infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
22,316 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

6000 Commits (c1fb4a68fadddda17ca0b9c4ed924e590e034ebd)

Author SHA1 Message Date
William Vu 80a1e85235 Add :config => false to sysax_ssh_username 2013-12-30 18:13:49 -06:00
David Maloney c3fd657bde Missing config false flag 
the sshexec exploit was missing the flag
that tells net:ssh to not use the user's
local config . This can cuase ugly problem

MSP-9262
 2013-12-30 14:28:15 -06:00
Tod Beardsley 5ce862a5b5
Add OSVDB 2013-12-26 10:33:46 -06:00
sinn3r 90ce761681
Land #2790 - RealNetworks RealPlayer Version Attribute Buffer Overflow 2013-12-24 00:39:54 -06:00
sinn3r 367dce505b Minor details 2013-12-24 00:39:15 -06:00
sgabe f687a14539 Added support for opening via menu. 2013-12-24 03:12:49 +01:00
sinn3r 9c484dd0a3
Land #2786 - HP SiteScope issueSiebelCmd Remote Code Execution 2013-12-23 02:34:01 -06:00
sinn3r 5b647ba6f8 Change description 
Pre-auth is implied.
 2013-12-23 02:33:17 -06:00
sgabe 287271cf98 Fixed date format. 2013-12-22 01:32:16 +01:00
sgabe 0ac495fef8 Replaced hex with plain text. 2013-12-22 01:31:37 +01:00
jvazquez-r7 f43bc02297 Land #2787, @mwulftange's exploit for CVE-2013-6955 2013-12-20 17:03:10 -06:00
jvazquez-r7 163a54f8b1 Do send_request_cgi final clean up 2013-12-20 17:00:57 -06:00
sgabe 44ab583611 Added newline to end of file. 2013-12-20 22:40:45 +01:00
sgabe 62f71f6282 Added module for CVE-2013-6877 2013-12-20 22:37:09 +01:00
jvazquez-r7 af13334c84 Revert gsub! 2013-12-20 11:39:49 -06:00
sinn3r ce8b8e8ef9
Land #2783 - OpenSIS 'modname' PHP Code Execution 2013-12-20 11:29:10 -06:00
sinn3r d0ef860f75 Strip default username/password 
There isn't one. So force the user to supply one.
 2013-12-20 11:28:18 -06:00
sinn3r 52a4e55804
Land #2781 - Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution 2013-12-20 11:25:50 -06:00
jvazquez-r7 1da961343a Do final (minor) cleanup 2013-12-20 11:20:29 -06:00
Markus Wulftange 929f3ea35c Turn Auxiliary module into Exploit module 2013-12-20 16:45:38 +01:00
bcoles fb6cd9c149 add osvdb+url refs and module tidy up 2013-12-20 20:27:07 +10:30
jvazquez-r7 4816abe63b Add module for ZDI-13-263 2013-12-19 17:48:52 -06:00
Joe Vennix 8e27e87c81 Use the right disclosure date. 2013-12-19 12:58:52 -06:00
Joe Vennix 955dfe5d29 msftidy it up. 2013-12-19 12:53:58 -06:00
Joe Vennix b50bbc2f84 Update module to use sinn3r's beautiful browserexploitserver. 2013-12-19 12:49:24 -06:00
bcoles fc2da15c87 Add OpenSIS 'modname' PHP Code Execution module for CVE-2013-1349 2013-12-19 19:10:48 +10:30
Joe Vennix eb08a30293 Update description with new version support. 2013-12-19 02:08:55 -06:00
Joe Vennix 5ee6c77901 Add a patch for 15.x support. 
* Also add authors i forgot, oops
 2013-12-19 02:05:45 -06:00
Joe Vennix 2add2acc8f Use a smaller key size, harder to spot. 2013-12-18 21:02:23 -06:00
Joe Vennix 8d183d8afc Update versions, 4.0.1 does not work on windows. 2013-12-18 20:57:47 -06:00
Joe Vennix cb390bee7d Move comment. 2013-12-18 20:37:33 -06:00
Joe Vennix 23b5254ea1 Fix include reference. 2013-12-18 20:35:43 -06:00
Joe Vennix 5255f8da12 Clean up code. Test version support. 
* Using #get in Object#defineProperty call makes the payload execute immediately
on all supported browsers I tested.
* Moved Ranking to Excellent since it is now 100% reliable.
 2013-12-18 20:30:08 -06:00
jvazquez-r7 198667b650
Land #2774, @Mekanismen's module for CVE-2013-7091 2013-12-18 16:23:44 -06:00
jvazquez-r7 aec2e0c92c Change ranking 2013-12-18 16:23:14 -06:00
jvazquez-r7 d4ec858051 Clean zimbra_lfi 2013-12-18 15:46:37 -06:00
sinn3r 4bddd077ec
Land #2762 - Use new ntdll railgun functions 2013-12-18 15:18:47 -06:00
Joe Vennix 64273fe41d Move addon datastore options into mixin. 2013-12-18 14:42:01 -06:00
Joe Vennix ca2de73879 It helps to actually commit the exploit. 2013-12-18 14:31:42 -06:00
Joe Vennix 1235615f5f Add firefox 15 chrome privilege exploit. 
* Moves the logic for generating a firefox addon into its own mixin
* Updates the firefox_xpi_bootstrapped_addon module to use the mixin
* Module only works if you move your mouse 1px in any direction.
 2013-12-18 14:30:35 -06:00
Mekanismen 0c0e8c3a49 various updates 2013-12-18 20:54:35 +01:00
jvazquez-r7 ab69454f89 Land #2745, @rcvalle's exploit for CVE-2013-2068 2013-12-18 12:06:27 -06:00
jvazquez-r7 ec64382efc Fix cfme_manageiq_evm_upload_exec according to chat with @rcvalle 2013-12-18 11:53:30 -06:00
jvazquez-r7 a28ea18798 Clean pull request 2013-12-18 11:32:34 -06:00
Mekanismen 2de15bdc8b added module for Zimbra Collaboration Server CVE-2013-7091 2013-12-17 19:32:04 +01:00
sinn3r ad2ec497c2
Land #2773 - Fix ms_ndproxy to work under a sandboxed Reader 2013-12-16 20:32:27 -06:00
jvazquez-r7 52cb43e6a8 Fix typo 2013-12-16 20:28:49 -06:00
jvazquez-r7 84759a552a Save one variable 2013-12-16 16:49:44 -06:00
jvazquez-r7 042bd4f80b Fix ms_ndproxy to work under a sandboxed Reader 2013-12-16 16:19:17 -06:00
Tod Beardsley f88a3a55b6
More slight updates. 2013-12-16 15:05:39 -06:00