Michael Schierl
f9ac55c221
Infohash key cleanups
...
Replace obvious typos in infohash keys. Note that this *does*
affect the behaviour as those keys have been ignored before.
2012-10-22 21:24:36 +02:00
Michael Schierl
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
Michael Schierl
e769abc868
Platform cleanup: platform should be lowercase
2012-10-22 20:14:39 +02:00
Michael Schierl
657d527f8d
DisclosureDate cleanup: Try parsing all dates
...
Fix all dates unparsable by `Date.strptime(value, '%b %d %Y')`
2012-10-22 20:04:21 +02:00
Michael Schierl
70ac7c8345
Author cleanup: fix unmatched angle brackets
2012-10-22 19:45:27 +02:00
Michael Schierl
d337d5204b
Author cleanup: One module did not have an author
2012-10-22 18:38:18 +02:00
sinn3r
ad9946689e
Update description
2012-10-21 16:40:01 -05:00
sinn3r
1821c11369
Code cleanup
2012-10-21 16:40:01 -05:00
sinn3r
c404b72d08
Doesn't make a lot of sense setting DefaultTarget to an older one
2012-10-21 16:40:01 -05:00
lincoln@corelan.be
c7d12d94b7
turboftp exploit
2012-10-21 16:40:00 -05:00
sput-nick
60dc83748c
Update modules/exploits/windows/browser/mozilla_mchannel.rb
2012-10-17 12:25:44 -03:00
James Lee
52feae2dcd
Add missing require
...
[FixRM #7345 ]
2012-10-15 17:18:04 -05:00
Tod Beardsley
9192a01803
All exploits need a disclosure date.
2012-10-15 16:29:12 -05:00
jvazquez-r7
2acfb0537c
Merge branch 'ajaxplorer' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ajaxplorer
2012-10-15 08:30:08 +02:00
sinn3r
529f88c66d
Some msftidy fixes
2012-10-14 19:16:54 -05:00
sinn3r
97ac7fa184
Merge branch 'module-wle-service-permissions' of git://github.com/zeroSteiner/metasploit-framework
2012-10-14 18:27:32 -05:00
sinn3r
cedcace1a7
Forgot to change the output variable
...
Because the original script used match()
2012-10-14 11:43:33 -05:00
sinn3r
cc303665e8
Credit
2012-10-13 00:42:44 -05:00
sinn3r
5b2998a121
Add OSVDB-63552 AjaXplorer module (2010)
2012-10-13 00:35:48 -05:00
James Lee
90ae5c1178
Add PhpEXE support to RateMyPet module
2012-10-12 04:53:01 -05:00
James Lee
db12413b09
Convert vcms_upload to use PhpEXE
...
Incidentally adds a Linux x86 target
2012-10-12 04:29:57 -05:00
James Lee
13a5892e95
Add a mixin for uploading/executing bins with PHP
...
And use it in three modules that had copy-paste versions of the same
idea.
2012-10-12 02:57:41 -05:00
Spencer McIntyre
3ab24cdbb9
added exploits/windows/local/service_permissions
2012-10-11 22:42:36 -04:00
James Lee
0adabb1e06
Merge branch 'wchen-r7-projectpier' into rapid7
...
[Closes #889 ]
2012-10-11 18:32:04 -05:00
sinn3r
55c0cda86c
Merge branch 'fix_vprint_reduceright' of git://github.com/kernelsmith/metasploit-framework into kernelsmith-fix_vprint_reduceright
2012-10-11 16:55:52 -05:00
kernelsmith
c911eeece2
change vprint_error to print_error
...
exploits/windows/browser/mozilla_reduceright does not tell you when an
incompatible browser connects like most other browser exploits do
(unless verbose is true). This change just changes the vprint to print
to be more consistent w/other browser exploits
2012-10-11 16:51:17 -05:00
sinn3r
9ea208d129
Oops, overwrote egypt's changes by accident
2012-10-11 16:40:52 -05:00
sinn3r
82eaa322fe
Make cleanup work better
2012-10-11 16:39:54 -05:00
James Lee
3a66a07844
Proposed re-wording of description
...
[See #889 ]
2012-10-11 15:48:04 -05:00
sinn3r
24980e735b
I found an OSVDB ID
2012-10-11 15:28:07 -05:00
sinn3r
55128f5bb3
Make sure res has value before passing it on to exec_php
2012-10-11 14:43:38 -05:00
sinn3r
033a11eff5
Add Project Pier File Upload Vulnerability
2012-10-11 13:47:40 -05:00
sinn3r
1ea73b7bd2
Small description change and favor the use of print_error
2012-10-10 13:37:23 -05:00
jvazquez-r7
f32ce87071
delete comment added by error
2012-10-10 19:32:25 +02:00
jvazquez-r7
13e914d65e
added on_new_session handler to warn users about cleanup
2012-10-10 19:31:38 +02:00
jvazquez-r7
37dc19951b
Added module for ZDI-12-169
2012-10-10 19:14:54 +02:00
HD Moore
22f7c42b85
Merge branch 'master' into feature/updated-mobile
2012-10-09 12:58:19 -05:00
jvazquez-r7
4fa3631e34
avoiding the python support on the barracuda one if cannot be tested
2012-10-09 18:01:23 +02:00
jvazquez-r7
f33411abd1
Merge branch 'python_payload_support' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-python_payload_support
2012-10-09 18:00:44 +02:00
sinn3r
a12aed7ffc
Don't really need these keywords
2012-10-09 00:49:05 -05:00
sinn3r
b657fd31cc
Merge branch 'php_include' of https://github.com/ethicalhack3r/metasploit-framework into ethicalhack3r-php_include
2012-10-09 00:45:46 -05:00
sinn3r
c094508119
Support Python payload
...
Pretty sure if the app is run on Unix/Apache, or supports perl and
ruby, chances are python works too.
2012-10-08 22:17:11 -05:00
jvazquez-r7
b356b403b0
Merge branch 'phptax' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-phptax
2012-10-09 00:10:31 +02:00
sinn3r
06e2994b7e
connectiontype to find and python payload support
2012-10-08 15:13:27 -05:00
sinn3r
abb4bdd408
metadata formatting, and a little res gotcha
2012-10-08 15:00:51 -05:00
sinn3r
04aa69192d
Dang typo
2012-10-08 13:35:13 -05:00
jvazquez-r7
ef9d627e13
Added module for ZDI-12-106
2012-10-08 20:04:01 +02:00
sinn3r
8ff4442f9e
Add PhpTax pfilez exec module
...
This module exploits a vuln found in PhpTax. When generating a
PDF, the icondrawpng() function in drawimage.php does not
properly handle the pfilez parameter, which will be used in a
exec() statement, and results in arbitrary code execution.
2012-10-08 12:46:56 -05:00
sinn3r
e9b70a3a4f
Merge branch 'avaya_winpmd_unihostrouter' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-avaya_winpmd_unihostrouter
2012-10-07 15:35:30 -05:00
jvazquez-r7
0acd9e4eec
Merge branch 'ms10_002_ropdb_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms10_002_ropdb_update
2012-10-07 17:49:45 +02:00
jvazquez-r7
40983460bf
added module for avaya winpmd bof, osvdb 73269
2012-10-07 12:05:13 +02:00
sinn3r
bdb9b75e1e
Use RopDb, and print what target the module has selected.
2012-10-07 01:42:29 -05:00
HD Moore
64f29952dc
Merge branch 'master' into feature/updated-mobile
2012-10-07 00:32:02 -05:00
sinn3r
5b656087b5
Use RopDb in adobe_flash_otf_font, also cleaner code & output
2012-10-06 21:03:41 -05:00
jvazquez-r7
874fe64343
Merge branch 'ms11_050_ropdb_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms11_050_ropdb_update
2012-10-06 14:10:36 +02:00
sinn3r
e02adc1f35
Merge branch 'mubix-bypassuac_uac_check'
2012-10-06 02:09:16 -05:00
sinn3r
33429c37fd
Change print_error to print_debug as a warning
2012-10-06 02:08:19 -05:00
sinn3r
94d5eb7a8c
Use RopDb in MS11-050, and correct autopwninfo
2012-10-06 01:45:40 -05:00
Rob Fuller
55474dd8bf
add simple UAC checks to bypassuac
2012-10-06 00:59:54 -04:00
Rob Fuller
b984d33996
add RunAs ask module
2012-10-06 00:51:44 -04:00
sinn3r
769fa3743e
Explain why the user cannot modify the URIPATH
2012-10-05 17:24:06 -05:00
ethicalhack3r
f4e442bcbd
Added headers support to php_include module
2012-10-05 23:00:38 +02:00
sinn3r
2aa59623d1
Merge branch 'ropdb_for_browsers' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ropdb_for_browsers
2012-10-05 15:43:18 -05:00
sinn3r
21ea77ff8b
Fix spaces
2012-10-05 15:40:37 -05:00
sinn3r
a60851e9d1
Merge branch 'mubix-bypassuac_localport'
2012-10-05 14:28:12 -05:00
sinn3r
6342c270f4
Merge branch 'bypassuac_localport' of https://github.com/mubix/metasploit-framework into mubix-bypassuac_localport
2012-10-05 14:16:16 -05:00
sinn3r
33db3d9610
RopDb for ntr_activex_check_bof.rb
2012-10-05 14:09:59 -05:00
sinn3r
f92843c96e
RopDb for ie_execcommand_uaf.rb
2012-10-05 13:49:17 -05:00
jvazquez-r7
aba69d8438
fix indentation
2012-10-05 20:18:40 +02:00
jvazquez-r7
4c646762a5
Added target debian squeeze
2012-10-05 20:12:09 +02:00
sinn3r
9a53a49625
RopDb for vlc_amv.rb
2012-10-05 12:54:16 -05:00
sinn3r
d9278d82f8
Adopt RopDb for msxml_get_definition_code_exec.rb
2012-10-05 12:20:41 -05:00
sinn3r
6fc8790dd7
Adopt RopDb for ms12_037_same_id.rb
2012-10-05 12:17:19 -05:00
sinn3r
1268614d54
Adopt RopDb for adobe_flash_mp4_cprt.rb
2012-10-05 11:15:53 -05:00
sinn3r
98931e339a
Adopt RopDb for adobe_flash_rtmp.rb
2012-10-05 11:05:19 -05:00
sinn3r
631a06f3bb
Adopt RopDb for adobe_flashplayer_flash10o.rb
2012-10-05 10:55:55 -05:00
Rob Fuller
0ae7756d26
fixed missing > on author
2012-10-05 11:13:40 -04:00
sinn3r
bcc56cb7cc
Merge branch 'bypassuac_localport' of https://github.com/mubix/metasploit-framework into mubix-bypassuac_localport
2012-10-05 01:05:30 -05:00
sinn3r
77438d2fc7
Make URI modification more obvious, and let the user know why
2012-10-04 17:52:04 -05:00
Rob Fuller
8520cbf218
fixes spotted by @jlee-r7
2012-10-04 17:34:35 -04:00
James Lee
ae11c2ffc0
Merge branch 'rapid7' into kernelsmith-update-ms10_042-info
...
[Closes #860 ]
2012-10-04 15:29:32 -05:00
Tod Beardsley
4400cb94b5
Removing trailing spaces
2012-10-04 14:58:53 -05:00
kernelsmith
6ef87d1695
update info to reflect use of webdav
...
ms10_042_helpctr_xss_cmd_exec.rb doesn't tell you that it's going to
use webdav, and it's options dont' have the (Don't change) warning for
SRVPORT and URIPATH. This update fixes all that
2012-10-04 14:09:53 -05:00
Rob Fuller
3f2fe8d5b4
port bypassuac from post module to local exploit
2012-10-04 14:31:23 -04:00
sinn3r
d515b3274d
Apply wfsdelay and apply egypt's suggestions
2012-10-04 00:40:52 -05:00
sinn3r
9dad8b28ee
Merge branch 'qnx_qconn_exec' of https://github.com/bcoles/metasploit-framework into bcoles-qnx_qconn_exec
2012-10-03 22:09:14 -05:00
sinn3r
fbc3709774
Change the title and regex a bit
2012-10-03 12:16:25 -05:00
jvazquez-r7
30846f4190
fix typo in comment
2012-10-03 16:06:00 +02:00
jvazquez-r7
24037ac79a
Added module for CVE-2011-4051
2012-10-03 16:03:36 +02:00
sinn3r
e39472f7d4
Merge branch 'zeroSteiner-module-ms11-080'
2012-10-02 12:01:01 -05:00
sinn3r
e36507fc05
Code cleanup and make msftidy happy
2012-10-02 12:00:23 -05:00
Spencer McIntyre
21e832ac1c
add call to memory protect to fix DEP environments
2012-10-01 18:49:18 -04:00
bcoles
e2276bfedb
Add QNX QCOMM command execution module
2012-09-30 17:21:08 +09:30
jvazquez-r7
6679ff765a
remove extra commas
2012-09-28 12:21:59 +02:00
sinn3r
4087790cf7
Oops, forgot to update the check() function
2012-09-27 18:22:57 -05:00
jvazquez-r7
9d3a1871a6
Added module for Samba CVE-2012-1182
2012-09-28 01:18:52 +02:00
Spencer McIntyre
c93692b06d
add a check to verify session is not already system for MS11-080
2012-09-27 08:36:13 -04:00
Spencer McIntyre
8648953747
added MS11-080 AFD JoinLeaf Windows Local Exploit
2012-09-26 11:01:30 -04:00
HD Moore
3ade5a07e7
Add exploit for phpmyadmin backdoor
2012-09-25 10:47:53 -05:00
sinn3r
1111de0197
Add OSVDB reference
2012-09-25 01:19:58 -05:00