for cve-2009-3762
git-svn-id: file:///home/svn/framework3/trunk@7609 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 07:25:04 +00:00
James Lee f516edacfb only works on ie7
git-svn-id: file:///home/svn/framework3/trunk@7603 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 02:14:40 +00:00
James Lee 07543fd526 fix potential hang when server doesn't respond
git-svn-id: file:///home/svn/framework3/trunk@7602 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-25 02:01:27 +00:00
James Lee c45c15cd29 add autopwn info
git-svn-id: file:///home/svn/framework3/trunk@7599 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 23:50:08 +00:00
Joshua Drake 3bca7d14c4 payload compatability: no findsock allowed
git-svn-id: file:///home/svn/framework3/trunk@7597 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 19:35:05 +00:00
Patrick Webster 796e8cdfc3 Ported hdm's exchange2000_xexch50 module to version 3.
git-svn-id: file:///home/svn/framework3/trunk@7592 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 07:11:12 +00:00
James Lee 99319d2a55 don't unintentionally create a UNC path. see #558
git-svn-id: file:///home/svn/framework3/trunk@7591 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 06:23:03 +00:00
James Lee 4a912e7c0c don't inadvertantly create a UNC path. see #558
git-svn-id: file:///home/svn/framework3/trunk@7590 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 06:02:21 +00:00
James Lee 7490e4c4a8 use an absolute uri to the evil gif. fixes #558. we probably ought to have a method for doing this since it seems to be a fairly common problem.
git-svn-id: file:///home/svn/framework3/trunk@7589 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-24 05:44:21 +00:00
Patrick Webster f2d998d514 Added check support.
git-svn-id: file:///home/svn/framework3/trunk@7585 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-23 07:37:54 +00:00
Joshua Drake 3bcc51e155 added exloit module for cve-2009-2990
git-svn-id: file:///home/svn/framework3/trunk@7580 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:15:13 +00:00
Joshua Drake 008fbedf93 created multi-platform fileformat dir
git-svn-id: file:///home/svn/framework3/trunk@7579 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:14:52 +00:00
Joshua Drake 5dbd32cd98 added japanese target from TomokiSanaki
git-svn-id: file:///home/svn/framework3/trunk@7578 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:09:59 +00:00
Joshua Drake b9939a836f fixed PDF header (oops)
git-svn-id: file:///home/svn/framework3/trunk@7577 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-22 01:01:11 +00:00
Joshua Drake b54a7aa1d3 confirmed SEH target works on Windows XP SP3
git-svn-id: file:///home/svn/framework3/trunk@7576 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-21 17:44:09 +00:00
Joshua Drake e5796f5b3b changed address to 0x0a0a0a0a
tested against various reader versions
removed pdf version randomization



git-svn-id: file:///home/svn/framework3/trunk@7570 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 05:56:03 +00:00
Joshua Drake f767129e61 fixed some typos, thx mubix!
git-svn-id: file:///home/svn/framework3/trunk@7569 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 03:36:02 +00:00
Joshua Drake 106350ac97 Stop randomizing the module version, it breaks Acrobat 9
git-svn-id: file:///home/svn/framework3/trunk@7568 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 17:39:37 +00:00
Joshua Drake 5bbbafefa2 osvdb reference update from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7565 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 04:16:10 +00:00
Joshua Drake c2bcad1f4c add exploit http version
git-svn-id: file:///home/svn/framework3/trunk@7563 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 02:29:37 +00:00
Joshua Drake 82706981de dynamically get ip address length
git-svn-id: file:///home/svn/framework3/trunk@7561 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 00:49:20 +00:00
Joshua Drake 31e9d9929c add exploit module for another 0day
git-svn-id: file:///home/svn/framework3/trunk@7560 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 23:54:26 +00:00
Joshua Drake 447e208abf add httpdx handlepeer() exploit (cve-2009-3711)
git-svn-id: file:///home/svn/framework3/trunk@7557 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 22:29:20 +00:00
HD Moore 61e233df91 Keywords on all modules, plugins, and scripts
git-svn-id: file:///home/svn/framework3/trunk@7550 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 00:05:19 +00:00
James Lee 10e897b94f make sure we got a response before trying to pull headers out of it. see #519
git-svn-id: file:///home/svn/framework3/trunk@7541 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 19:00:16 +00:00
James Lee 9f134512c2 give up if we can't get the password hash. see #519
git-svn-id: file:///home/svn/framework3/trunk@7539 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:51:51 +00:00
James Lee dd323e2a7b don't try to run methods on an object we just confirmed was nil
git-svn-id: file:///home/svn/framework3/trunk@7538 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:48:34 +00:00
James Lee b4d04ab22d fix 1.9 str[idx] error; see #519
git-svn-id: file:///home/svn/framework3/trunk@7534 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 18:28:34 +00:00
Joshua Drake 4edc6d942c updated awingsoft web3d bof module from trancer
git-svn-id: file:///home/svn/framework3/trunk@7533 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 16:51:52 +00:00
James Lee 94729103b4 added osvdb ref and keywords
git-svn-id: file:///home/svn/framework3/trunk@7532 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 16:18:51 +00:00
HD Moore bd28e044f0 Handle instances where the pipe does not exist gracefully
git-svn-id: file:///home/svn/framework3/trunk@7531 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 15:20:50 +00:00
James Lee 7fb9c4a791 add coverage for cve-2009-1151
git-svn-id: file:///home/svn/framework3/trunk@7528 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 08:42:32 +00:00
James Lee 53640065da license
git-svn-id: file:///home/svn/framework3/trunk@7522 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 19:53:03 +00:00
Joshua Drake 04725e70cc reference updates from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7521 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 16:03:01 +00:00
Mario Ceballos 4c23734e72 added exploit module oracle_dc_submittoexpress.rb
git-svn-id: file:///home/svn/framework3/trunk@7520 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-15 01:01:21 +00:00