Commit Graph

701 Commits (c4b85603d2665d8465a8c3118a7ccbdec5c9713c)

Author SHA1 Message Date
jvazquez-r7 04668c7d61 fix response codes check to avoid second tries to fail 2012-11-05 09:26:26 +01:00
sinn3r 799c22554e Warn user if a file/permission is being modified during new session 2012-10-24 00:54:17 -05:00
Michael Schierl 910644400d References EDB cleanup
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
Michael Schierl f9ac55c221 Infohash key cleanups
Replace obvious typos in infohash keys. Note that this *does*
affect the behaviour as those keys have been ignored before.
2012-10-22 21:24:36 +02:00
Michael Schierl e9f7873afc Version cleanup
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
sinn3r abb4bdd408 metadata formatting, and a little res gotcha 2012-10-08 15:00:51 -05:00
jvazquez-r7 ef9d627e13 Added module for ZDI-12-106 2012-10-08 20:04:01 +02:00
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
jvazquez-r7 9a83c7c338 changes according to egypt review 2012-09-14 18:47:50 +02:00
jvazquez-r7 eae571592c Added rgod email 2012-09-14 17:45:16 +02:00
jvazquez-r7 a2649dc8d1 fix typo 2012-09-14 17:10:41 +02:00
jvazquez-r7 e27d5e2eb7 Description improved 2012-09-14 17:08:59 +02:00
jvazquez-r7 9c77c15cf5 Added module for osvdb 85087 2012-09-14 16:54:28 +02:00
jvazquez-r7 b4113a2a38 hp_site_scope_uploadfileshandler is now multiplatform 2012-09-06 12:54:51 +02:00
jvazquez-r7 2f87af1c3a add some checks while parsing the java serialization config file 2012-09-05 20:58:55 +02:00
jvazquez-r7 b2116e2394 cleanup, test, add on_new_session handler and osvdb references 2012-09-05 20:54:25 +02:00
jvazquez-r7 406202fc81 Added module for ZDI-12-174 2012-09-05 12:56:09 +02:00
jvazquez-r7 f439f256b5 Debug line deleted on 2012-08-30 00:18:07 +02:00
sinn3r c3159e369a A lot gotcha
When res is nil, that condition can fall into the 'else' clause.
If that happens, we can trigger a bug when we try to read res.code.
2012-08-29 14:46:35 -05:00
jvazquez-r7 6a24e042f9 fixing indentation 2012-08-29 16:17:56 +02:00
jvazquez-r7 2ed712949e Added check function 2012-08-29 16:12:11 +02:00
jvazquez-r7 72cb39925a Added exploit for OSVDB 84821 2012-08-29 12:17:44 +02:00
sinn3r 1b6fe22359 Give proper credit to Craig plus additional references
Craig first found the buffer overflow. But Matt found a more
reliable way to exploit the flaw.
2012-08-21 22:48:15 -05:00
jvazquez-r7 3da8a59cf0 a little cleanup plus complete metadata 2012-08-20 22:42:54 +02:00
Matt Andreko d226135986 Code Review Feedback
Removed trailing spaces and fixed indenting.
2012-08-20 10:41:42 -04:00
Matt Andreko d82493a658 Code Review Feedback
Added 'Space' payload option, which in turn also required 'DisableNops'
Added/Corrected documentation for return addresses
2012-08-19 22:09:08 -04:00
Matt Andreko bd249d1f28 Fixed exploit and made code review changes
The exploit was not working due to the user's root path causing
the EIP offset to change. To correct this, I was able to get
the server to disclose the root path in an error message (fixed in
5.67). I also radically refactored the exploit due to the feedback
I received from Juan Vazquez.
2012-08-19 10:01:03 -04:00
Matt Andreko 6dfe706860 Merge remote-tracking branch 'upstream/master' into sysax_create_folder 2012-08-19 09:58:04 -04:00
sinn3r 6059bb5710 Merge branch 'cyclope' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-cyclope 2012-08-13 11:40:46 -05:00
sinn3r f9b5f321cb ADD OSVDB-84517 2012-08-12 17:56:18 -05:00
jvazquez-r7 bf04e2dded Added module for CVE-2011-2653 2012-08-12 18:27:56 +02:00
sinn3r b46fb260a6 Comply with msftidy
*Knock, knock!*  Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
sinn3r 57c32c9c7b Slip Plixer's name in there, because it's their product. 2012-08-07 12:20:44 -05:00
jvazquez-r7 c2cc4b3b15 juan author name updated 2012-08-06 18:59:16 +02:00
Steve Tornio eb963ae52a add osvdb ref 2012-08-05 09:01:46 -05:00
Tod Beardsley d5b165abbb Msftidy.rb cleanup on recent modules.
Notably, DisclosureDate is required for other module parsers, so let's
not ignore those, even if you have to guess at the disclosure or call
the module's publish date the disclosure date.
2012-08-04 12:18:00 -05:00
sinn3r 6ae863cdff Forgot two extra spaces, how dare me! 2012-08-01 15:11:33 -05:00
sinn3r 92d1d26288 Add CVE-2012-2962 : Dell SonicWall Scrutinizer exploit 2012-08-01 15:00:24 -05:00
Matt Andreko 2f7b5f35af Added Sysax 5.64 Create Folder exploit 2012-07-29 10:40:02 -04:00
sinn3r b527356e00 This check can be handy 2012-07-22 03:34:16 -05:00
jvazquez-r7 beb1fbb55d Added module for Simple Web Server Connection header bof 2012-07-21 12:07:36 +02:00
HD Moore 7f3aeca501 Put lipstick on this pig for the time being 2012-07-15 21:35:29 -05:00
sinn3r 24c57b61a8 Add juan as an author too for improving the module a lot 2012-07-06 10:41:06 -05:00
jvazquez-r7 9fecc80459 User of TARGETURI plus improve of description 2012-07-06 15:47:25 +02:00
jvazquez-r7 7751c54a52 references updates 2012-07-06 11:56:03 +02:00
jvazquez-r7 f8ca5b4234 Revision of pull request #562 2012-07-06 11:52:43 +02:00
sinn3r a3d74f5b10 Correct dead milw0rm references 2012-06-30 16:50:04 -05:00
sinn3r e5dd6fc672 Update milw0rm references.
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links.  Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
sinn3r 7c9a8ba699 Add OSVDB reference 2012-06-28 02:09:12 -05:00
sinn3r d85ce8db5c Update CVEs for HTTP exploits 2012-06-28 00:00:53 -05:00
HD Moore 348a0b8f6e Merge branch 'master' into feature/vuln-info 2012-06-24 23:00:13 -05:00
jvazquez-r7 6be7ba98aa ezserver_http: added bid reference 2012-06-20 22:08:58 +02:00
HD Moore f7ecc98923 Merge branch 'master' into feature/vuln-info 2012-06-20 13:34:53 -05:00
HD Moore d40e39b71b Additional exploit fail_with() changes to remove raise calls 2012-06-19 19:43:41 -05:00
Tod Beardsley 3b1c434252 Remove trailing space 2012-06-19 16:44:07 -05:00
HD Moore fb7f6b49f0 This mega-diff adds better error classification to existing modules 2012-06-19 12:59:15 -05:00
sinn3r 4987acc703 Correct e-mail format, description, and some commas. 2012-06-18 18:52:26 -05:00
jvazquez-r7 2df237b066 minor fixes 2012-06-18 22:44:17 +02:00
modpr0be d706199a83 fix all changes suggested by jvazquez-r7 2012-06-19 02:05:25 +07:00
jvazquez-r7 a8a4594cd4 Documenting esi alignment plus using target_uri.to_s 2012-06-16 09:26:22 +02:00
jvazquez-r7 1d121071f3 Prepend nops to raw payload in encoder if needed 2012-06-15 09:59:10 +02:00
jvazquez-r7 091b3bbbd9 Added module plus encoder for CVE-2012-2329 2012-06-15 00:29:52 +02:00
sinn3r a071d2805e Fix the rest of possible nil res bugs I've found 2012-06-04 14:56:27 -05:00
Christian Mehlmauer 3752c10ccf Adding FireFart's RPORT(80) cleanup
This was tested by creating a resource script to load every changed
module and displaying the options, like so:

````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````

...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.

Thanks FireFart!

Squashed commit of the following:

commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date:   Fri May 25 22:09:42 2012 +0200

    Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
sinn3r 18c8314d79 Change unknown authors to "Unknown".
Since "Anonymous" has become a well known organization, the meaning of the
term also may cause confusion.  In order to clarify, we correct unknown
authors to simply "Unknown".
2012-05-26 15:23:09 -05:00
sinn3r 7b0fbaed23 Merge pull request #417 from wchen-r7/rabidhamster
Add OSVDB-79007 - RabidHamster R4 Log Entry BoF
2012-05-25 01:11:17 -07:00
sinn3r d595f908fc Add OSVDB-79007 2012-05-25 03:06:28 -05:00
Tod Beardsley 675dfe4e14 Don't keep the weblogi return codes secret 2012-05-21 11:27:24 -05:00
sinn3r f9bcb95952 Correct EDB references 2012-05-19 02:24:29 -05:00
jvazquez-r7 bedf010676 description modified 2012-05-18 01:23:09 +02:00
jvazquez-r7 e7f5bf132c trying to improve bea weblogic connector bof 2012-05-18 01:13:56 +02:00
sinn3r c0d17734ed Improve run-on sentences. 2012-05-17 15:00:00 -05:00
jvazquez-r7 c4ab521d7b better tab indentation 2012-05-17 21:41:31 +02:00
jvazquez-r7 a21e832336 fingerprinting bea connector with Transfer-Encoding 2012-05-17 19:21:16 +02:00
jvazquez-r7 9a5e4d6500 Added target BEA Weblogic 8.1 SP4 2012-05-17 11:07:22 +02:00
jvazquez-r7 445bd90afb Added module for CVE-2008-3257 2012-05-17 10:28:18 +02:00
Tod Beardsley 65800f7c6e Whitespace on solarwinds 2012-05-09 12:47:22 -05:00
HD Moore f6c88377f4 Fixes #362 by changing the exitfunction arguments to be the correct type 2012-05-07 02:41:08 -05:00
Steve Tornio ba4ae384d7 add osvdb ref 2012-05-05 10:14:07 -05:00
sinn3r d5d35551ab Add EDB reference 2012-05-04 00:11:29 -05:00
sinn3r 25b11a02b5 Update the comment for check() 2012-05-03 20:37:36 -05:00
sinn3r 4bf674ece6 Pff, and of course, I had to make a typo on that one 2012-05-03 20:34:52 -05:00
sinn3r 1a4d3f849c A little change to the description 2012-05-03 20:33:28 -05:00
sinn3r 7ca69f00b0 Add Solarwinds Storage Manager 5.1.0 SQL Injection (code execution) 2012-05-03 20:24:42 -05:00
sinn3r 4c72193922 Fix undefined method `[something]' for nil:NilClass 2012-04-24 01:46:03 -05:00
sinn3r 1e2203867c Repair 'no encoders encoded the buffer successfully' issues 2012-04-16 13:43:25 -05:00
sinn3r 05eba0ab4c Cosmetic changes, mostly :-) 2012-04-07 14:47:23 -05:00
juan 938d5d0a75 added references for cve-2012-1196 2012-04-07 20:22:59 +02:00
juan ee7bce5995 deletion of the ASP script 2012-04-07 20:19:45 +02:00
juan 8761d39190 exploit module added for CVE-2012-1195 2012-04-07 19:04:17 +02:00
Tod Beardsley 2f3bbdc00c Sed replacement of exploit-db links with EDB refs
This is the result of:

find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/\([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
sinn3r ecb1fda682 Add OSVDB-79651: NetDecision 4.5 HTTP Server Buffer Overflow 2012-03-14 05:13:22 -05:00
James Lee 70162fde73 A few more author typos 2012-03-05 13:28:46 -07:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
Tod Beardsley 829040d527 A bunch of msftidy fixes, no functional changes. 2012-02-10 19:44:03 -06:00
Jonathan Cran d9ee43d3dc add disclosure date 2012-01-31 20:38:05 -06:00
sinn3r 064a71fb1d Add CVE-2011-3167 HP OpenView NNM exploit (Feature #6245) 2012-01-18 12:05:18 -06:00
sinn3r 8eee54d1d0 Add e-mail addr for corelanc0d3r (found it in auxiliary/fuzzers/ftp/client_ftp.rb) 2012-01-09 14:23:37 -06:00
David Maloney 9cf2af6a94 Adds exploit/windows/htt/xampp_webdav_upload_php
This exploit abuses weak default passwords on XAMPP
for windows to uplaod a php payload and execute it.

Fixes #2170
2012-01-06 12:00:14 -08:00
Rob Fuller c411c216c0 Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
Patrick Webster f54b622ad3 Added BID ref for amlibweb module. 2011-11-11 12:04:40 +11:00
Wei Chen e767214411 Fix: whitespaces, svn propset, author e-mail format
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 22:02:26 +00:00
Mario Ceballos 0890cca02a much needed patch worked like a champ in my enviroment.
git-svn-id: file:///home/svn/framework3/trunk@14132 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 20:37:30 +00:00
Joshua Drake 32cde1d45a don't use the pattern creator
git-svn-id: file:///home/svn/framework3/trunk@14050 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 19:43:54 +00:00
Wei Chen fa2355a766 Damn comma
git-svn-id: file:///home/svn/framework3/trunk@14048 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 16:42:07 +00:00
Wei Chen 68286561f5 Add #5742
git-svn-id: file:///home/svn/framework3/trunk@14047 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 16:38:02 +00:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
Steve Tornio 27cba3d7ec add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@14020 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-21 11:50:59 +00:00
Wei Chen 06aa776a77 Bleh, fix BID reference
git-svn-id: file:///home/svn/framework3/trunk@14016 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 17:40:21 +00:00
Wei Chen e5f7bfceaf Add HP Power Manager module by ipax, thx!
git-svn-id: file:///home/svn/framework3/trunk@14015 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 17:29:48 +00:00
David Rude 091b9779e2 Add commas
git-svn-id: file:///home/svn/framework3/trunk@14007 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 20:41:09 +00:00
HD Moore e4290e40c4 Fix the check to not report empty user/pass
git-svn-id: file:///home/svn/framework3/trunk@13989 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:10:00 +00:00
Tod Beardsley 3c36b0c975 Msftidy: knocking out all those trailing spaces. Screw those guys.
git-svn-id: file:///home/svn/framework3/trunk@13967 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:49:49 +00:00
HD Moore cf8524b1b4 Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:53:53 +00:00
Tod Beardsley 020abd926b A handful of rankings changes, also converting whitespace.
git-svn-id: file:///home/svn/framework3/trunk@13941 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:58:20 +00:00
Wei Chen 14d7db1641 Add disclosure dates to all the exploit modules that didn't have one
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 21:09:17 +00:00
Wei Chen 2b746b3505 This module never got a ranking, adding one
git-svn-id: file:///home/svn/framework3/trunk@13934 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:07:59 +00:00
James Lee 6578874439 don't bother escaping a tick
git-svn-id: file:///home/svn/framework3/trunk@13887 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 01:45:10 +00:00
Steve Tornio 93f8d73b0c add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@13810 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-02 17:03:23 +00:00
Mario Ceballos 711bfa7d53 initial coverage for ca total defense sqli
git-svn-id: file:///home/svn/framework3/trunk@13809 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-02 15:53:44 +00:00
Mario Ceballos 6f28911d3d added patch from joshua taylor.
git-svn-id: file:///home/svn/framework3/trunk@13698 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-06 19:58:40 +00:00
Wei Chen 44ba7e80d5 This module still works against 2.5 (most current as of Sept 2 2011)
git-svn-id: file:///home/svn/framework3/trunk@13688 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 04:52:04 +00:00
Mario Ceballos aef764de08 working on moving things referenced in Feature #653. added different param for secure backup
git-svn-id: file:///home/svn/framework3/trunk@13591 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 18:35:29 +00:00
Wei Chen 950a4215a0 Fix a problem where resp.index() might return nil
git-svn-id: file:///home/svn/framework3/trunk@13521 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 09:03:19 +00:00
Wei Chen a0168d59a8 Minor fix to comply with the 100 columns per line guideline
git-svn-id: file:///home/svn/framework3/trunk@13467 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 21:20:29 +00:00
David Rude bee7fba3c8 Small typo fix and some minor formatting
git-svn-id: file:///home/svn/framework3/trunk@13466 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 19:34:01 +00:00
David Rude 118ca372b3 adding CA Arcserve D2D GWT Credential Information Disclosure module
git-svn-id: file:///home/svn/framework3/trunk@13465 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 14:40:52 +00:00
Wei Chen 6fc59d5287 Fill in BID reference
git-svn-id: file:///home/svn/framework3/trunk@13330 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:42:40 +00:00
Wei Chen f47a2c7565 Format dictatorship round 2: Fix author e-mail format for all exploit modules
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 20:17:58 +00:00
Wei Chen 681563adc9 Fix that extra tab in the description
git-svn-id: file:///home/svn/framework3/trunk@13194 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 05:21:20 +00:00
Wei Chen 2e93ba06ba Add HP NNM ToolBar.exe exploit aganist the OvOSLocale cookie parameter
git-svn-id: file:///home/svn/framework3/trunk@13193 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 05:14:33 +00:00
Wei Chen 86b40e894b Make room for another exploit against ToolBar.exe
git-svn-id: file:///home/svn/framework3/trunk@13192 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 04:45:21 +00:00
Wei Chen 5b69b52ec4 "InitialAutoRunScript" is more like it
git-svn-id: file:///home/svn/framework3/trunk@13142 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 07:28:12 +00:00
HD Moore d11e1f3294 Make all keywords consistent for modules.
git-svn-id: file:///home/svn/framework3/trunk@12936 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-13 03:38:31 +00:00
David Rude 04d280fdd0 minor fixes
git-svn-id: file:///home/svn/framework3/trunk@12925 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 00:04:55 +00:00
David Rude ee7454c5e6 Added IBM Tivoli Endpoint Manager HTTP POST query buffer overflow exploit
git-svn-id: file:///home/svn/framework3/trunk@12922 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 23:48:18 +00:00
David Rude a8b6c43636 reverting the disclosure dates for now need to clean up the patch
git-svn-id: file:///home/svn/framework3/trunk@12540 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 20:43:19 +00:00
David Rude 3b7ea08f6a Fixes a ton of Disclosure Date discrepencies in various modules, thanks a ton to Michael Baker for spending the time to ensure accuracy
git-svn-id: file:///home/svn/framework3/trunk@12539 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:17:31 +00:00
Patrick Webster e9e8026832 Fixed author name in modules for myself.
git-svn-id: file:///home/svn/framework3/trunk@12292 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 02:25:36 +00:00
David Rude 82f5206bc7 change the filename to reflect the vendor
git-svn-id: file:///home/svn/framework3/trunk@12281 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 14:06:10 +00:00
David Rude 53790c1afb Change Vendor name, forgot one target uri fixup
git-svn-id: file:///home/svn/framework3/trunk@12275 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 23:31:12 +00:00
David Rude 892e241853 Added Netflow Apps Manager Remote Code Execution exploit
git-svn-id: file:///home/svn/framework3/trunk@12272 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 21:01:34 +00:00
Wei Chen 904b02c44f Need to track who committed what
git-svn-id: file:///home/svn/framework3/trunk@12271 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 21:01:20 +00:00
Steve Tornio 5b79e6b4ec add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@12132 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 11:28:57 +00:00
Mario Ceballos c162c0f429 added exploit module hp_nnm_getnnmdata_hostname.rb. now 49 on the list.
git-svn-id: file:///home/svn/framework3/trunk@12131 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 00:46:59 +00:00
Wei Chen aa24f29a03 Fixed nops
git-svn-id: file:///home/svn/framework3/trunk@12124 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 13:51:13 +00:00
Wei Chen c9eef9ffe5 Fixed typo
git-svn-id: file:///home/svn/framework3/trunk@12123 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 13:31:58 +00:00
Wei Chen a05866385f Added target 7.50, provided by MC
git-svn-id: file:///home/svn/framework3/trunk@12122 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 02:48:04 +00:00
Steve Tornio d9dd2a3058 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@12121 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 00:49:33 +00:00
Mario Ceballos 342d55ac00 heh, a couple for the hp_nnm party. add exploit modules hp_nnm_getnnmdata_icount.rb hp_nnm_getnnmdata_maxage.rb
git-svn-id: file:///home/svn/framework3/trunk@12117 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 21:57:16 +00:00
Wei Chen 1a42a87a65 Added 2011-0267 (exploiting "schdParams" of HP NNM's nnmRptConfig.exe)
git-svn-id: file:///home/svn/framework3/trunk@12116 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 21:35:13 +00:00
Joshua Drake 6fa39eb32c merge my work on cve-2010-2703
git-svn-id: file:///home/svn/framework3/trunk@12101 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 16:04:45 +00:00
Joshua Drake efd7b84cc5 change rank / add http fingerprint
git-svn-id: file:///home/svn/framework3/trunk@12100 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 16:02:53 +00:00
Joshua Drake dd5e7f9286 merge in my wacky cve-2010-2709 work
git-svn-id: file:///home/svn/framework3/trunk@12099 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:55:52 +00:00
Joshua Drake 1460d161da add exploit for cve-2010-1552
git-svn-id: file:///home/svn/framework3/trunk@12098 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:47:20 +00:00
Joshua Drake 11e442ed47 add exploit for cve-2010-1964
git-svn-id: file:///home/svn/framework3/trunk@12097 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:45:48 +00:00
Joshua Drake 6920376237 add exploit for cve-2010-1961
git-svn-id: file:///home/svn/framework3/trunk@12096 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:44:55 +00:00
Joshua Drake 46cd08e1aa add exploit for cve-2010-1960
git-svn-id: file:///home/svn/framework3/trunk@12095 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:43:25 +00:00
Wei Chen 422e5ae7b1 gone.
git-svn-id: file:///home/svn/framework3/trunk@12088 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 03:45:01 +00:00
Wei Chen c8ca48388d filenamed fix
git-svn-id: file:///home/svn/framework3/trunk@12085 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 03:37:18 +00:00
Wei Chen 1a34d81aab Added CVE-2010-2703
git-svn-id: file:///home/svn/framework3/trunk@12083 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 03:23:06 +00:00
Wei Chen 92d52daea8 Added NNM webappmon.exe OvJavaLocale overflow
git-svn-id: file:///home/svn/framework3/trunk@12082 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 03:21:56 +00:00
Wei Chen 74e0d2f43e Added HP NNM nnmRptConfig nameParams overflow
git-svn-id: file:///home/svn/framework3/trunk@12081 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 03:20:24 +00:00
Mario Ceballos dfd2df6b47 puts this in the appropiate place
git-svn-id: file:///home/svn/framework3/trunk@11987 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 10:22:07 +00:00
Steve Tornio 78d4822d27 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11986 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 10:15:54 +00:00
Mario Ceballos 6d3d0adf93 added exploit module coldfusion_traversal.rb from webDEViL
git-svn-id: file:///home/svn/framework3/trunk@11974 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 01:38:16 +00:00
Steve Tornio abcce881b2 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@11969 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 21:56:11 +00:00
Mario Ceballos 8189a1f7a9 added exploit module hp_openview_insight_backdoor.rb
git-svn-id: file:///home/svn/framework3/trunk@11968 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-15 21:22:07 +00:00
Wei Chen ed6f8b5a78 Updated: Made a slight adjustment to the code format
git-svn-id: file:///home/svn/framework3/trunk@11945 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-13 07:27:19 +00:00
Wei Chen 74aab1efe4 Added mr_me's kolibri web server head buffer overflow
git-svn-id: file:///home/svn/framework3/trunk@11944 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-13 07:18:36 +00:00
Joshua Drake 6a5ebf2d91 fix nil access
git-svn-id: file:///home/svn/framework3/trunk@11344 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-15 19:49:40 +00:00
Joshua Drake e9faf75503 fix some more titles with periods
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:35:38 +00:00
James Lee 669ef3b86e clarify targets
git-svn-id: file:///home/svn/framework3/trunk@11099 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 17:53:49 +00:00
Joshua Drake 32c26f18f3 style compliance fixes, set test exploits to manual rank, fix s/ranking/rank/ in some exploits
git-svn-id: file:///home/svn/framework3/trunk@11039 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-14 19:03:24 +00:00
James Lee 326dc42bca add EncodedPayload#encoded_exe, encoded_jar, and encoded_war. simplifies exploits that need java and native payloads. see #406 and #3009
git-svn-id: file:///home/svn/framework3/trunk@10999 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 23:01:35 +00:00
Joshua Drake 3992eb7ef8 Mass RE-update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:43:22 +00:00
Joshua Drake 9fc6f2f3a3 Mass update: fix all framework URL references
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
Joshua Drake dee671318e style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10895 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 02:54:16 +00:00
Patrick Webster b97cbff5af Added webster_http exploit module.
git-svn-id: file:///home/svn/framework3/trunk@10887 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-03 12:19:19 +00:00
Steve Tornio d79bbd8440 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@10886 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-03 11:17:25 +00:00
Mario Ceballos 45fd14417c removed. worked fine under IIS 6.0
git-svn-id: file:///home/svn/framework3/trunk@10874 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-02 23:51:17 +00:00
Mario Ceballos b12d03b7c4 add exploit module coldfusion_fckeditor.rb
git-svn-id: file:///home/svn/framework3/trunk@10865 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-02 20:13:36 +00:00
Joshua Drake 04858c69fc style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@10758 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-19 22:54:19 +00:00
Joshua Drake 8a17803279 add exploit for ZDI-10-190
git-svn-id: file:///home/svn/framework3/trunk@10726 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-18 07:05:22 +00:00
Joshua Drake f3f7b1dc83 fix typo
git-svn-id: file:///home/svn/framework3/trunk@10725 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-18 07:04:57 +00:00
Joshua Drake e0e4aebcc1 fix a few stack bof vulnerability descriptions
git-svn-id: file:///home/svn/framework3/trunk@10660 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-12 18:39:21 +00:00
Joshua Drake dd2d7d3864 fix fingerprint bug
git-svn-id: file:///home/svn/framework3/trunk@10546 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 20:53:51 +00:00
Joshua Drake bd1eeb3722 rework to_jsp_war a bit, fix uses, default msfencode -t war to x86/win32
git-svn-id: file:///home/svn/framework3/trunk@10397 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 15:59:46 +00:00
Joshua Drake 4590844871 tons of indentation fixes, some other style tweaks
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
Steve Tornio bceca3832b add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@10284 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-10 12:18:27 +00:00
Joshua Drake 7d3e892ad3 lol, how did those lines survive
git-svn-id: file:///home/svn/framework3/trunk@10283 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-10 06:37:41 +00:00
Joshua Drake 2d145aef6a add exploit for Integard from the Corelan Team
git-svn-id: file:///home/svn/framework3/trunk@10281 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-09 23:33:28 +00:00
Joshua Drake 330281eadd see #684, adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues
git-svn-id: file:///home/svn/framework3/trunk@10150 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 20:55:37 +00:00
Joshua Drake 2aad6188d7 add ws2ord payload compat
git-svn-id: file:///home/svn/framework3/trunk@10024 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-17 01:35:03 +00:00
Mario Ceballos 18f8624a47 fix from Brennon Thomas.
git-svn-id: file:///home/svn/framework3/trunk@9966 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-06 20:12:51 +00:00
Joshua Drake b473cda7d9 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@9953 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-03 16:17:43 +00:00
Steve Tornio 8ccc8a290e add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@9949 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-03 12:04:42 +00:00
Patrick Webster 6f5040412b Added exploit module amlibweb_webquerydll_app.
git-svn-id: file:///home/svn/framework3/trunk@9948 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-03 09:07:09 +00:00
Steve Tornio 580eb5aaac add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@9936 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-27 03:14:46 +00:00
Joshua Drake a31e133e80 add 3 easy ftp server exploits, 1 chemview activex
git-svn-id: file:///home/svn/framework3/trunk@9935 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-27 02:25:15 +00:00
Joshua Drake 73ef3db468 fix statement order, lol
git-svn-id: file:///home/svn/framework3/trunk@9934 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-26 23:22:42 +00:00
Joshua Drake f6033b9bd6 change some print_status to print_error, rename a few msft modules using msb convention
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 21:37:54 +00:00
Joshua Drake d07e613504 style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@9842 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-16 02:33:25 +00:00
Joshua Drake ccd4416b5f add another httpfingerprint, thx again mc
git-svn-id: file:///home/svn/framework3/trunk@9820 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-14 13:59:38 +00:00
Joshua Drake edb593987a add more http fingerprints, thx mc
git-svn-id: file:///home/svn/framework3/trunk@9818 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-14 00:02:21 +00:00
Mario Ceballos 21babc2bfa updated due to reliability. all payloads work now.
git-svn-id: file:///home/svn/framework3/trunk@9814 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 22:38:44 +00:00
Joshua Drake 6d23204c6f add more http fingerprints
git-svn-id: file:///home/svn/framework3/trunk@9812 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 22:11:40 +00:00
Joshua Drake 16ff17c9d1 add more http fingerprints -- thx mc
git-svn-id: file:///home/svn/framework3/trunk@9797 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-12 23:25:31 +00:00
Joshua Drake c1f74794eb style compliance fixes
git-svn-id: file:///home/svn/framework3/trunk@9744 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-08 23:34:50 +00:00
Joshua Drake 663b863b6d http fingerprint checking update
git-svn-id: file:///home/svn/framework3/trunk@9719 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 17:38:59 +00:00
Joshua Drake 389259c5d4 reworked module significantly, updated for latest installer from badblue.com, added http_fingerprint
git-svn-id: file:///home/svn/framework3/trunk@9705 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 06:54:20 +00:00
Joshua Drake 163d273dff convert module to HttpClient, check fingerprint -- untested
git-svn-id: file:///home/svn/framework3/trunk@9704 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 01:43:12 +00:00
Joshua Drake dfce4901fe change error message
git-svn-id: file:///home/svn/framework3/trunk@9703 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 01:34:11 +00:00
Joshua Drake a018149278 check fingerprint first
git-svn-id: file:///home/svn/framework3/trunk@9701 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 01:33:03 +00:00
Joshua Drake 81cce81969 convert modules to HttpClient, use http_fingerprint
git-svn-id: file:///home/svn/framework3/trunk@9700 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 01:22:26 +00:00
Joshua Drake ac267c5856 minor tweaks
git-svn-id: file:///home/svn/framework3/trunk@9697 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 22:15:16 +00:00
Joshua Drake 8c0e5fdf73 fix references, whitespace
git-svn-id: file:///home/svn/framework3/trunk@9696 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 21:59:16 +00:00
Joshua Drake e5bf3301fb note ORD recommendation
git-svn-id: file:///home/svn/framework3/trunk@9695 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 21:58:57 +00:00
Joshua Drake 11bb8dee28 convert to httpclient module, use fingerprint
git-svn-id: file:///home/svn/framework3/trunk@9694 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 21:54:58 +00:00
Joshua Drake c7f5ba801c add lots of disclosure dates from OSVDB (missed a few)
git-svn-id: file:///home/svn/framework3/trunk@9670 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 03:19:07 +00:00
Joshua Drake 7d945ed9dc add lots of disclosure dates from OSVDB
git-svn-id: file:///home/svn/framework3/trunk@9669 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 03:13:45 +00:00
Joshua Drake f6f954a18c add missing CVE/OSVDB references, plenty still missing *wink wink*
git-svn-id: file:///home/svn/framework3/trunk@9659 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-02 00:10:51 +00:00
Joshua Drake 0882838491 ensure binary mode when opening files, whitespace fixes
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 23:33:07 +00:00
Joshua Drake b9a4105786 see #1000, remove encoder in favor of auto-selection
git-svn-id: file:///home/svn/framework3/trunk@9648 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 21:35:10 +00:00
Joshua Drake bfaa9a9a6f modify badchars, minor cleanups, fixes #1000
git-svn-id: file:///home/svn/framework3/trunk@9647 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 21:31:51 +00:00
Joshua Drake 12fbdcd878 add http_fingerprint calls to modules that use various headers
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 20:53:12 +00:00
Tod Beardsley 9d46383040 Fixes #2134. Subs select for sleep in exploit modules.
git-svn-id: file:///home/svn/framework3/trunk@9583 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-22 19:11:05 +00:00
Joshua Drake fa505a4069 various fixes, mostly consistency changes to disclosure dates
git-svn-id: file:///home/svn/framework3/trunk@9525 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-15 07:18:08 +00:00
Joshua Drake e32abab8dc a HTTP -> an HTTP (http://www.english-zone.com/grammar/a-anlessn.html)
git-svn-id: file:///home/svn/framework3/trunk@9488 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 16:12:05 +00:00
Joshua Drake f0c82d8646 add svn keywords
git-svn-id: file:///home/svn/framework3/trunk@9430 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 16:34:37 +00:00
Mario Ceballos 167e4289c4 put it back. will not play with svn for a month.
git-svn-id: file:///home/svn/framework3/trunk@9425 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 14:55:51 +00:00
Mario Ceballos c5925ca37e oops, not yet.
git-svn-id: file:///home/svn/framework3/trunk@9424 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 14:48:15 +00:00
Mario Ceballos 2444978286 remove it
git-svn-id: file:///home/svn/framework3/trunk@9423 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 14:46:22 +00:00
Mario Ceballos 2f8c342b54 added initial coverage for BID-39114
git-svn-id: file:///home/svn/framework3/trunk@9419 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-04 13:36:29 +00:00
Joshua Drake e5d73387e6 guess at what this address is
git-svn-id: file:///home/svn/framework3/trunk@9336 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 00:38:27 +00:00
Steve Tornio 365f13551b added refs. I think all the auxiliary and exploit modules should now be covered.
git-svn-id: file:///home/svn/framework3/trunk@9298 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-13 16:53:50 +00:00
Joshua Drake 128e0515ef stop perpetuating the ambiguity!
git-svn-id: file:///home/svn/framework3/trunk@9262 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-09 17:45:00 +00:00
Joshua Drake 0e72894e58 more cleanups
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-03 17:13:09 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 08:40:19 +00:00
HD Moore ee4528ed86 Fix negative timeouts
git-svn-id: file:///home/svn/framework3/trunk@9048 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-11 13:26:50 +00:00
Joshua Drake eb003518ce add auto_target to apache_chunked exploit - should reduce run duration in most cases
git-svn-id: file:///home/svn/framework3/trunk@8980 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 16:26:01 +00:00
Steve Tornio 970efbc628 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8971 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 11:27:56 +00:00
Mario Ceballos f10d0fbb41 added exploit module hp_nnm_ovwebhelp.rb
git-svn-id: file:///home/svn/framework3/trunk@8969 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 00:47:31 +00:00
Joshua Drake 3dc30aeed6 minor whitespace change
git-svn-id: file:///home/svn/framework3/trunk@8934 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 01:30:40 +00:00
Joshua Drake b419a40c45 finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
also some minor cleanups here and there

git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:58:01 +00:00
Joshua Drake 1faec528de fix InitAutoRunScript -> InitialAutoRunScript
git-svn-id: file:///home/svn/framework3/trunk@8582 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 17:52:19 +00:00
HD Moore 32357b1f64 Skip the debugging target for automatic mode
git-svn-id: file:///home/svn/framework3/trunk@8499 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 01:02:12 +00:00
HD Moore 5d7139ad6f Various module cleanups
git-svn-id: file:///home/svn/framework3/trunk@8498 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 00:48:03 +00:00
Patrick Webster ee4fd8c75d Ported sambar6_search_results from v2.
git-svn-id: file:///home/svn/framework3/trunk@8480 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 20:15:19 +00:00
HD Moore 3fe41a0d94 Fix a small typo
git-svn-id: file:///home/svn/framework3/trunk@8463 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 14:44:23 +00:00
Joshua Drake a772bc2c85 minor cleanups
git-svn-id: file:///home/svn/framework3/trunk@8395 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 21:42:12 +00:00
Joshua Drake c514c2274b typo, fixes #786, see also r8315
git-svn-id: file:///home/svn/framework3/trunk@8316 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 01:06:06 +00:00
Joshua Drake 53fd14c9c0 updated description, added PATH variable
git-svn-id: file:///home/svn/framework3/trunk@8315 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 01:04:23 +00:00
Joshua Drake 87adb7714f fixed whitespace
git-svn-id: file:///home/svn/framework3/trunk@8219 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-25 04:52:49 +00:00
Joshua Drake 14862e0106 added another target
git-svn-id: file:///home/svn/framework3/trunk@8204 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 21:43:40 +00:00
Joshua Drake 6fd20d411f add exploit module for cve-2009-4179
git-svn-id: file:///home/svn/framework3/trunk@8192 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 05:52:53 +00:00
Joshua Drake 45a9d50d0d add exploit module for CVE-2008-4193
git-svn-id: file:///home/svn/framework3/trunk@8010 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 20:38:50 +00:00
HD Moore d0969746a4 Mostly cosmetic changes from local tree
git-svn-id: file:///home/svn/framework3/trunk@7970 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-26 03:31:20 +00:00
Joshua Drake 1e6c9bef74 fix uri for check/detect
git-svn-id: file:///home/svn/framework3/trunk@7942 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 23:10:38 +00:00
Joshua Drake d0098095a4 hopefully resolved some hang issues
git-svn-id: file:///home/svn/framework3/trunk@7939 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 22:57:36 +00:00
Joshua Drake 9afb67aa5f removed exit call
git-svn-id: file:///home/svn/framework3/trunk@7936 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 22:10:18 +00:00
Joshua Drake 5830e359b6 corrected "privileged" flag
git-svn-id: file:///home/svn/framework3/trunk@7932 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 18:18:18 +00:00
Joshua Drake 6a1f43b3df rename again :)
git-svn-id: file:///home/svn/framework3/trunk@7920 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:09:03 +00:00
Joshua Drake 7ef085f9b2 resolved conflict, attempt #2 to rename
git-svn-id: file:///home/svn/framework3/trunk@7919 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:08:41 +00:00
Joshua Drake 8f7c820ac9 renamed module
git-svn-id: file:///home/svn/framework3/trunk@7918 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 01:04:03 +00:00
Mario Ceballos de84d7e989 updated badchars and removed alphnumeric encoding.
git-svn-id: file:///home/svn/framework3/trunk@7916 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-19 00:08:32 +00:00
HD Moore 80fa601a2c Fixes #667. Automigrates this to avoid timer
git-svn-id: file:///home/svn/framework3/trunk@7905 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 06:02:34 +00:00
James Lee 2570fcee15 get rid of some more ^Ms
git-svn-id: file:///home/svn/framework3/trunk@7880 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 18:47:29 +00:00
Joshua Drake f3a0bbc6d6 rename to make a bit more sense
git-svn-id: file:///home/svn/framework3/trunk@7875 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 06:05:30 +00:00
Joshua Drake 2c88e2eb62 rename to make a bit more sense
git-svn-id: file:///home/svn/framework3/trunk@7874 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 05:41:29 +00:00
Joshua Drake d5eb4d8217 add svn:keywords property
git-svn-id: file:///home/svn/framework3/trunk@7869 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 02:08:43 +00:00
Joshua Drake 8a95baa810 add exploit module for cve-2008-1697 from bannedit/muts
git-svn-id: file:///home/svn/framework3/trunk@7868 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-15 00:32:42 +00:00
HD Moore 837c70715d Reference updates from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7854 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 20:09:46 +00:00
Mario Ceballos ea0a1eea7d add ranking...
git-svn-id: file:///home/svn/framework3/trunk@7833 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-12 20:14:24 +00:00
Mario Ceballos 002b043d4c added exploit module hp_nnm_snmp.rb
git-svn-id: file:///home/svn/framework3/trunk@7832 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-12 20:06:14 +00:00
Joshua Drake bfa405cb2b add exploit module for cve-2009-0133
git-svn-id: file:///home/svn/framework3/trunk@7754 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-08 19:50:00 +00:00
Joshua Drake ff83f1cd2f add ranking to every exploit module, pfew!
git-svn-id: file:///home/svn/framework3/trunk@7724 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 05:50:37 +00:00
Joshua Drake 576d55f821 added some missing CVE references
git-svn-id: file:///home/svn/framework3/trunk@7719 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-06 02:30:42 +00:00
Joshua Drake b8302e6f61 changed default target
git-svn-id: file:///home/svn/framework3/trunk@7675 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-03 00:04:33 +00:00
Joshua Drake b9a97f310e fixed typo in targets
git-svn-id: file:///home/svn/framework3/trunk@7674 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 23:50:09 +00:00
Mario Ceballos faa27f93b9 updated with the bid id
git-svn-id: file:///home/svn/framework3/trunk@7669 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-02 12:20:40 +00:00
Joshua Drake b48e5d34e7 added svn keywords
git-svn-id: file:///home/svn/framework3/trunk@7660 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 20:36:55 +00:00
HD Moore b0403cfde2 OSVDB references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7658 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-01 16:44:25 +00:00
Joshua Drake ec45ea8c22 minor cleanups, removed 0day text, Fixes #573
git-svn-id: file:///home/svn/framework3/trunk@7646 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-30 18:42:00 +00:00
Mario Ceballos 09cb98678f added exploit module intersystems_cache.rb
git-svn-id: file:///home/svn/framework3/trunk@7631 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-28 15:26:21 +00:00
Patrick Webster f2d998d514 Added check support.
git-svn-id: file:///home/svn/framework3/trunk@7585 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-23 07:37:54 +00:00
Joshua Drake b54a7aa1d3 confirmed SEH target works on Windows XP SP3
git-svn-id: file:///home/svn/framework3/trunk@7576 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-21 17:44:09 +00:00
Joshua Drake f767129e61 fixed some typos, thx mubix!
git-svn-id: file:///home/svn/framework3/trunk@7569 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-19 03:36:02 +00:00
Joshua Drake 5bbbafefa2 osvdb reference update from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7565 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 04:16:10 +00:00
Joshua Drake c2bcad1f4c add exploit http version
git-svn-id: file:///home/svn/framework3/trunk@7563 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-18 02:29:37 +00:00
Joshua Drake 447e208abf add httpdx handlepeer() exploit (cve-2009-3711)
git-svn-id: file:///home/svn/framework3/trunk@7557 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 22:29:20 +00:00
HD Moore 61e233df91 Keywords on all modules, plugins, and scripts
git-svn-id: file:///home/svn/framework3/trunk@7550 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-17 00:05:19 +00:00
James Lee 10e897b94f make sure we got a response before trying to pull headers out of it. see #519
git-svn-id: file:///home/svn/framework3/trunk@7541 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-16 19:00:16 +00:00
HD Moore 6deb2fe58e windows 2000 target via anonymous submission
git-svn-id: file:///home/svn/framework3/trunk@7454 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 20:03:57 +00:00
Joshua Drake 434ee654b4 minor tweaks
git-svn-id: file:///home/svn/framework3/trunk@7429 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 19:31:11 +00:00
Joshua Drake 55c32f8bb1 miscellanous cleanups and minimized
git-svn-id: file:///home/svn/framework3/trunk@7421 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 05:55:50 +00:00
Joshua Drake 0e2c8f4894 StackAdjustment or Prepend, not both :)
git-svn-id: file:///home/svn/framework3/trunk@7418 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 04:31:02 +00:00
Joshua Drake b07d997787 initial commit, randomization to come
git-svn-id: file:///home/svn/framework3/trunk@7417 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-09 04:27:30 +00:00
et 7b832b9d3e Wmap checking for vulnerabilities and launching exploits
git-svn-id: file:///home/svn/framework3/trunk@7399 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-07 21:55:33 +00:00
Mario Ceballos c3dd1698fc added exploit module hp_power_manager_login.rb
git-svn-id: file:///home/svn/framework3/trunk@7371 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-06 01:31:17 +00:00
et 20be000d47 Wmap able to load exploits and check for vulnerabilities. Next step exploit if vulnerable
git-svn-id: file:///home/svn/framework3/trunk@7302 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-29 03:16:27 +00:00
HD Moore e3f68f2639 Another large number of warnings fixed by Yoann Guillot
git-svn-id: file:///home/svn/framework3/trunk@7248 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-25 17:18:23 +00:00
HD Moore a0fbc2914f Remove the milw0rm references, as the links are no longer valid.
git-svn-id: file:///home/svn/framework3/trunk@7237 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-24 18:13:07 +00:00
HD Moore d3aa513773 Fixes #339. Cleans up author names for the most part - there are still some stragglers, but this should fix up the frequent contributors
git-svn-id: file:///home/svn/framework3/trunk@7173 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-17 05:55:15 +00:00
HD Moore 26db223636 OSVDB reference update from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7149 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-12 14:39:51 +00:00
Mario Ceballos 9509872b4f fixed disclosure date and removed cmd residue.
git-svn-id: file:///home/svn/framework3/trunk@7079 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-28 00:24:18 +00:00
Stephen Fewer 53b0709a64 commit MC's patch to remove the unused 'req' string.
git-svn-id: file:///home/svn/framework3/trunk@7074 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-27 19:07:43 +00:00
Stephen Fewer c9efd2428c add MC's module for the Adobe RoboHelp server vuln.
git-svn-id: file:///home/svn/framework3/trunk@7072 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-27 18:38:48 +00:00
James Lee 9ace8f33eb OSVDB references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@7030 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-12 04:22:58 +00:00
HD Moore 876a80f601 Updated osvdb references from Steve Tornio, updated capture/eth_spoof modules
git-svn-id: file:///home/svn/framework3/trunk@6907 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-27 14:05:23 +00:00
HD Moore f8c2a203fd OSVDB references updates from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@6812 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-16 16:02:24 +00:00
Patrick Webster a4e0c88a1b Added MDaemon WorldClient Form2Raw.cgi exploit module.
git-svn-id: file:///home/svn/framework3/trunk@6736 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-03 01:26:21 +00:00
HD Moore a5f567e76e Massive OSVDB reference update from Steve Tornio.
git-svn-id: file:///home/svn/framework3/trunk@6629 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-07 20:20:42 +00:00
HD Moore 92d242cc2f osvdb references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@6568 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-19 13:20:32 +00:00
HD Moore 9d8581a17e More osvdb references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@6550 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-13 17:39:42 +00:00
HD Moore 0981295879 More osvdb references from Steve Tornio
git-svn-id: file:///home/svn/framework3/trunk@6547 4d416f70-5f16-0410-b530-b9f4589650da
2009-05-12 19:56:54 +00:00
kris 37c2e301ed replacing defunct framework URL in header comments in most modules and pcap_log
git-svn-id: file:///home/svn/framework3/trunk@6479 4d416f70-5f16-0410-b530-b9f4589650da
2009-04-13 14:33:26 +00:00
HD Moore 86bc12940a Fix tabstops for weblogic module
git-svn-id: file:///home/svn/framework3/trunk@6405 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-28 06:00:23 +00:00
pusscat 41960b0300 Add jsessionid exploit
git-svn-id: file:///home/svn/framework3/trunk@6399 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-27 19:03:39 +00:00
kris 804ff61df6 big svn:keywords run
git-svn-id: file:///home/svn/framework3/trunk@6345 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-15 18:12:33 +00:00
Mario Ceballos f7dafe0156 added exploit module belkin_bulldog.rb.
git-svn-id: file:///home/svn/framework3/trunk@6334 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-11 22:33:51 +00:00
Patrick Webster 7209271870 Added exploit module apache_mod_rewrite_ldap.
git-svn-id: file:///home/svn/framework3/trunk@6327 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-10 06:42:11 +00:00
Patrick Webster a71b3e8c22 Added exploit module efs_easychatserver_username from LSO.
git-svn-id: file:///home/svn/framework3/trunk@6280 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-02 06:57:00 +00:00
Patrick Webster c902c035aa Typo in vendor name. Steamcast.
git-svn-id: file:///home/svn/framework3/trunk@6255 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-25 11:50:24 +00:00
Patrick Webster 415b4c2593 Added exploit module streamcast_useragent.rb from LSO.
git-svn-id: file:///home/svn/framework3/trunk@6254 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-25 11:35:36 +00:00
Mario Ceballos 092db8229c added exploit module fdm_auth_header.rb
git-svn-id: file:///home/svn/framework3/trunk@6205 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-02 18:27:36 +00:00
Mario Ceballos 9637e98cc4 added exploit module hp_nnm_toolbar.rb
git-svn-id: file:///home/svn/framework3/trunk@6167 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-19 23:07:28 +00:00
Ramon de C Valle c66d6c4e46 Set property 'svn:keywords'
git-svn-id: file:///home/svn/framework3/trunk@5783 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-23 02:43:21 +00:00
pusscat 16612cacba Rename
git-svn-id: file:///home/svn/framework3/trunk@5778 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-22 17:51:12 +00:00
pusscat 822234771f Initial import of the bea oracle weblogic apache plugin
git-svn-id: file:///home/svn/framework3/trunk@5777 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-22 17:44:57 +00:00
Ramon de C Valle f124597a56 Code cleanups
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 21:03:39 +00:00
HD Moore fd256ec4a1 This massive commit changes the metasploit 3 module format. The new syntax allows for greater scalability and future improvements to the metasploit module loader. This change also makes it easier for users to add new modules, since the class name no longer needs to match the directory structure.
git-svn-id: file:///home/svn/framework3/trunk@5709 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-02 05:23:59 +00:00
HD Moore b0225127cf Patch for Ruby 1.9 compat (not there yet)
git-svn-id: file:///home/svn/framework3/trunk@5674 4d416f70-5f16-0410-b530-b9f4589650da
2008-09-22 15:52:18 +00:00
Mario Ceballos 33afd40526 added exploit module nowsms.rb
git-svn-id: file:///home/svn/framework3/trunk@5626 4d416f70-5f16-0410-b530-b9f4589650da
2008-08-11 23:48:45 +00:00
pusscat 2327063569 Added a fix
git-svn-id: file:///home/svn/framework3/trunk@5509 4d416f70-5f16-0410-b530-b9f4589650da
2008-05-20 20:55:01 +00:00
HD Moore 82330fff7e Importing two new wireless DoS modules, setting svn:keywords flags where needed.
git-svn-id: file:///home/svn/framework3/trunk@5482 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-21 05:27:06 +00:00
Patrick Webster 48957744d9 Added exploit module ca_igateway_debug
git-svn-id: file:///home/svn/framework3/trunk@5473 4d416f70-5f16-0410-b530-b9f4589650da
2008-04-14 14:14:23 +00:00
Mario Ceballos ffe2fa80d9 added exploit module badblue_passthru.rb.
git-svn-id: file:///home/svn/framework3/trunk@5412 4d416f70-5f16-0410-b530-b9f4589650da
2008-02-11 15:18:22 +00:00
HD Moore 9b6b0990b1 Correct the cve reference format
git-svn-id: file:///home/svn/framework3/trunk@5364 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-27 02:13:54 +00:00
Mario Ceballos 22655fb651 added default RPORT.
git-svn-id: file:///home/svn/framework3/trunk@5269 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-06 14:46:01 +00:00
Mario Ceballos 8393f4fc38 added exploit module hp_nnm.rb.
git-svn-id: file:///home/svn/framework3/trunk@5219 4d416f70-5f16-0410-b530-b9f4589650da
2007-12-17 23:47:14 +00:00
Patrick Webster d59235fe22 Fixed typo
git-svn-id: file:///home/svn/framework3/trunk@5188 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-30 13:32:59 +00:00
Mario Ceballos 96c56ab760 added exploit module ibm_tsm_cad.rb
git-svn-id: file:///home/svn/framework3/trunk@5185 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-27 23:48:34 +00:00
Patrick Webster 6130f7ed23 Rewrote exploit module mcafee_epolicy_source.
git-svn-id: file:///home/svn/framework3/trunk@5142 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-10 16:56:30 +00:00
Patrick Webster 90c54f45de Added exploit module tftpdwin, fixed tabs and name for savant module.
git-svn-id: file:///home/svn/framework3/trunk@5134 4d416f70-5f16-0410-b530-b9f4589650da
2007-10-03 12:17:37 +00:00
Patrick Webster e6a7184cf8 Fixed tab indents.
git-svn-id: file:///home/svn/framework3/trunk@5127 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-30 00:05:10 +00:00
Patrick Webster 3c6e385c17 Added Xitami module.
git-svn-id: file:///home/svn/framework3/trunk@5125 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-29 04:30:59 +00:00
HD Moore 06ab097c34 New module from Patrick
git-svn-id: file:///home/svn/framework3/trunk@5115 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-24 13:55:30 +00:00
HD Moore 4e666aca1c Updates from Patrick
git-svn-id: file:///home/svn/framework3/trunk@5103 4d416f70-5f16-0410-b530-b9f4589650da
2007-09-13 14:02:16 +00:00