root
a8ef3417b5
Fixed the date
2012-01-12 20:54:55 -06:00
Sam Sharps
e75e23b963
Removed more unused variables and fixed some formatting
2012-01-12 18:13:28 -06:00
Sam Sharps
f22f54034a
Removed unused variables
2012-01-12 18:05:54 -06:00
Sam Sharps
87ee6905df
Modified exploit to not need egg hunter shellcode
2012-01-12 18:01:22 -06:00
root
ad0b745b31
new file: modules/exploits/windows/fileformat/bsplayer_m3u.rb
2012-01-12 16:12:43 -05:00
Tod Beardsley
500cfa6dd1
Removing telnet_encrypt_keyid_bruteforce.rb to unstable
...
can't ship for a few problems, will be fixed up soonish but
about to release a build.
2012-01-11 14:00:42 -06:00
Tod Beardsley
092b226cce
Updating tns_auth_sesskey to use a user-supplied SID
...
Applying the patch suggested by Lukas, here: http://mail.metasploit.com/pipermail/framework/2012-January/008374.html
2012-01-11 07:31:36 -06:00
Tod Beardsley
7e25f9a6cc
Death to unicode
...
Apologies to the authors whose names I am now intentionally misspelling.
Maybe in another 10 years, we can guarantee that all terminals and
machine parsers are okay with unicode suddenly popping up in strings.
Also adds a check in msftidy for stray unicode.
2012-01-10 14:54:55 -06:00
sinn3r
bc9014e912
Add new v3.4 target by Michael Coppola (Feature #6207 )
2012-01-09 23:51:11 -06:00
sinn3r
90eb2b9a75
Add CVE-2011-4862 encrypt_key_id using the brute-force method (Feature #6202 )
2012-01-09 19:35:06 -06:00
sinn3r
8eee54d1d0
Add e-mail addr for corelanc0d3r (found it in auxiliary/fuzzers/ftp/client_ftp.rb)
2012-01-09 14:23:37 -06:00
Tod Beardsley
e7d7302644
Dropping the umlaut, sacrificing accuracy for usability. Can't guarantee a viewer has a Unicode-capable terminal.
2012-01-09 11:22:44 -06:00
Patroklos Argyroudis
5d359785ae
Firefox 3.6.16 mChannel exploit for Mac OS X 10.6.8, 10.6.7 and 10.6.6
2012-01-09 12:10:25 +02:00
sinn3r
03a39f7fe8
Whitespace cleanup, also change print_status usage when verbose
2012-01-09 02:21:39 -06:00
sinn3r
2f9d563067
Update reference
2012-01-09 02:14:29 -06:00
sinn3r
243dbe50f0
Correct author name. Unfortunately not all editors can print unicode correctly.
2012-01-07 15:18:25 -06:00
sinn3r
4e858aba89
Add CVE-2012-0262 Op5 welcome.php Remote Code Execution
2012-01-07 15:13:45 -06:00
sinn3r
4645c1c2b9
Add CVE-2012-0261 Op5 license.php Remote Code Execution
2012-01-07 15:12:49 -06:00
David Maloney
9cf2af6a94
Adds exploit/windows/htt/xampp_webdav_upload_php
...
This exploit abuses weak default passwords on XAMPP
for windows to uplaod a php payload and execute it.
Fixes #2170
2012-01-06 12:00:14 -08:00
Sam Sharps
06414c2413
changed author to my actual name
2012-01-06 01:03:20 -06:00
Sam Sharps
b26ed37467
Added description, urls, and another author
2012-01-06 00:47:01 -06:00
Sam Sharps
5c05cebaf7
Added ms05_054_onload.rb IE 6 SP 2 exploit - CVE-2005-1790
2012-01-06 00:16:45 -06:00
sam
f3a9bc2dad
Added ms05_054_onload.rb IE 6 SP 2 exploit - CVE-2005-1790
2012-01-06 00:12:28 -06:00
HD Moore
8315709fb6
Correct typo and set the disclosure date
2012-01-04 19:46:56 -06:00
sinn3r
8cced0a91e
Add CVE-2011-2462 Adobe Reader U3D exploit
2012-01-04 03:49:49 -06:00
Joshua J. Drake
958ffe6e1d
Fix stack trace from unknown agents
2012-01-02 03:41:49 -06:00
Steve Tornio
7bfdc9eff4
add osvdb ref
2012-01-01 09:10:10 -06:00
sinn3r
d9db03dba6
Add CoCSoft StreamDown buffer overflow (Feature #6168 ; no CVE or OSVDB ref)
2011-12-30 10:16:29 -06:00
sinn3r
b202c29153
Correct e-mail format
2011-12-29 11:27:10 -06:00
sinn3r
d484e18300
Add e-mail for tecr0c
2011-12-29 11:14:15 -06:00
sinn3r
9972f42953
Add e-mail for mr_me for consistency
2011-12-29 11:01:38 -06:00
sinn3r
b5b2c57b9f
Correct e-mail format
2011-12-29 10:57:00 -06:00
sinn3r
a330a5c63a
Add e-mail for Brandon
2011-12-29 10:53:39 -06:00
Steve Tornio
778d396bc6
add osvdb ref
2011-12-29 07:54:15 -06:00
Steve Tornio
6d72dbb609
add osvdb ref
2011-12-29 07:54:01 -06:00
Steve Tornio
a00dad32fe
Merge branch 'master' of git://github.com/rapid7/metasploit-framework
2011-12-29 07:50:33 -06:00
Steve Tornio
27d1601028
add osvdb ref
2011-12-29 07:49:16 -06:00
Tod Beardsley
0e3370f1fe
Grammar and spelling on splunk and oracle exploits
2011-12-28 13:42:56 -06:00
HD Moore
5dc647a125
Make it clear that this exploit is for RHEL 3 (White Box 3 uses the same
...
packages)
2011-12-28 02:02:03 -06:00
HD Moore
5d67bd2a5e
Phew. Exhaustive test of all i386 FreeBSD versions complete
2011-12-28 01:38:55 -06:00
HD Moore
1ff0cb2eef
More testing - looks like 5.5 is not exploitable, at least not the same
...
way
2011-12-28 01:30:25 -06:00
HD Moore
e071944a1a
Allow ff in payloads but double them back up
2011-12-28 00:04:24 -06:00
HD Moore
edb9843ef9
Add Linux exploit with one sample target (Whitebox Linux 3)
2011-12-28 00:00:10 -06:00
HD Moore
79103074cb
Add credit for Dan's advice
2011-12-27 23:39:02 -06:00
HD Moore
f9224d6010
Adds basic coverage for CVE-2011-4862. Ported from Jaime Penalba
...
Estebanez's code, mostly written by Brandon Perry, exploit method (jmp
edx) by Dan Rosenberg, and general mangling/targets by hdm.
2011-12-27 23:37:30 -06:00
sinn3r
101eba6aa5
Add CVE-2011-3587 Plone/Zope Remote CMD Injection (Feature #6151 )
2011-12-27 00:59:26 -06:00
Steve Tornio
4215ef3ae1
add osvdb ref
2011-12-24 06:54:39 -06:00
steponequit
69570dada6
Add CVE-2008-2161 OpenTFTP SP 1.4 Buffer Overflow by steponequit
2011-12-23 16:28:36 -06:00
steponequit
84c6739921
added initial opentftp 1.4 windows exploit
2011-12-23 11:27:11 -06:00
sinn3r
41697440c7
Add Oracle Job Scheduler Command Execution (CreateProcessA) - Feature #6079
2011-12-23 01:22:39 -06:00
sinn3r
b5b24a1fbf
Add a check. I decided not to try to login in the check function in order to remain non-malicious.
...
However, this decision doesn't represent how modules should write their own check.
2011-12-22 13:16:54 -06:00
sinn3r
262fe75e0a
Add CVE-2011-4642 - Splunk Remote Code Execution (Feature #6129 )
2011-12-22 13:04:37 -06:00
sinn3r
baaa1f6c82
Add US-Cert references to all these SCADA modules. The refers are based on this list:
...
http://www.scadahacker.com/resources/msf-scada.html
2011-12-20 14:07:29 -06:00
sinn3r
b58097a2a7
Remove junk() because it's never used
2011-12-17 01:28:07 -06:00
sinn3r
fae80f8d49
typo
2011-12-16 11:10:46 -06:00
Steve Tornio
1712f2aa22
add osvdb ref
2011-12-14 07:23:11 -06:00
Steve Tornio
85caabbf5d
add osvdb ref
2011-12-14 07:19:34 -06:00
HD Moore
86b3409d47
Actually return
2011-12-13 20:01:13 -06:00
HD Moore
cb456337a0
Handle invalid http responses better, see #6113
2011-12-13 19:54:10 -06:00
sinn3r
fea4bfb85c
Repair dead milw0rm link to exploit-db
2011-12-13 16:13:53 -06:00
sinn3r
c1a4c4e584
Repair dead milw0rm link to exploit-db
2011-12-13 16:13:34 -06:00
sinn3r
acef9de711
Repair dead milw0rm link to exploit-db
2011-12-13 16:13:15 -06:00
sinn3r
e7ab48693c
Repair dead milw0rm link to exploit-db
2011-12-13 16:12:57 -06:00
sinn3r
94b736c76c
Repair dead milw0rm link to exploit-db
2011-12-13 16:12:38 -06:00
sinn3r
97b74101fb
Repair dead milw0rm link to exploit-db
2011-12-13 16:12:11 -06:00
sinn3r
d246bfa4da
Credit Luigi Auriemma for the original discovery/poc, not Celil
2011-12-13 15:20:26 -06:00
sinn3r
d87d8d5799
Add CVE-2011-4453 (PmWiki Remote code exeuction - Feature #6103 )
2011-12-13 11:45:24 -06:00
Tod Beardsley
a8fad72fce
Merge branch 'msftidy_fixup'
...
Merging a local msftidy cleanup branch, adding a new optional msftidy
test to check for 1.8 compat and cleaning up some whitespace /
file.open()'s.
2011-12-12 17:55:21 -06:00
Tod Beardsley
f402b8598b
Whitespace and File.open binary mode cleanups.
...
Fixes some recent modules: dns_fuzzer, shodan_search,
avidphoneticindexer, and win_privs.
2011-12-12 17:31:28 -06:00
sinn3r
32c8301c19
Add feature #6082 (Traq 2.3 Auth bypass remote code execution)
2011-12-12 15:45:19 -06:00
sinn3r
bacdbb90d7
ugh, stack overflow != stack buffer overflow. Also, metadata format fix.
2011-12-12 15:23:32 -06:00
sinn3r
5af5137241
Add CoDeSys SCADA bof module ( #6083 )
2011-12-12 15:21:15 -06:00
HD Moore
4736cb1cbe
Merge pull request #48 from swtornio/master
...
add osvdb ref
2011-12-11 20:37:43 -08:00
HD Moore
1ae12e3a23
Remove the default target, since module doesn't fingerprint the service
...
pack, this can only end in tears.
2011-12-10 13:31:05 -06:00
Steve Tornio
b521602d82
add osvdb ref
2011-12-10 07:49:50 -06:00
sinn3r
e043fb52c2
Incrase timeout
2011-12-08 11:21:03 -06:00
sinn3r
5afba20c21
Merge pull request #43 from jduck/master
...
Clear up how to use native payloads for tomcat_mgr_deploy
2011-12-06 23:01:53 -08:00
sinn3r
0e2101e4c1
Correct author name
2011-12-07 00:24:16 -06:00
sinn3r
edec6b98ee
Add feature #6067 Family Connections CMS 2.7.1 exploit
2011-12-07 00:00:56 -06:00
sinn3r
92c1065508
Add CVE-2004-1626 (Ability FTP Server). OSCP l337-fu :-)
2011-12-06 18:52:42 -06:00
Joshua J. Drake
ac7edc268a
Add some more clear documentation for selecting payloads for this module.
2011-12-05 00:35:11 -06:00
sinn3r
e524215b55
WTH, the date format is wrong
2011-12-04 15:23:31 -06:00
Steve Tornio
b75799d18d
=add osvdb ref
2011-12-02 16:50:42 -06:00
Steve Tornio
83f12c6fe0
=add osvdb ref
2011-12-02 16:46:01 -06:00
sinn3r
c8634390b7
Add CCMPlayer m3u exploit (Feature #6029 )
2011-12-02 16:27:59 -06:00
sinn3r
f4b755c319
Add License comment (author already put 'MSF_LICENSE' in there). Also drop rank, because it doesn't cover so many targets
2011-12-02 15:00:39 -06:00
sinn3r
cd2bb027bf
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-12-02 14:54:53 -06:00
sinn3r
895a509bd3
Add Avid Media Composer 5.5 (Feature #6035 )
2011-12-02 14:53:26 -06:00
Steve Tornio
2bb97791f7
Update OSVDF refs for servu module.
...
* Added osvdb ref to servu module.
* Fixed rhino entry in osvdb, removed comment from module.
Squashed commit of the following:
commit 80ce65253f51e07a0bcb8900402a1b3d59eaeaa1
Author: Steve Tornio <swtornio@gmail.com>
Date: Fri Dec 2 07:44:28 2011 -0600
add osvdb ref
commit 558f20d84dd705b57b7f807a5ea3815e17b6f9f5
Author: Steve Tornio <swtornio@gmail.com>
Date: Wed Nov 30 08:15:20 2011 -0600
fixed in osvdb
[Closes #39 ]
2011-12-02 13:21:41 -05:00
David Maloney
57f12cb2d8
Merge branch 'servu_sploit'
2011-12-01 11:21:32 -08:00
sinn3r
93a419c76b
Having nothing on the webpage may probably confuse some novice users. But I do like stealth.
2011-12-01 03:02:35 -06:00
David Maloney
2858cae296
Some quick corrections to tidy things up
2011-11-29 19:57:08 -08:00
David Maloney
be88f483a3
More Accurate Vulnerability Check
2011-11-29 18:38:00 -08:00
David Maloney
0dda948265
New Exploit for the Serv-U FTP Buffer overflow
...
from CVE 2004-2111
2011-11-29 17:34:01 -08:00
sinn3r
f26f6da74b
Add CVE-2011-3544 (feature #6023 ) Java Rhino exploit
2011-11-29 18:05:20 -06:00
sinn3r
6f5d64f6de
Merge branch 'master' of github.com:rapid7/metasploit-framework
2011-11-29 03:31:15 -06:00
sinn3r
34a933d499
Feature #5610
2011-11-29 03:30:49 -06:00
Tod Beardsley
f503bd9488
Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append.
2011-11-28 17:52:34 -06:00
Rob Fuller
c411c216c0
Solved most of msftidy issues with the /modules directory
2011-11-28 17:10:29 -06:00
David Maloney
4a22df4014
Fix to the axis2 Deployer exploit to add Default Target
2011-11-22 10:27:38 -08:00
David Maloney
30d1451159
Consolidation of the Axis2 Deployer Exploits
...
Fixes #5276
2011-11-22 08:47:53 -08:00
sinn3r
e11ca43c37
Add feature #5680
2011-11-21 12:39:45 -06:00
sinn3r
76846aa578
Add MS10-038 (CVE-2010-0822) exploit
2011-11-21 11:36:47 -06:00
sinn3r
28a079f308
Add credit to the appropriate researcher
2011-11-20 02:32:45 -06:00
sinn3r
95d639ccf7
Change target index and names. Also retested on XP all the way to Win 7, IE 6 to IE8.
2011-11-20 01:44:52 -06:00
sinn3r
9c2fab0921
Add CVE-2010-0356 (Viscom Movie Player Pro) by tecr0c
2011-11-19 20:40:04 -06:00
sinn3r
30f13984ea
Add wireshark console.lua exploit (CVE-2011-3360)
2011-11-18 21:24:48 -06:00
sinn3r
fea42dbdee
Add feature #5872
2011-11-16 12:26:54 -06:00
David Maloney
c8142043e9
Fixes to credential handling to downcase usernames whenever they are not case sensitive.
...
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
sinn3r
2536cf0308
Add feature #5779
2011-11-14 01:49:26 -06:00
HD Moore
4f177acf88
Merge pull request #9 from swtornio/master
...
Add osvdb ref
2011-11-12 11:35:24 -08:00
sinn3r
41d746a07a
Add Support Incident Tracker (Feature #5964 ) by Juan
2011-11-12 12:36:21 -06:00
Steve Tornio
a0c9297500
add osvdb ref
2011-11-12 06:01:41 -06:00
sinn3r
170c4f5451
Fix author email format
2011-11-12 01:53:25 -06:00
sinn3r
b8b8732d85
Correct disclosure date
2011-11-12 01:12:28 -06:00
sinn3r
ed5bae6441
oops, I don't need that extra comment
2011-11-12 01:04:00 -06:00
sinn3r
84c5268ab4
Add Aviosoft DTV exploit
2011-11-12 01:02:40 -06:00
Patrick Webster
f54b622ad3
Added BID ref for amlibweb module.
2011-11-11 12:04:40 +11:00
wchen-r7
c569ec4a33
Don't really need a revision # in source
2011-11-09 22:10:52 -06:00
Wei Chen
32bb3af298
Add feature #5946
2011-11-09 21:49:34 -06:00
Matt Buck
16f45fc894
Add empty directories from svn repo.
2011-11-09 18:41:40 -06:00
Matt Weeks
fdf13e5e0e
Fixes #5927
...
git-svn-id: file:///home/svn/framework3/trunk@14196 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 21:45:17 +00:00
Wei Chen
c4fa5b4674
Fix #5937 . Vista is currently taken down because it's not stable enough.
...
git-svn-id: file:///home/svn/framework3/trunk@14188 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-08 09:35:18 +00:00
Wei Chen
0b981b0db0
Add OSVDB reference
...
git-svn-id: file:///home/svn/framework3/trunk@14179 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-07 02:01:42 +00:00
Wei Chen
e767214411
Fix: whitespaces, svn propset, author e-mail format
...
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 22:02:26 +00:00
Wei Chen
49dddf1396
Yeah, don't really need the bottom comment anymore
...
git-svn-id: file:///home/svn/framework3/trunk@14172 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 20:16:34 +00:00
Wei Chen
43a22d3fa0
Add Office 2007 SP2 target, thanks Juan
...
git-svn-id: file:///home/svn/framework3/trunk@14171 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-06 17:33:29 +00:00
Wei Chen
1a2f60f4c0
Add MS11-021 ( #5917 )
...
git-svn-id: file:///home/svn/framework3/trunk@14169 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 23:05:42 +00:00
James Lee
155c3ff9ac
whitespace
...
git-svn-id: file:///home/svn/framework3/trunk@14157 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 17:17:10 +00:00
Steve Tornio
7a07e069da
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@14156 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 14:15:00 +00:00
Wei Chen
3d6f631780
Upgrade mini_stream as a remote module. Account for all variables that affect the offset to EIP. Also digital1 = Ron.
...
git-svn-id: file:///home/svn/framework3/trunk@14155 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-04 08:20:43 +00:00
Wei Chen
3722a5c3c1
Add LifeSize room command injection (feature #5333 )
...
git-svn-id: file:///home/svn/framework3/trunk@14143 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-02 19:40:05 +00:00
Wei Chen
b809f00979
Add NJStar MiniSMTP bof (Feature #5901 )
...
git-svn-id: file:///home/svn/framework3/trunk@14135 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-01 08:19:55 +00:00
Mario Ceballos
0890cca02a
much needed patch worked like a champ in my enviroment.
...
git-svn-id: file:///home/svn/framework3/trunk@14132 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-31 20:37:30 +00:00
Wei Chen
3eff1cfaa5
This exploit does not work at all, and could not be fixed in time. See #5854
...
git-svn-id: file:///home/svn/framework3/trunk@14088 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-27 01:47:48 +00:00
Mario Ceballos
7b099bbaef
remove Rex::Text.pattern_create()
...
git-svn-id: file:///home/svn/framework3/trunk@14076 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 22:16:26 +00:00
Wei Chen
ded364c8ef
Feature #5621
...
git-svn-id: file:///home/svn/framework3/trunk@14075 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 21:25:46 +00:00
Wei Chen
0dff3f3e52
Add #5682 (phpscheduleit module). Thx Juan.
...
git-svn-id: file:///home/svn/framework3/trunk@14073 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-26 18:06:12 +00:00
David Rude
086af94b5d
Adds Foxit PDF Reader Exploit CVE-2009-0837
...
git-svn-id: file:///home/svn/framework3/trunk@14069 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 20:15:12 +00:00
Will Vandevanter
a0d8a08851
java meterpreter should be used when the target is set to automatic
...
git-svn-id: file:///home/svn/framework3/trunk@14068 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 20:02:09 +00:00
Wei Chen
2b46420b36
check nil
...
git-svn-id: file:///home/svn/framework3/trunk@14062 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 16:19:55 +00:00
Wei Chen
7ba5a8ec4e
Module is busted when it loads, restoring to the original method. Mixin should not be loaded into an exploit
...
git-svn-id: file:///home/svn/framework3/trunk@14061 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 16:04:33 +00:00
Wei Chen
9cb54e37c5
Handle payloads better, also add a cleanup routine specifically for php/exec
...
git-svn-id: file:///home/svn/framework3/trunk@14060 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 05:25:39 +00:00
Wei Chen
2da07d4963
Fix bug #5834 (uri being nil in print_good)
...
git-svn-id: file:///home/svn/framework3/trunk@14057 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-25 00:40:03 +00:00
Wei Chen
3da8bb8b69
Add feature #5820 by mr_me and tecr0c
...
git-svn-id: file:///home/svn/framework3/trunk@14055 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 23:22:32 +00:00
Joshua Drake
32cde1d45a
don't use the pattern creator
...
git-svn-id: file:///home/svn/framework3/trunk@14050 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 19:43:54 +00:00
Wei Chen
fa2355a766
Damn comma
...
git-svn-id: file:///home/svn/framework3/trunk@14048 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 16:42:07 +00:00
Wei Chen
68286561f5
Add #5742
...
git-svn-id: file:///home/svn/framework3/trunk@14047 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 16:38:02 +00:00
Wei Chen
c0d362bd83
Fix tabs, and the correct the bottom comment
...
git-svn-id: file:///home/svn/framework3/trunk@14041 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 01:39:11 +00:00
Wei Chen
a8d62ae01a
Add feature #5592 (Cytel Studio)
...
git-svn-id: file:///home/svn/framework3/trunk@14040 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-24 01:37:32 +00:00
Joshua Drake
7bfa29ace4
clean up exploit HTML print_status
...
git-svn-id: file:///home/svn/framework3/trunk@14036 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 14:21:57 +00:00
Joshua Drake
62c8c6ea9f
big msftidy pass, ping me if there are issues
...
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-23 11:56:13 +00:00
Steve Tornio
27cba3d7ec
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@14020 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-21 11:50:59 +00:00
Wei Chen
06aa776a77
Bleh, fix BID reference
...
git-svn-id: file:///home/svn/framework3/trunk@14016 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 17:40:21 +00:00
Wei Chen
e5f7bfceaf
Add HP Power Manager module by ipax, thx!
...
git-svn-id: file:///home/svn/framework3/trunk@14015 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-20 17:29:48 +00:00
David Rude
091b9779e2
Add commas
...
git-svn-id: file:///home/svn/framework3/trunk@14007 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 20:41:09 +00:00
David Rude
521aec205b
Return on error
...
git-svn-id: file:///home/svn/framework3/trunk@14006 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-19 19:55:04 +00:00
Wei Chen
0f1ba8dcf1
Change user agent check
...
git-svn-id: file:///home/svn/framework3/trunk@13993 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 15:48:03 +00:00
HD Moore
5916a4afe3
Cosmetic
...
git-svn-id: file:///home/svn/framework3/trunk@13991 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:56:33 +00:00
HD Moore
f2469fc23f
Drop phpi to normal ranking, it eats too much time
...
git-svn-id: file:///home/svn/framework3/trunk@13990 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:10:45 +00:00
HD Moore
e4290e40c4
Fix the check to not report empty user/pass
...
git-svn-id: file:///home/svn/framework3/trunk@13989 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 09:10:00 +00:00
Wei Chen
8e4f4a2672
Add CVE-2011-1774 (Safari libxslt arbitrary file creation)
...
git-svn-id: file:///home/svn/framework3/trunk@13987 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 07:39:50 +00:00
Wei Chen
fbbec1fa92
This exploit falls between NormalRanking to GoodRanking. I'll class it as Normal for now.
...
git-svn-id: file:///home/svn/framework3/trunk@13984 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 03:48:10 +00:00
Wei Chen
975cc52bac
Fix spelling errors
...
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-18 00:54:05 +00:00
Wei Chen
d204f4027b
Catch nil first before do .empty?
...
git-svn-id: file:///home/svn/framework3/trunk@13978 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 15:59:57 +00:00
Wei Chen
7dbf2e3fcd
Apply fix by David, thx!
...
git-svn-id: file:///home/svn/framework3/trunk@13975 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 15:08:39 +00:00
Wei Chen
0304702b14
Mention where the getpc code is from, request by corelanc0d3r
...
git-svn-id: file:///home/svn/framework3/trunk@13974 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 14:56:44 +00:00
Tod Beardsley
c336d063da
Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip.
...
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 04:20:53 +00:00
Tod Beardsley
94eb3ac14c
Deleting a puts statement.
...
git-svn-id: file:///home/svn/framework3/trunk@13968 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:52:10 +00:00
Tod Beardsley
3c36b0c975
Msftidy: knocking out all those trailing spaces. Screw those guys.
...
git-svn-id: file:///home/svn/framework3/trunk@13967 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 03:49:49 +00:00
Tod Beardsley
30ac88694f
More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
...
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-17 02:58:53 +00:00
Wei Chen
39a4488da5
Patch #5740 for Firefox Array.reduceRight() exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13958 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 20:28:15 +00:00
Wei Chen
e6e8164843
Add CVE-2011-3230 - Safari File Policy vuln
...
git-svn-id: file:///home/svn/framework3/trunk@13956 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 19:31:09 +00:00
Tod Beardsley
d059670d67
Fixes #5570 , commits TecR0c's exploit module, after running through msftidy.rb. Thanks!
...
git-svn-id: file:///home/svn/framework3/trunk@13952 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 15:47:04 +00:00
HD Moore
594b0687c7
Fix CVE reference format
...
git-svn-id: file:///home/svn/framework3/trunk@13950 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:55:07 +00:00
HD Moore
cf8524b1b4
Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types
...
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-16 09:53:53 +00:00
Tod Beardsley
020abd926b
A handful of rankings changes, also converting whitespace.
...
git-svn-id: file:///home/svn/framework3/trunk@13941 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 22:58:20 +00:00
Wei Chen
14d7db1641
Add disclosure dates to all the exploit modules that didn't have one
...
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 21:09:17 +00:00
Wei Chen
1a02a2199b
These are considered as cmd exec and do not cause crashes, therefore received an ExcellentRanking
...
git-svn-id: file:///home/svn/framework3/trunk@13937 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:42:20 +00:00
Wei Chen
1adb31747d
This module is missing a ranking. Adding one.
...
git-svn-id: file:///home/svn/framework3/trunk@13936 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:35:18 +00:00
Wei Chen
f2d328d969
cmd exec module should receive ExcellentRanking
...
git-svn-id: file:///home/svn/framework3/trunk@13935 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:10:53 +00:00
Wei Chen
2b746b3505
This module never got a ranking, adding one
...
git-svn-id: file:///home/svn/framework3/trunk@13934 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 20:07:59 +00:00
HD Moore
142ae9288b
Fix title
...
git-svn-id: file:///home/svn/framework3/trunk@13933 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-15 19:56:57 +00:00
Chao Mu
4b9346e40e
Switching my BSD modules to MSF_LICENSE to make life easier. Resistance is Futile! Assimilate!
...
git-svn-id: file:///home/svn/framework3/trunk@13925 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 23:29:52 +00:00
HD Moore
0ff7f17cba
Cosmetic module and service name fixes
...
git-svn-id: file:///home/svn/framework3/trunk@13917 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-14 00:52:15 +00:00
Wei Chen
4f4c0bc0be
Add CVE-2011-2371 Firefox Array.reduceRight() vuln
...
git-svn-id: file:///home/svn/framework3/trunk@13909 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-13 03:16:15 +00:00
Wei Chen
90a426cec6
Add PcVue 10 LoadObject/SaveObject vuln (Feature #5647 )
...
git-svn-id: file:///home/svn/framework3/trunk@13889 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 10:57:31 +00:00
James Lee
6578874439
don't bother escaping a tick
...
git-svn-id: file:///home/svn/framework3/trunk@13887 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-12 01:45:10 +00:00
Wei Chen
c1b1917dce
Change correct name for Lincoln. Also, this is feature #5646
...
git-svn-id: file:///home/svn/framework3/trunk@13868 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 03:30:14 +00:00
Wei Chen
e3111e0261
Add CVE-2008-4779
...
git-svn-id: file:///home/svn/framework3/trunk@13867 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-11 03:28:08 +00:00
Wei Chen
f54939cda9
Change target name and description. The module works on multiple systems.
...
git-svn-id: file:///home/svn/framework3/trunk@13853 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 16:47:33 +00:00
Wei Chen
8488343e46
Add CVE-2011-2595 (Feature #5645 )
...
git-svn-id: file:///home/svn/framework3/trunk@13852 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 16:11:05 +00:00
HD Moore
643223ff11
Fixes #5651 by applying patch
...
git-svn-id: file:///home/svn/framework3/trunk@13850 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-10 15:40:59 +00:00
Wei Chen
756aafd7f2
Add CVE and OSVDB refs
...
git-svn-id: file:///home/svn/framework3/trunk@13848 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 22:56:17 +00:00
Wei Chen
9ddfc122af
Fix indentation, white spaces, add patch URL to reference
...
git-svn-id: file:///home/svn/framework3/trunk@13847 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 20:39:02 +00:00
Wei Chen
262b3bbe00
Use Rex to encode payload to base64
...
git-svn-id: file:///home/svn/framework3/trunk@13846 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 20:31:51 +00:00
Joshua Drake
eab8a2434b
fix typo in description
...
git-svn-id: file:///home/svn/framework3/trunk@13845 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 19:39:15 +00:00
Tod Beardsley
921549fc3d
Adding OSVDB ref that just popped up for me.
...
git-svn-id: file:///home/svn/framework3/trunk@13844 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 15:49:02 +00:00
Wei Chen
98157272fd
Fix indentation for exploit description
...
git-svn-id: file:///home/svn/framework3/trunk@13843 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 06:12:54 +00:00
Wei Chen
d1b1b26d01
Add Feature #5499 (Snortreport module)
...
git-svn-id: file:///home/svn/framework3/trunk@13842 4d416f70-5f16-0410-b530-b9f4589650da
2011-10-09 06:10:18 +00:00