c1a4c4e584
Repair dead milw0rm link to exploit-db
2011-12-13 16:13:34 -06:00
acef9de711
Repair dead milw0rm link to exploit-db
2011-12-13 16:13:15 -06:00
e7ab48693c
Repair dead milw0rm link to exploit-db
2011-12-13 16:12:57 -06:00
94b736c76c
Repair dead milw0rm link to exploit-db
2011-12-13 16:12:38 -06:00
97b74101fb
Repair dead milw0rm link to exploit-db
2011-12-13 16:12:11 -06:00
7b2a1dc791
Repair dead milw0rm link to exploit-db
2011-12-13 16:11:33 -06:00
a5189917da
Add CVE-2005-4832: Oracle Database Server DBMS_CDC_SUBSCRIBE SUBSCRIPTION_NAME SQL Injection (Feature #6094 )
2011-12-13 15:44:39 -06:00
d246bfa4da
Credit Luigi Auriemma for the original discovery/poc, not Celil
2011-12-13 15:20:26 -06:00
d87d8d5799
Add CVE-2011-4453 (PmWiki Remote code exeuction - Feature #6103 )
2011-12-13 11:45:24 -06:00
a9e4474eda
Add missing require, fix load error on invalid constant
2011-12-12 23:24:03 -06:00
cd0679ab5d
Increase timeout for cmd_exec()
2011-12-12 21:15:28 -06:00
6e8fdf1ce1
Apply patch #6081
2011-12-12 19:51:02 -06:00
a8fad72fce
Merge branch 'msftidy_fixup'
...
Merging a local msftidy cleanup branch, adding a new optional msftidy
test to check for 1.8 compat and cleaning up some whitespace /
file.open()'s.
2011-12-12 17:55:21 -06:00
f402b8598b
Whitespace and File.open binary mode cleanups.
...
Fixes some recent modules: dns_fuzzer, shodan_search,
avidphoneticindexer, and win_privs.
2011-12-12 17:31:28 -06:00
32c8301c19
Add feature #6082 (Traq 2.3 Auth bypass remote code execution)
2011-12-12 15:45:19 -06:00
bacdbb90d7
ugh, stack overflow != stack buffer overflow. Also, metadata format fix.
2011-12-12 15:23:32 -06:00
5af5137241
Add CoDeSys SCADA bof module ( #6083 )
2011-12-12 15:21:15 -06:00
5ba5bbf077
Apply feature #6074
2011-12-12 12:03:34 -06:00
4e95eb5d34
Update description (Feature #6080 )
2011-12-12 11:33:17 -06:00
b4f58ef8fd
Trailing commas kill 1.8. dangit.
...
Fixed dns_fuzzer to knock that off.
2011-12-12 10:26:53 -06:00
4736cb1cbe
Merge pull request #48 from swtornio/master
...
add osvdb ref
2011-12-11 20:37:43 -08:00
17cc89ebad
Add IPv6 specific HTTP(S) handlers and payloads (simplifies
...
options/usage)
2011-12-11 13:26:48 -06:00
2d3064c1ec
Default the scope ID to 0, explicitly
2011-12-10 13:46:16 -06:00
1ae12e3a23
Remove the default target, since module doesn't fingerprint the service
...
pack, this can only end in tears.
2011-12-10 13:31:05 -06:00
a9db05e53b
Fix regular expression
2011-12-10 13:24:58 -06:00
cd4d7d3c47
Handle IPv6 properly (host header parsing)
2011-12-10 13:24:58 -06:00
25685c4c74
add osvdb ref
2011-12-10 08:07:21 -06:00
b521602d82
add osvdb ref
2011-12-10 07:49:50 -06:00
8ccb68c9df
Adding an add_socket() to dhcp and rftp as lauched with a survice
...
when succesful.
Closing the related pull reuquest for this one.
2011-12-10 03:39:25 -06:00
e52436e7ad
Drop the incorrect Id keyword from h323_version
2011-12-09 14:29:55 -06:00
e043fb52c2
Incrase timeout
2011-12-08 11:21:03 -06:00
d6d9ac17d2
use store_loot() instead of store_local()
2011-12-08 11:10:31 -06:00
c366e652b9
Revert "Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()"
...
This reverts commit d37daa4934
2011-12-08 10:11:09 -06:00
d37daa4934
Using store_local() to store stuff for dir traversal bugs feels much better than store_loot()
2011-12-07 19:08:24 -06:00
aa5c0c46b6
Fix indent level
2011-12-07 18:44:49 -06:00
feab7f5077
Add CVE-2011-4350
2011-12-07 18:42:52 -06:00
b7ccbcd6b5
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-07 12:23:23 -06:00
84682b3615
Apply patch #6072
2011-12-07 12:22:58 -06:00
b8767d5f57
Fix typo on 1.8.7
2011-12-07 10:45:23 -06:00
5afba20c21
Merge pull request #43 from jduck/master
...
Clear up how to use native payloads for tomcat_mgr_deploy
2011-12-06 23:01:53 -08:00
1694e22e74
Merge pull request #42 from chao-mu/master
...
Fix for issue #6012 ; post/windows/manage/enable_rdp broken
2011-12-06 23:01:20 -08:00
0e2101e4c1
Correct author name
2011-12-07 00:24:16 -06:00
fd1935b3de
show is_admin
2011-12-07 00:23:06 -06:00
edec6b98ee
Add feature #6067 Family Connections CMS 2.7.1 exploit
2011-12-07 00:00:56 -06:00
8fdfd9f97b
Additional verbosity on WLAN error message
...
to explain that the modules will error if the
Wireless Zero Configuration Service is turned off.
2011-12-06 20:42:11 -05:00
459eafd96d
Fix to WLAN mdoules for when wLAN not installed on target
...
The modules did not close out properly when WLAN was determined not to be
installed on the host. This fix corrects that.
fixes #6070
2011-12-06 20:22:47 -05:00
92c1065508
Add CVE-2004-1626 (Ability FTP Server). OSCP l337-fu :-)
2011-12-06 18:52:42 -06:00
f1950c2fe1
Adding back bitstruct (current upstream) and dns_fuzzer module
...
Fixes #3289 .
This commit adds back the bit-struct library because in the end,
it is useful for some modules, especially pello's. It's small
and it has a nice license, so why not. After all, it /is/
useful for quicky application headers. Eventually, should
be replaced by StructFu, but that requires some doc work
on my part to get that transition in place.
This also adds pello's DNS fuzzer module which makes use of
BitStruct to create sometimes malformed-on-purpose DNS headers.
Tested against 3 different DNS servers, caused one to reboot,
so I'd say it works.
2011-12-06 17:03:36 -06:00
0bbbcd549d
Add port information, and allow search in data
2011-12-05 22:22:36 -06:00
84af4647db
Merge branch 'issue_1083_oracle'
2011-12-05 17:39:46 -06:00
sinn3r
HD Moore
Tod Beardsley
HD Moore
Steve Tornio
sinn3r
David Maloney