de016780b8
Rename the PAYLOAD_TYPE datastore option
...
This datastore option conflicts with a reserved option in Pro causing
this module to fail in Pro.
2012-11-15 14:42:31 -06:00
f1423bf0b4
If a message is clearly a warning, then use print_warning
2012-10-24 00:44:53 -05:00
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
5b18a34ad4
References cleanup
...
Uppercase MSB, spaces in URLs.
2012-10-22 22:37:01 +02:00
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
39f2cbfc3c
Older targets confirmed for CoolType SING
2012-09-12 16:51:51 -05:00
61bf15114a
deregistering FILENAME option
2012-09-10 23:14:14 +02:00
199fbaf33d
use a static filename
2012-09-10 23:08:21 +02:00
cb975ce0a2
cleanup plus documentation for the maki template
2012-09-10 22:48:04 +02:00
607c0f023a
added edb references
2012-09-10 17:30:31 +02:00
b813e4e650
Added module for CVE-2009-1831
2012-09-10 16:46:16 +02:00
caae54a7ca
added osvdb reference
2012-09-07 16:56:37 +02:00
c572c20831
Description updated to explain conditions
2012-09-07 11:18:54 +02:00
86036737ca
Apparently this app has two different names
...
People may either call the app "ActiveFax", or "ActFax". Include
both names in there to allow the module to be more searchable.
2012-09-06 18:38:03 -05:00
4985cb0982
Added module for ActFac SYSTEM Local bof
2012-09-07 00:45:08 +02:00
783ffb13c2
Add Adobe security bulletin references
2012-09-04 00:07:53 -05:00
d106a1150e
Be more clear that we dislike certain PDF templates
2012-08-31 14:07:58 -05:00
d56ac81a57
Recapitalizing GlobalSCAPE
...
According to
http://kb.globalscape.com/Search.aspx?Keywords=globalscape
this seems to be the preferred capitalization.
2012-08-15 13:25:35 -05:00
bfe2ed0737
Minor title update
2012-08-14 12:14:13 -05:00
1ec7f03352
Changes proposed by todb: description, author email, zip data random
2012-08-14 18:45:05 +02:00
3c79509780
Added module for BID 46375
2012-08-14 18:15:29 +02:00
c2cc4b3b15
juan author name updated
2012-08-06 18:59:16 +02:00
d2e1f4b448
Added module for OSVDB 83745
2012-07-25 19:24:09 +02:00
260cea934d
Add more reference
2012-07-05 16:48:43 -05:00
2874768539
Also add juan as author. And links to the vulnerable setup.
2012-06-30 13:12:13 -05:00
5dbfb7b9aa
last cleanup
2012-06-30 14:18:25 +02:00
19d476122b
versions affected corrected
2012-06-29 20:23:17 +02:00
533111c6da
irfanview_jpeg2000_bof: review of pull req #543
2012-06-29 20:13:02 +02:00
196e1b7f70
Update title & description to match what ZDI has.
...
ZDI publishes a new advisory that's closer to what we actually
see in a debugger. So we update the reference, as well as the
description + title to better match up theirs.
2012-06-29 11:10:28 -05:00
5efb459616
updated zdi reference
2012-06-29 16:36:11 +02:00
e5dd6fc672
Update milw0rm references.
...
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links. Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
7dcdd205bb
Update CVEs for fileformat exploits
2012-06-28 00:21:03 -05:00
2f733ff8b9
Add CVE-2012-0663 Apple QuickTime TeXML Exploit
2012-06-27 14:41:45 -05:00
9ea6d84a7a
Make it clear the exploit doesn't like certain PDF formats
...
If the exploit cannot fetch certain xref fields, we warn the user
we don't like their PDF, and recommend them to try a different
one.
2012-06-26 16:32:10 -05:00
b966dda980
Update missing CVE reference
2012-06-26 01:26:09 -05:00
7698b2994d
Correct OSVDB typo
2012-06-25 18:32:35 -05:00
fb7f6b49f0
This mega-diff adds better error classification to existing modules
2012-06-19 12:59:15 -05:00
80d46580ec
One last minor change for metadata format
2012-06-14 21:48:24 -05:00
82799f2601
Some final touchup
...
This commit includes the following changes:
* Description change
* Additional references
* More testing
* Format change
* Other minor stuff
2012-06-14 21:46:38 -05:00
75a67d7160
Merge branch 'module-tfm_mmplayer' of https://github.com/bcoles/metasploit-framework into bcoles-module-tfm_mmplayer
2012-06-14 21:14:29 -05:00
c1685c44c3
Fix disclosure date
2012-06-14 10:03:49 -05:00
1cdf964719
A little change to the description
2012-06-14 10:03:15 -05:00
48ee81de29
Add CVE-2012-2915
2012-06-14 09:56:01 -05:00
940f904dee
Changed date format to new DisclosureDate format. Removed two redundant spaces. Now passes msftidy.
2012-06-14 12:10:03 +09:30
15b674dab3
Language on MS12-005
2012-06-13 14:22:20 -05:00
9756f87517
Added TFM MMPlayer (m3u/ppl File) Buffer Overflow module
2012-06-13 13:50:12 +09:30
efcb206cdf
Correct a typo
2012-06-10 14:38:14 -05:00
4743c9fb33
Add MS12-005 (CVE-2012-0013) exploit
2012-06-10 01:08:28 -05:00
4681ed1c1e
Whitespace, thanks msftidy.rb!
2012-05-31 18:18:27 -06:00
7e6c2f340e
Minor updates; added BID, fixed grammar
...
Modules should not refer to themselves in the first person unless they
are looking for Sarah Connor.
2012-05-30 16:16:41 -05:00
065d3187d3
Added module for OSVDB 74604
2012-05-29 21:10:51 +02:00
db5b3c8259
Added module for OSVDB 82000
2012-05-28 08:51:36 +02:00
0b7b71e240
Correct run-on sentence
2012-05-23 10:27:23 -05:00
94f114b69a
Fix typos
2012-05-23 10:22:52 -05:00
287d68f304
added module for CVE-2008-0320
2012-05-23 17:14:11 +02:00
1fc7597a56
Msftidy fixes.
...
Fixed up activecollab_chat, batik_svg_java, and foxit_reader_launch
All whitespace fixes.
2012-05-21 10:59:52 -05:00
822e109b1f
Merge pull request #398 from wchen-r7/foxit_reader_launch
...
CVE-2009-0837 by bannedit - Foxit Reader 3 Launch Action BoF
2012-05-20 07:58:29 -07:00
e4f80a1fab
Francisco is the the one who found it according to advisory
2012-05-18 17:12:52 -05:00
41aac751e9
Add CVE-2009-0837 by bannedit - Foxit Reader 3 Launch Action Buffer Overflow
...
This was added last year, but yanked due to some reliability issues.
bannedit gave me the updated version recently, and the issue he was having
appears to be resolved.
There is no good P/P/R to use in XP SP3, so that system isn't supported.
2012-05-18 13:25:51 -05:00
b89e77c842
Add Spanish dir path. Thanks Miguel
2012-05-15 19:27:48 -05:00
f6c88377f4
Fixes #362 by changing the exitfunction arguments to be the correct type
2012-05-07 02:41:08 -05:00
cc76438a75
Merge branch 'jlee-r7-http-print-standardization'
2012-04-25 15:38:46 -05:00
711fb73048
Fix more print_*
2012-04-25 15:01:50 -05:00
9c9b74cae2
Small change with the description
2012-04-24 15:47:31 -05:00
ecd7762df9
Merge branch 'shadow-exploit-module' of https://github.com/b0telh0/metasploit-framework into b0telh0-shadow-exploit-module
2012-04-24 15:30:09 -05:00
5bf5e8888d
Minor changes
2012-04-24 13:48:45 -05:00
cca97f2989
added module for CVE-2012-0158
2012-04-23 22:59:25 +02:00
66ecf28451
Shadow stream recorder exploit.
2012-04-22 19:19:40 -03:00
c68a775106
Fix EDB references
2012-04-19 23:53:32 -05:00
93390fa6e2
Fix metadata and some cosmetic stuff
2012-04-19 19:12:27 -05:00
bce6c9abcf
Verify checksum to avoid jumping to a corrupt payload
2012-04-19 18:52:43 -05:00
ae7c2acf9d
Merge branch 'xradio-exploit-module' of https://github.com/b0telh0/metasploit-framework into b0telh0-xradio-exploit-module
2012-04-19 18:09:20 -05:00
8d1d63dda8
Correct OSVDB reference, thanks modpr0be
2012-04-19 12:04:11 -05:00
f3ebe284ca
Minor cosmetic changes
2012-04-18 02:38:25 -05:00
15539c633b
Merge branch 'chap0-gsm' of https://github.com/chap0/metasploit-framework into chap0-chap0-gsm
2012-04-18 02:32:42 -05:00
e52f40daf1
Cosmetic changes
2012-04-18 02:25:43 -05:00
fdd8afea88
minor changes
2012-04-15 22:58:58 -03:00
5bb087d9a7
Exploit module for xRadio Buffer Overflow.
2012-04-15 19:16:11 -03:00
9b2797f707
better randomization
2012-04-15 12:16:51 +10:00
50e36d3fb0
cyberlink Power2Go name attribute stack buffer overflow
2012-04-14 17:57:22 +10:00
4be0361f69
These modules shouldn't be here, sorry
2012-04-14 02:12:45 -05:00
c6a6b79c23
gsm sim 5.15 module, can get the download to test here >
...
download.cnet.com/GSM-SIM-Utility/3000-18508_4-10396246.html
2012-04-13 22:12:48 -07:00
cdd49bf16a
fixed references, describe target better
2012-04-13 11:23:28 +10:00
c851722d50
fixed the description...
2012-04-13 11:18:24 +10:00
9b0c211160
exploit for cyberlinks Power2Go application. I find this software installed by default on alot of HP notebooks along with the CD installer. Not quite sure this was exploited earlier..
2012-04-13 11:07:36 +10:00
5c6856539e
.idea dir deleted
2012-04-05 22:46:43 +02:00
955de5a68c
comment fixed
2012-04-05 22:46:13 +02:00
c5f73d3d7a
added module for CVE-2012-0270_csound_getnum_bof
2012-04-05 22:35:42 +02:00
eb39b5f6aa
Msftidy on netop
2012-04-05 10:33:57 -05:00
c79060915a
Add Chap0's netop exploit
2012-04-03 11:51:58 -05:00
48d6157d6e
New NetOp Guest msf module http://www.netop.com/
2012-04-02 16:53:51 -07:00
7d12a3ad3a
Manual fixup on remaining exploit-db references
2012-03-21 16:43:21 -05:00
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
aeb691bbee
Massive whitespace cleanup
2012-03-18 00:07:27 -05:00
e3f2610985
Msftidy run through on the easy stuff.
...
Still have some hits, but that requires a little more code contortion to
fix.
2012-03-15 17:06:20 -05:00
9144c33345
MSFTidy check for capitalization in modules
...
And also fixes up a dozen or so failing modules.
2012-03-15 16:38:12 -05:00
1cf25e58d5
merge description change
2012-03-12 17:22:01 -05:00
57376a976d
Fixes descriptions on new modules.
...
Fixing up grammar and removing some editorial verbiage.
2012-03-07 09:18:47 -06:00
f97dc8dee7
Fix spelling of the IBM product iSeries
...
Was I-Series.
2012-03-07 15:24:15 -06:00
ba2bf194fd
Fixes descriptions on new modules.
...
Fixing up grammar and removing some editorial verbiage.
2012-03-07 09:17:22 -06:00
David Maloney
sinn3r
Michael Schierl
Tod Beardsley
jvazquez-r7
HD Moore
bcoles
James Lee
sinn3r
juan
Leonardo Botelho
Steven Seeley
chap0
Jonathan Cran