HD Moore
|
e071944a1a
|
Allow ff in payloads but double them back up
|
2011-12-28 00:04:24 -06:00 |
HD Moore
|
edb9843ef9
|
Add Linux exploit with one sample target (Whitebox Linux 3)
|
2011-12-28 00:00:10 -06:00 |
HD Moore
|
79103074cb
|
Add credit for Dan's advice
|
2011-12-27 23:39:02 -06:00 |
HD Moore
|
f9224d6010
|
Adds basic coverage for CVE-2011-4862. Ported from Jaime Penalba
Estebanez's code, mostly written by Brandon Perry, exploit method (jmp
edx) by Dan Rosenberg, and general mangling/targets by hdm.
|
2011-12-27 23:37:30 -06:00 |
sinn3r
|
101eba6aa5
|
Add CVE-2011-3587 Plone/Zope Remote CMD Injection (Feature #6151)
|
2011-12-27 00:59:26 -06:00 |
Steve Tornio
|
4215ef3ae1
|
add osvdb ref
|
2011-12-24 06:54:39 -06:00 |
steponequit
|
69570dada6
|
Add CVE-2008-2161 OpenTFTP SP 1.4 Buffer Overflow by steponequit
|
2011-12-23 16:28:36 -06:00 |
steponequit
|
84c6739921
|
added initial opentftp 1.4 windows exploit
|
2011-12-23 11:27:11 -06:00 |
sinn3r
|
41697440c7
|
Add Oracle Job Scheduler Command Execution (CreateProcessA) - Feature #6079
|
2011-12-23 01:22:39 -06:00 |
sinn3r
|
b5b24a1fbf
|
Add a check. I decided not to try to login in the check function in order to remain non-malicious.
However, this decision doesn't represent how modules should write their own check.
|
2011-12-22 13:16:54 -06:00 |
sinn3r
|
262fe75e0a
|
Add CVE-2011-4642 - Splunk Remote Code Execution (Feature #6129)
|
2011-12-22 13:04:37 -06:00 |
sinn3r
|
baaa1f6c82
|
Add US-Cert references to all these SCADA modules. The refers are based on this list:
http://www.scadahacker.com/resources/msf-scada.html
|
2011-12-20 14:07:29 -06:00 |
sinn3r
|
b58097a2a7
|
Remove junk() because it's never used
|
2011-12-17 01:28:07 -06:00 |
sinn3r
|
fae80f8d49
|
typo
|
2011-12-16 11:10:46 -06:00 |
Steve Tornio
|
1712f2aa22
|
add osvdb ref
|
2011-12-14 07:23:11 -06:00 |
Steve Tornio
|
85caabbf5d
|
add osvdb ref
|
2011-12-14 07:19:34 -06:00 |
HD Moore
|
86b3409d47
|
Actually return
|
2011-12-13 20:01:13 -06:00 |
HD Moore
|
cb456337a0
|
Handle invalid http responses better, see #6113
|
2011-12-13 19:54:10 -06:00 |
sinn3r
|
fea4bfb85c
|
Repair dead milw0rm link to exploit-db
|
2011-12-13 16:13:53 -06:00 |
sinn3r
|
c1a4c4e584
|
Repair dead milw0rm link to exploit-db
|
2011-12-13 16:13:34 -06:00 |
sinn3r
|
acef9de711
|
Repair dead milw0rm link to exploit-db
|
2011-12-13 16:13:15 -06:00 |
sinn3r
|
e7ab48693c
|
Repair dead milw0rm link to exploit-db
|
2011-12-13 16:12:57 -06:00 |
sinn3r
|
94b736c76c
|
Repair dead milw0rm link to exploit-db
|
2011-12-13 16:12:38 -06:00 |
sinn3r
|
97b74101fb
|
Repair dead milw0rm link to exploit-db
|
2011-12-13 16:12:11 -06:00 |
sinn3r
|
d246bfa4da
|
Credit Luigi Auriemma for the original discovery/poc, not Celil
|
2011-12-13 15:20:26 -06:00 |
sinn3r
|
d87d8d5799
|
Add CVE-2011-4453 (PmWiki Remote code exeuction - Feature #6103)
|
2011-12-13 11:45:24 -06:00 |
Tod Beardsley
|
a8fad72fce
|
Merge branch 'msftidy_fixup'
Merging a local msftidy cleanup branch, adding a new optional msftidy
test to check for 1.8 compat and cleaning up some whitespace /
file.open()'s.
|
2011-12-12 17:55:21 -06:00 |
Tod Beardsley
|
f402b8598b
|
Whitespace and File.open binary mode cleanups.
Fixes some recent modules: dns_fuzzer, shodan_search,
avidphoneticindexer, and win_privs.
|
2011-12-12 17:31:28 -06:00 |
sinn3r
|
32c8301c19
|
Add feature #6082 (Traq 2.3 Auth bypass remote code execution)
|
2011-12-12 15:45:19 -06:00 |
sinn3r
|
bacdbb90d7
|
ugh, stack overflow != stack buffer overflow. Also, metadata format fix.
|
2011-12-12 15:23:32 -06:00 |
sinn3r
|
5af5137241
|
Add CoDeSys SCADA bof module (#6083)
|
2011-12-12 15:21:15 -06:00 |
HD Moore
|
4736cb1cbe
|
Merge pull request #48 from swtornio/master
add osvdb ref
|
2011-12-11 20:37:43 -08:00 |
HD Moore
|
1ae12e3a23
|
Remove the default target, since module doesn't fingerprint the service
pack, this can only end in tears.
|
2011-12-10 13:31:05 -06:00 |
Steve Tornio
|
b521602d82
|
add osvdb ref
|
2011-12-10 07:49:50 -06:00 |
sinn3r
|
e043fb52c2
|
Incrase timeout
|
2011-12-08 11:21:03 -06:00 |
sinn3r
|
5afba20c21
|
Merge pull request #43 from jduck/master
Clear up how to use native payloads for tomcat_mgr_deploy
|
2011-12-06 23:01:53 -08:00 |
sinn3r
|
0e2101e4c1
|
Correct author name
|
2011-12-07 00:24:16 -06:00 |
sinn3r
|
edec6b98ee
|
Add feature #6067 Family Connections CMS 2.7.1 exploit
|
2011-12-07 00:00:56 -06:00 |
sinn3r
|
92c1065508
|
Add CVE-2004-1626 (Ability FTP Server). OSCP l337-fu :-)
|
2011-12-06 18:52:42 -06:00 |
Joshua J. Drake
|
ac7edc268a
|
Add some more clear documentation for selecting payloads for this module.
|
2011-12-05 00:35:11 -06:00 |
sinn3r
|
e524215b55
|
WTH, the date format is wrong
|
2011-12-04 15:23:31 -06:00 |
Steve Tornio
|
b75799d18d
|
=add osvdb ref
|
2011-12-02 16:50:42 -06:00 |
Steve Tornio
|
83f12c6fe0
|
=add osvdb ref
|
2011-12-02 16:46:01 -06:00 |
sinn3r
|
c8634390b7
|
Add CCMPlayer m3u exploit (Feature #6029)
|
2011-12-02 16:27:59 -06:00 |
sinn3r
|
f4b755c319
|
Add License comment (author already put 'MSF_LICENSE' in there). Also drop rank, because it doesn't cover so many targets
|
2011-12-02 15:00:39 -06:00 |
sinn3r
|
cd2bb027bf
|
Merge branch 'master' of github.com:rapid7/metasploit-framework
|
2011-12-02 14:54:53 -06:00 |
sinn3r
|
895a509bd3
|
Add Avid Media Composer 5.5 (Feature #6035)
|
2011-12-02 14:53:26 -06:00 |
Steve Tornio
|
2bb97791f7
|
Update OSVDF refs for servu module.
* Added osvdb ref to servu module.
* Fixed rhino entry in osvdb, removed comment from module.
Squashed commit of the following:
commit 80ce65253f51e07a0bcb8900402a1b3d59eaeaa1
Author: Steve Tornio <swtornio@gmail.com>
Date: Fri Dec 2 07:44:28 2011 -0600
add osvdb ref
commit 558f20d84dd705b57b7f807a5ea3815e17b6f9f5
Author: Steve Tornio <swtornio@gmail.com>
Date: Wed Nov 30 08:15:20 2011 -0600
fixed in osvdb
[Closes #39]
|
2011-12-02 13:21:41 -05:00 |
David Maloney
|
57f12cb2d8
|
Merge branch 'servu_sploit'
|
2011-12-01 11:21:32 -08:00 |
sinn3r
|
93a419c76b
|
Having nothing on the webpage may probably confuse some novice users. But I do like stealth.
|
2011-12-01 03:02:35 -06:00 |
David Maloney
|
2858cae296
|
Some quick corrections to tidy things up
|
2011-11-29 19:57:08 -08:00 |
David Maloney
|
be88f483a3
|
More Accurate Vulnerability Check
|
2011-11-29 18:38:00 -08:00 |
David Maloney
|
0dda948265
|
New Exploit for the Serv-U FTP Buffer overflow
from CVE 2004-2111
|
2011-11-29 17:34:01 -08:00 |
sinn3r
|
f26f6da74b
|
Add CVE-2011-3544 (feature #6023) Java Rhino exploit
|
2011-11-29 18:05:20 -06:00 |
sinn3r
|
6f5d64f6de
|
Merge branch 'master' of github.com:rapid7/metasploit-framework
|
2011-11-29 03:31:15 -06:00 |
sinn3r
|
34a933d499
|
Feature #5610
|
2011-11-29 03:30:49 -06:00 |
Tod Beardsley
|
f503bd9488
|
Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append.
|
2011-11-28 17:52:34 -06:00 |
Rob Fuller
|
c411c216c0
|
Solved most of msftidy issues with the /modules directory
|
2011-11-28 17:10:29 -06:00 |
David Maloney
|
4a22df4014
|
Fix to the axis2 Deployer exploit to add Default Target
|
2011-11-22 10:27:38 -08:00 |
David Maloney
|
30d1451159
|
Consolidation of the Axis2 Deployer Exploits
Fixes #5276
|
2011-11-22 08:47:53 -08:00 |
sinn3r
|
e11ca43c37
|
Add feature #5680
|
2011-11-21 12:39:45 -06:00 |
sinn3r
|
76846aa578
|
Add MS10-038 (CVE-2010-0822) exploit
|
2011-11-21 11:36:47 -06:00 |
sinn3r
|
28a079f308
|
Add credit to the appropriate researcher
|
2011-11-20 02:32:45 -06:00 |
sinn3r
|
95d639ccf7
|
Change target index and names. Also retested on XP all the way to Win 7, IE 6 to IE8.
|
2011-11-20 01:44:52 -06:00 |
sinn3r
|
9c2fab0921
|
Add CVE-2010-0356 (Viscom Movie Player Pro) by tecr0c
|
2011-11-19 20:40:04 -06:00 |
sinn3r
|
30f13984ea
|
Add wireshark console.lua exploit (CVE-2011-3360)
|
2011-11-18 21:24:48 -06:00 |
sinn3r
|
fea42dbdee
|
Add feature #5872
|
2011-11-16 12:26:54 -06:00 |
David Maloney
|
c8142043e9
|
Fixes to credential handling to downcase usernames whenever they are not case sensitive.
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
|
2011-11-14 22:50:52 -08:00 |
sinn3r
|
2536cf0308
|
Add feature #5779
|
2011-11-14 01:49:26 -06:00 |
HD Moore
|
4f177acf88
|
Merge pull request #9 from swtornio/master
Add osvdb ref
|
2011-11-12 11:35:24 -08:00 |
sinn3r
|
41d746a07a
|
Add Support Incident Tracker (Feature #5964) by Juan
|
2011-11-12 12:36:21 -06:00 |
Steve Tornio
|
a0c9297500
|
add osvdb ref
|
2011-11-12 06:01:41 -06:00 |
sinn3r
|
170c4f5451
|
Fix author email format
|
2011-11-12 01:53:25 -06:00 |
sinn3r
|
b8b8732d85
|
Correct disclosure date
|
2011-11-12 01:12:28 -06:00 |
sinn3r
|
ed5bae6441
|
oops, I don't need that extra comment
|
2011-11-12 01:04:00 -06:00 |
sinn3r
|
84c5268ab4
|
Add Aviosoft DTV exploit
|
2011-11-12 01:02:40 -06:00 |
Patrick Webster
|
f54b622ad3
|
Added BID ref for amlibweb module.
|
2011-11-11 12:04:40 +11:00 |
wchen-r7
|
c569ec4a33
|
Don't really need a revision # in source
|
2011-11-09 22:10:52 -06:00 |
Wei Chen
|
32bb3af298
|
Add feature #5946
|
2011-11-09 21:49:34 -06:00 |
Matt Buck
|
16f45fc894
|
Add empty directories from svn repo.
|
2011-11-09 18:41:40 -06:00 |
Matt Weeks
|
fdf13e5e0e
|
Fixes #5927
git-svn-id: file:///home/svn/framework3/trunk@14196 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-08 21:45:17 +00:00 |
Wei Chen
|
c4fa5b4674
|
Fix #5937. Vista is currently taken down because it's not stable enough.
git-svn-id: file:///home/svn/framework3/trunk@14188 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-08 09:35:18 +00:00 |
Wei Chen
|
0b981b0db0
|
Add OSVDB reference
git-svn-id: file:///home/svn/framework3/trunk@14179 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-07 02:01:42 +00:00 |
Wei Chen
|
e767214411
|
Fix: whitespaces, svn propset, author e-mail format
git-svn-id: file:///home/svn/framework3/trunk@14175 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-06 22:02:26 +00:00 |
Wei Chen
|
49dddf1396
|
Yeah, don't really need the bottom comment anymore
git-svn-id: file:///home/svn/framework3/trunk@14172 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-06 20:16:34 +00:00 |
Wei Chen
|
43a22d3fa0
|
Add Office 2007 SP2 target, thanks Juan
git-svn-id: file:///home/svn/framework3/trunk@14171 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-06 17:33:29 +00:00 |
Wei Chen
|
1a2f60f4c0
|
Add MS11-021 (#5917)
git-svn-id: file:///home/svn/framework3/trunk@14169 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-05 23:05:42 +00:00 |
James Lee
|
155c3ff9ac
|
whitespace
git-svn-id: file:///home/svn/framework3/trunk@14157 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-04 17:17:10 +00:00 |
Steve Tornio
|
7a07e069da
|
add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@14156 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-04 14:15:00 +00:00 |
Wei Chen
|
3d6f631780
|
Upgrade mini_stream as a remote module. Account for all variables that affect the offset to EIP. Also digital1 = Ron.
git-svn-id: file:///home/svn/framework3/trunk@14155 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-04 08:20:43 +00:00 |
Wei Chen
|
3722a5c3c1
|
Add LifeSize room command injection (feature #5333)
git-svn-id: file:///home/svn/framework3/trunk@14143 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-02 19:40:05 +00:00 |
Wei Chen
|
b809f00979
|
Add NJStar MiniSMTP bof (Feature #5901)
git-svn-id: file:///home/svn/framework3/trunk@14135 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-11-01 08:19:55 +00:00 |
Mario Ceballos
|
0890cca02a
|
much needed patch worked like a champ in my enviroment.
git-svn-id: file:///home/svn/framework3/trunk@14132 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-31 20:37:30 +00:00 |
Wei Chen
|
3eff1cfaa5
|
This exploit does not work at all, and could not be fixed in time. See #5854
git-svn-id: file:///home/svn/framework3/trunk@14088 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-27 01:47:48 +00:00 |
Mario Ceballos
|
7b099bbaef
|
remove Rex::Text.pattern_create()
git-svn-id: file:///home/svn/framework3/trunk@14076 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-26 22:16:26 +00:00 |
Wei Chen
|
ded364c8ef
|
Feature #5621
git-svn-id: file:///home/svn/framework3/trunk@14075 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-26 21:25:46 +00:00 |
Wei Chen
|
0dff3f3e52
|
Add #5682 (phpscheduleit module). Thx Juan.
git-svn-id: file:///home/svn/framework3/trunk@14073 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-26 18:06:12 +00:00 |
David Rude
|
086af94b5d
|
Adds Foxit PDF Reader Exploit CVE-2009-0837
git-svn-id: file:///home/svn/framework3/trunk@14069 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-25 20:15:12 +00:00 |
Will Vandevanter
|
a0d8a08851
|
java meterpreter should be used when the target is set to automatic
git-svn-id: file:///home/svn/framework3/trunk@14068 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-25 20:02:09 +00:00 |
Wei Chen
|
2b46420b36
|
check nil
git-svn-id: file:///home/svn/framework3/trunk@14062 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-25 16:19:55 +00:00 |
Wei Chen
|
7ba5a8ec4e
|
Module is busted when it loads, restoring to the original method. Mixin should not be loaded into an exploit
git-svn-id: file:///home/svn/framework3/trunk@14061 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-25 16:04:33 +00:00 |
Wei Chen
|
9cb54e37c5
|
Handle payloads better, also add a cleanup routine specifically for php/exec
git-svn-id: file:///home/svn/framework3/trunk@14060 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-25 05:25:39 +00:00 |
Wei Chen
|
2da07d4963
|
Fix bug #5834 (uri being nil in print_good)
git-svn-id: file:///home/svn/framework3/trunk@14057 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-25 00:40:03 +00:00 |
Wei Chen
|
3da8bb8b69
|
Add feature #5820 by mr_me and tecr0c
git-svn-id: file:///home/svn/framework3/trunk@14055 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-24 23:22:32 +00:00 |
Joshua Drake
|
32cde1d45a
|
don't use the pattern creator
git-svn-id: file:///home/svn/framework3/trunk@14050 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-24 19:43:54 +00:00 |
Wei Chen
|
fa2355a766
|
Damn comma
git-svn-id: file:///home/svn/framework3/trunk@14048 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-24 16:42:07 +00:00 |
Wei Chen
|
68286561f5
|
Add #5742
git-svn-id: file:///home/svn/framework3/trunk@14047 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-24 16:38:02 +00:00 |
Wei Chen
|
c0d362bd83
|
Fix tabs, and the correct the bottom comment
git-svn-id: file:///home/svn/framework3/trunk@14041 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-24 01:39:11 +00:00 |
Wei Chen
|
a8d62ae01a
|
Add feature #5592 (Cytel Studio)
git-svn-id: file:///home/svn/framework3/trunk@14040 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-24 01:37:32 +00:00 |
Joshua Drake
|
7bfa29ace4
|
clean up exploit HTML print_status
git-svn-id: file:///home/svn/framework3/trunk@14036 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-23 14:21:57 +00:00 |
Joshua Drake
|
62c8c6ea9f
|
big msftidy pass, ping me if there are issues
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-23 11:56:13 +00:00 |
Steve Tornio
|
27cba3d7ec
|
add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@14020 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-21 11:50:59 +00:00 |
Wei Chen
|
06aa776a77
|
Bleh, fix BID reference
git-svn-id: file:///home/svn/framework3/trunk@14016 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-20 17:40:21 +00:00 |
Wei Chen
|
e5f7bfceaf
|
Add HP Power Manager module by ipax, thx!
git-svn-id: file:///home/svn/framework3/trunk@14015 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-20 17:29:48 +00:00 |
David Rude
|
091b9779e2
|
Add commas
git-svn-id: file:///home/svn/framework3/trunk@14007 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-19 20:41:09 +00:00 |
David Rude
|
521aec205b
|
Return on error
git-svn-id: file:///home/svn/framework3/trunk@14006 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-19 19:55:04 +00:00 |
Wei Chen
|
0f1ba8dcf1
|
Change user agent check
git-svn-id: file:///home/svn/framework3/trunk@13993 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-18 15:48:03 +00:00 |
HD Moore
|
5916a4afe3
|
Cosmetic
git-svn-id: file:///home/svn/framework3/trunk@13991 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-18 09:56:33 +00:00 |
HD Moore
|
f2469fc23f
|
Drop phpi to normal ranking, it eats too much time
git-svn-id: file:///home/svn/framework3/trunk@13990 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-18 09:10:45 +00:00 |
HD Moore
|
e4290e40c4
|
Fix the check to not report empty user/pass
git-svn-id: file:///home/svn/framework3/trunk@13989 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-18 09:10:00 +00:00 |
Wei Chen
|
8e4f4a2672
|
Add CVE-2011-1774 (Safari libxslt arbitrary file creation)
git-svn-id: file:///home/svn/framework3/trunk@13987 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-18 07:39:50 +00:00 |
Wei Chen
|
fbbec1fa92
|
This exploit falls between NormalRanking to GoodRanking. I'll class it as Normal for now.
git-svn-id: file:///home/svn/framework3/trunk@13984 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-18 03:48:10 +00:00 |
Wei Chen
|
975cc52bac
|
Fix spelling errors
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-18 00:54:05 +00:00 |
Wei Chen
|
d204f4027b
|
Catch nil first before do .empty?
git-svn-id: file:///home/svn/framework3/trunk@13978 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-17 15:59:57 +00:00 |
Wei Chen
|
7dbf2e3fcd
|
Apply fix by David, thx!
git-svn-id: file:///home/svn/framework3/trunk@13975 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-17 15:08:39 +00:00 |
Wei Chen
|
0304702b14
|
Mention where the getpc code is from, request by corelanc0d3r
git-svn-id: file:///home/svn/framework3/trunk@13974 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-17 14:56:44 +00:00 |
Tod Beardsley
|
c336d063da
|
Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip.
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-17 04:20:53 +00:00 |
Tod Beardsley
|
94eb3ac14c
|
Deleting a puts statement.
git-svn-id: file:///home/svn/framework3/trunk@13968 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-17 03:52:10 +00:00 |
Tod Beardsley
|
3c36b0c975
|
Msftidy: knocking out all those trailing spaces. Screw those guys.
git-svn-id: file:///home/svn/framework3/trunk@13967 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-17 03:49:49 +00:00 |
Tod Beardsley
|
30ac88694f
|
More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster.
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-17 02:58:53 +00:00 |
Wei Chen
|
39a4488da5
|
Patch #5740 for Firefox Array.reduceRight() exploit
git-svn-id: file:///home/svn/framework3/trunk@13958 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-16 20:28:15 +00:00 |
Wei Chen
|
e6e8164843
|
Add CVE-2011-3230 - Safari File Policy vuln
git-svn-id: file:///home/svn/framework3/trunk@13956 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-16 19:31:09 +00:00 |
Tod Beardsley
|
d059670d67
|
Fixes #5570, commits TecR0c's exploit module, after running through msftidy.rb. Thanks!
git-svn-id: file:///home/svn/framework3/trunk@13952 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-16 15:47:04 +00:00 |
HD Moore
|
594b0687c7
|
Fix CVE reference format
git-svn-id: file:///home/svn/framework3/trunk@13950 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-16 09:55:07 +00:00 |
HD Moore
|
cf8524b1b4
|
Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-16 09:53:53 +00:00 |
Tod Beardsley
|
020abd926b
|
A handful of rankings changes, also converting whitespace.
git-svn-id: file:///home/svn/framework3/trunk@13941 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-15 22:58:20 +00:00 |
Wei Chen
|
14d7db1641
|
Add disclosure dates to all the exploit modules that didn't have one
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-15 21:09:17 +00:00 |
Wei Chen
|
1a02a2199b
|
These are considered as cmd exec and do not cause crashes, therefore received an ExcellentRanking
git-svn-id: file:///home/svn/framework3/trunk@13937 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-15 20:42:20 +00:00 |
Wei Chen
|
1adb31747d
|
This module is missing a ranking. Adding one.
git-svn-id: file:///home/svn/framework3/trunk@13936 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-15 20:35:18 +00:00 |
Wei Chen
|
f2d328d969
|
cmd exec module should receive ExcellentRanking
git-svn-id: file:///home/svn/framework3/trunk@13935 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-15 20:10:53 +00:00 |
Wei Chen
|
2b746b3505
|
This module never got a ranking, adding one
git-svn-id: file:///home/svn/framework3/trunk@13934 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-15 20:07:59 +00:00 |
HD Moore
|
142ae9288b
|
Fix title
git-svn-id: file:///home/svn/framework3/trunk@13933 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-15 19:56:57 +00:00 |
Chao Mu
|
4b9346e40e
|
Switching my BSD modules to MSF_LICENSE to make life easier. Resistance is Futile! Assimilate!
git-svn-id: file:///home/svn/framework3/trunk@13925 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-14 23:29:52 +00:00 |
HD Moore
|
0ff7f17cba
|
Cosmetic module and service name fixes
git-svn-id: file:///home/svn/framework3/trunk@13917 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-14 00:52:15 +00:00 |
Wei Chen
|
4f4c0bc0be
|
Add CVE-2011-2371 Firefox Array.reduceRight() vuln
git-svn-id: file:///home/svn/framework3/trunk@13909 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-13 03:16:15 +00:00 |
Wei Chen
|
90a426cec6
|
Add PcVue 10 LoadObject/SaveObject vuln (Feature #5647)
git-svn-id: file:///home/svn/framework3/trunk@13889 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-12 10:57:31 +00:00 |
James Lee
|
6578874439
|
don't bother escaping a tick
git-svn-id: file:///home/svn/framework3/trunk@13887 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-12 01:45:10 +00:00 |
Wei Chen
|
c1b1917dce
|
Change correct name for Lincoln. Also, this is feature #5646
git-svn-id: file:///home/svn/framework3/trunk@13868 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-11 03:30:14 +00:00 |
Wei Chen
|
e3111e0261
|
Add CVE-2008-4779
git-svn-id: file:///home/svn/framework3/trunk@13867 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-11 03:28:08 +00:00 |
Wei Chen
|
f54939cda9
|
Change target name and description. The module works on multiple systems.
git-svn-id: file:///home/svn/framework3/trunk@13853 4d416f70-5f16-0410-b530-b9f4589650da
|
2011-10-10 16:47:33 +00:00 |