infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,920 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

2612 Commits (c5ae56a1470d5dd2108d110fbdc4aabfe2d44132)

Author SHA1 Message Date
Wei Chen 7ba5a8ec4e Module is busted when it loads, restoring to the original method. Mixin should not be loaded into an exploit 
git-svn-id: file:///home/svn/framework3/trunk@14061 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 16:04:33 +00:00
Wei Chen 9cb54e37c5 Handle payloads better, also add a cleanup routine specifically for php/exec 
git-svn-id: file:///home/svn/framework3/trunk@14060 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 05:25:39 +00:00
Wei Chen 2da07d4963 Fix bug #5834 (uri being nil in print_good) 
git-svn-id: file:///home/svn/framework3/trunk@14057 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 00:40:03 +00:00
Wei Chen 3da8bb8b69 Add feature #5820 by mr_me and tecr0c 
git-svn-id: file:///home/svn/framework3/trunk@14055 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 23:22:32 +00:00
Joshua Drake 32cde1d45a don't use the pattern creator 
git-svn-id: file:///home/svn/framework3/trunk@14050 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 19:43:54 +00:00
Wei Chen fa2355a766 Damn comma 
git-svn-id: file:///home/svn/framework3/trunk@14048 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 16:42:07 +00:00
Wei Chen 68286561f5 Add #5742 
git-svn-id: file:///home/svn/framework3/trunk@14047 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 16:38:02 +00:00
Wei Chen c0d362bd83 Fix tabs, and the correct the bottom comment 
git-svn-id: file:///home/svn/framework3/trunk@14041 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 01:39:11 +00:00
Wei Chen a8d62ae01a Add feature #5592 (Cytel Studio) 
git-svn-id: file:///home/svn/framework3/trunk@14040 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-24 01:37:32 +00:00
Joshua Drake 7bfa29ace4 clean up exploit HTML print_status 
git-svn-id: file:///home/svn/framework3/trunk@14036 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-23 14:21:57 +00:00
Joshua Drake 62c8c6ea9f big msftidy pass, ping me if there are issues 
git-svn-id: file:///home/svn/framework3/trunk@14034 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-23 11:56:13 +00:00
Steve Tornio 27cba3d7ec add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@14020 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-21 11:50:59 +00:00
Wei Chen 06aa776a77 Bleh, fix BID reference 
git-svn-id: file:///home/svn/framework3/trunk@14016 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-20 17:40:21 +00:00
Wei Chen e5f7bfceaf Add HP Power Manager module by ipax, thx! 
git-svn-id: file:///home/svn/framework3/trunk@14015 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-20 17:29:48 +00:00
David Rude 091b9779e2 Add commas 
git-svn-id: file:///home/svn/framework3/trunk@14007 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-19 20:41:09 +00:00
David Rude 521aec205b Return on error 
git-svn-id: file:///home/svn/framework3/trunk@14006 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-19 19:55:04 +00:00
Wei Chen 0f1ba8dcf1 Change user agent check 
git-svn-id: file:///home/svn/framework3/trunk@13993 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 15:48:03 +00:00
HD Moore 5916a4afe3 Cosmetic 
git-svn-id: file:///home/svn/framework3/trunk@13991 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 09:56:33 +00:00
HD Moore f2469fc23f Drop phpi to normal ranking, it eats too much time 
git-svn-id: file:///home/svn/framework3/trunk@13990 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 09:10:45 +00:00
HD Moore e4290e40c4 Fix the check to not report empty user/pass 
git-svn-id: file:///home/svn/framework3/trunk@13989 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 09:10:00 +00:00
Wei Chen 8e4f4a2672 Add CVE-2011-1774 (Safari libxslt arbitrary file creation) 
git-svn-id: file:///home/svn/framework3/trunk@13987 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 07:39:50 +00:00
Wei Chen fbbec1fa92 This exploit falls between NormalRanking to GoodRanking. I'll class it as Normal for now. 
git-svn-id: file:///home/svn/framework3/trunk@13984 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 03:48:10 +00:00
Wei Chen 975cc52bac Fix spelling errors 
git-svn-id: file:///home/svn/framework3/trunk@13983 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-18 00:54:05 +00:00
Wei Chen d204f4027b Catch nil first before do .empty? 
git-svn-id: file:///home/svn/framework3/trunk@13978 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 15:59:57 +00:00
Wei Chen 7dbf2e3fcd Apply fix by David, thx! 
git-svn-id: file:///home/svn/framework3/trunk@13975 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 15:08:39 +00:00
Wei Chen 0304702b14 Mention where the getpc code is from, request by corelanc0d3r 
git-svn-id: file:///home/svn/framework3/trunk@13974 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 14:56:44 +00:00
Tod Beardsley c336d063da Mostly file format (unix linefeeds) and File.open() calls using binary. Fixed ranking for mozilla_nstreerange and disclosure and BID # for tugzip. 
git-svn-id: file:///home/svn/framework3/trunk@13971 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 04:20:53 +00:00
Tod Beardsley 94eb3ac14c Deleting a puts statement. 
git-svn-id: file:///home/svn/framework3/trunk@13968 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 03:52:10 +00:00
Tod Beardsley 3c36b0c975 Msftidy: knocking out all those trailing spaces. Screw those guys. 
git-svn-id: file:///home/svn/framework3/trunk@13967 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 03:49:49 +00:00
Tod Beardsley 30ac88694f More msftidy fixes. Now I'm going to get a little more surgical to get this to move faster. 
git-svn-id: file:///home/svn/framework3/trunk@13963 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-17 02:58:53 +00:00
Wei Chen 39a4488da5 Patch #5740 for Firefox Array.reduceRight() exploit 
git-svn-id: file:///home/svn/framework3/trunk@13958 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 20:28:15 +00:00
Wei Chen e6e8164843 Add CVE-2011-3230 - Safari File Policy vuln 
git-svn-id: file:///home/svn/framework3/trunk@13956 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 19:31:09 +00:00
Tod Beardsley d059670d67 Fixes #5570, commits TecR0c's exploit module, after running through msftidy.rb. Thanks! 
git-svn-id: file:///home/svn/framework3/trunk@13952 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 15:47:04 +00:00
HD Moore 594b0687c7 Fix CVE reference format 
git-svn-id: file:///home/svn/framework3/trunk@13950 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 09:55:07 +00:00
HD Moore cf8524b1b4 Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types 
git-svn-id: file:///home/svn/framework3/trunk@13949 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-16 09:53:53 +00:00
Tod Beardsley 020abd926b A handful of rankings changes, also converting whitespace. 
git-svn-id: file:///home/svn/framework3/trunk@13941 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 22:58:20 +00:00
Wei Chen 14d7db1641 Add disclosure dates to all the exploit modules that didn't have one 
git-svn-id: file:///home/svn/framework3/trunk@13938 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 21:09:17 +00:00
Wei Chen 1a02a2199b These are considered as cmd exec and do not cause crashes, therefore received an ExcellentRanking 
git-svn-id: file:///home/svn/framework3/trunk@13937 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 20:42:20 +00:00
Wei Chen 1adb31747d This module is missing a ranking. Adding one. 
git-svn-id: file:///home/svn/framework3/trunk@13936 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 20:35:18 +00:00
Wei Chen f2d328d969 cmd exec module should receive ExcellentRanking 
git-svn-id: file:///home/svn/framework3/trunk@13935 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 20:10:53 +00:00
Wei Chen 2b746b3505 This module never got a ranking, adding one 
git-svn-id: file:///home/svn/framework3/trunk@13934 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 20:07:59 +00:00
HD Moore 142ae9288b Fix title 
git-svn-id: file:///home/svn/framework3/trunk@13933 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-15 19:56:57 +00:00
Chao Mu 4b9346e40e Switching my BSD modules to MSF_LICENSE to make life easier. Resistance is Futile! Assimilate! 
git-svn-id: file:///home/svn/framework3/trunk@13925 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-14 23:29:52 +00:00
HD Moore 0ff7f17cba Cosmetic module and service name fixes 
git-svn-id: file:///home/svn/framework3/trunk@13917 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-14 00:52:15 +00:00
Wei Chen 4f4c0bc0be Add CVE-2011-2371 Firefox Array.reduceRight() vuln 
git-svn-id: file:///home/svn/framework3/trunk@13909 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-13 03:16:15 +00:00
Wei Chen 90a426cec6 Add PcVue 10 LoadObject/SaveObject vuln (Feature #5647) 
git-svn-id: file:///home/svn/framework3/trunk@13889 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 10:57:31 +00:00
James Lee 6578874439 don't bother escaping a tick 
git-svn-id: file:///home/svn/framework3/trunk@13887 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-12 01:45:10 +00:00
Wei Chen c1b1917dce Change correct name for Lincoln. Also, this is feature #5646 
git-svn-id: file:///home/svn/framework3/trunk@13868 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-11 03:30:14 +00:00
Wei Chen e3111e0261 Add CVE-2008-4779 
git-svn-id: file:///home/svn/framework3/trunk@13867 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-11 03:28:08 +00:00
Wei Chen f54939cda9 Change target name and description. The module works on multiple systems. 
git-svn-id: file:///home/svn/framework3/trunk@13853 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-10 16:47:33 +00:00
Wei Chen 8488343e46 Add CVE-2011-2595 (Feature #5645) 
git-svn-id: file:///home/svn/framework3/trunk@13852 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-10 16:11:05 +00:00
HD Moore 643223ff11 Fixes #5651 by applying patch 
git-svn-id: file:///home/svn/framework3/trunk@13850 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-10 15:40:59 +00:00
Wei Chen 756aafd7f2 Add CVE and OSVDB refs 
git-svn-id: file:///home/svn/framework3/trunk@13848 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 22:56:17 +00:00
Wei Chen 9ddfc122af Fix indentation, white spaces, add patch URL to reference 
git-svn-id: file:///home/svn/framework3/trunk@13847 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 20:39:02 +00:00
Wei Chen 262b3bbe00 Use Rex to encode payload to base64 
git-svn-id: file:///home/svn/framework3/trunk@13846 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 20:31:51 +00:00
Joshua Drake eab8a2434b fix typo in description 
git-svn-id: file:///home/svn/framework3/trunk@13845 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 19:39:15 +00:00
Tod Beardsley 921549fc3d Adding OSVDB ref that just popped up for me. 
git-svn-id: file:///home/svn/framework3/trunk@13844 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 15:49:02 +00:00
Wei Chen 98157272fd Fix indentation for exploit description 
git-svn-id: file:///home/svn/framework3/trunk@13843 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 06:12:54 +00:00
Wei Chen d1b1b26d01 Add Feature #5499 (Snortreport module) 
git-svn-id: file:///home/svn/framework3/trunk@13842 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 06:10:18 +00:00
Wei Chen 487ee5b46e Does not work against Win 7 SP0/SP1 and Windows Server 2003 SP2. Definitely not an universal target. 
git-svn-id: file:///home/svn/framework3/trunk@13841 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 05:36:42 +00:00
Wei Chen a3cc25615d Add bug #5505 (scriptftp_list module) 
git-svn-id: file:///home/svn/framework3/trunk@13839 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 04:17:03 +00:00
Tod Beardsley 3d9c94633d Adding MyBB backdoor exploit submitted by tdz. Thanks! 
git-svn-id: file:///home/svn/framework3/trunk@13838 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-09 03:22:07 +00:00
HD Moore 3d8a18cfd1 Fix tab indent 
git-svn-id: file:///home/svn/framework3/trunk@13836 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-08 18:39:23 +00:00
Joshua Drake 2e7edeff81 See #3585: Happy Third Birthday MS08-067! 
Adds an AlwaysOn DEP bypass for XP SP2 and SP3

git-svn-id: file:///home/svn/framework3/trunk@13835 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-08 07:26:37 +00:00
Wei Chen 44ac9d67e0 svn propset 
git-svn-id: file:///home/svn/framework3/trunk@13831 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-07 17:45:15 +00:00
Steve Tornio 9ec92ee603 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13830 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-07 15:37:54 +00:00
HD Moore 9862987f45 Add a new module from joernchen 
git-svn-id: file:///home/svn/framework3/trunk@13829 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-07 15:30:24 +00:00
Wei Chen 37069a252c Support POST. Feature #5571 
git-svn-id: file:///home/svn/framework3/trunk@13814 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-04 16:02:52 +00:00
Steve Tornio 93f8d73b0c add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13810 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-02 17:03:23 +00:00
Mario Ceballos 711bfa7d53 initial coverage for ca total defense sqli 
git-svn-id: file:///home/svn/framework3/trunk@13809 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-02 15:53:44 +00:00
Wei Chen 612cdc8c73 No need to check if version is 'unknown' if nothing else (other than default) is assigned to it 
git-svn-id: file:///home/svn/framework3/trunk@13799 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-27 19:12:31 +00:00
Wei Chen 2b3a277124 Found an instance that causes the win 7 target to fail. This fix corrects it. 
git-svn-id: file:///home/svn/framework3/trunk@13797 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-27 08:55:07 +00:00
Wei Chen 8bfdebeaf3 Handle the return value for send_request during the early stage 
git-svn-id: file:///home/svn/framework3/trunk@13791 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-25 19:28:15 +00:00
Matt Weeks de9e99bd3d Fix some TOCTOU confusion and database errors. 
git-svn-id: file:///home/svn/framework3/trunk@13779 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-23 15:12:19 +00:00
Wei Chen db79d21f75 Apply patch for non-default logins by jabra 
git-svn-id: file:///home/svn/framework3/trunk@13778 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-23 02:48:48 +00:00
Wei Chen ec6f290fbd Add Windows 7 target and all kinds of stuff. 
git-svn-id: file:///home/svn/framework3/trunk@13775 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-22 17:40:35 +00:00
Steve Tornio e93341f9f1 add cve and osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@13768 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-21 11:55:56 +00:00
Wei Chen 5d4f68a6f2 Fix JS 
git-svn-id: file:///home/svn/framework3/trunk@13767 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-21 03:13:45 +00:00
Wei Chen 936f3de84c This simple math would do the trick 
git-svn-id: file:///home/svn/framework3/trunk@13766 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-20 18:56:21 +00:00
Wei Chen 742edf1ad1 Add eSignal and eSignal Pro exploit 
git-svn-id: file:///home/svn/framework3/trunk@13765 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-20 17:39:53 +00:00
Joshua Drake 3318b132c8 add x90c's email address 
git-svn-id: file:///home/svn/framework3/trunk@13757 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 19:40:48 +00:00
Steve Tornio ee09c028a0 add cve and osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@13756 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-19 11:38:49 +00:00
Matt Weeks 1d2ddc55e8 Add UI for PXE attack reset. 
git-svn-id: file:///home/svn/framework3/trunk@13753 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-18 20:44:16 +00:00
James Lee f4be092ac1 include the CVE with more details that definitely applies to this bug, in addition to the ambiguous one that may or may not 
git-svn-id: file:///home/svn/framework3/trunk@13751 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-18 03:57:27 +00:00
Wei Chen bf315b09ed Add DAQFactory bof 
git-svn-id: file:///home/svn/framework3/trunk@13750 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-18 02:45:55 +00:00
Tod Beardsley 10c76f66ba Adding an extra print line to adobe_cooltype_sing that clearly displays the user-agent. 
git-svn-id: file:///home/svn/framework3/trunk@13748 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-17 20:12:51 +00:00
Jonathan Cran 064255e910 fixup the payload encoding, per joernchen's comment in the #metasploit channel. 
git-svn-id: file:///home/svn/framework3/trunk@13747 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-17 17:48:51 +00:00
Wei Chen 56025609f0 Add fix commit url to reference. Thx jduck! 
git-svn-id: file:///home/svn/framework3/trunk@13745 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-17 06:48:33 +00:00
Wei Chen 2ebef435a0 Add CVE-2011-2950 Real Player heap overflow 
git-svn-id: file:///home/svn/framework3/trunk@13738 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-16 19:22:29 +00:00
Wei Chen 6443ee024c Add Measuresoft ScadaPro exploit 
git-svn-id: file:///home/svn/framework3/trunk@13737 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-16 08:23:59 +00:00
Wei Chen 7569cad178 Correct variable use in heap spray js function 
git-svn-id: file:///home/svn/framework3/trunk@13735 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-15 22:37:13 +00:00
Wei Chen 70fa0e630b Add Windows 7 + IE 8 target. Also use a different approach to get code execution. 
git-svn-id: file:///home/svn/framework3/trunk@13734 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-15 20:51:01 +00:00
Steve Tornio de98758f2b add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13728 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-13 20:10:28 +00:00
Wei Chen 9e5d07b201 Add ScadaTEC ScadaPhone bof 
git-svn-id: file:///home/svn/framework3/trunk@13727 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-13 17:25:03 +00:00
Steve Tornio e6ce90c551 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13724 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-12 21:42:36 +00:00
Wei Chen 8b8388ed44 Add CVE-2011-3322 Procyon Core Server HMI 
git-svn-id: file:///home/svn/framework3/trunk@13721 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-12 17:54:31 +00:00
Matt Weeks acae5dcdc8 Killing puts. 
Die, puts, die!!



git-svn-id: file:///home/svn/framework3/trunk@13715 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-11 02:42:39 +00:00
Wei Chen e597891a1f Add support for DEP bypass 
git-svn-id: file:///home/svn/framework3/trunk@13711 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-09 18:15:50 +00:00
James Lee e31acef6e9 whitespace cleanup 
git-svn-id: file:///home/svn/framework3/trunk@13702 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-07 15:30:08 +00:00
Mario Ceballos 6f28911d3d added patch from joshua taylor. 
git-svn-id: file:///home/svn/framework3/trunk@13698 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-06 19:58:40 +00:00
Wei Chen 819e673b88 Mention about the RSA attack in the description, also add a reference for it 
git-svn-id: file:///home/svn/framework3/trunk@13697 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-06 17:22:00 +00:00
HD Moore 7fb4a3c571 Fix up the disablenops syntax 
git-svn-id: file:///home/svn/framework3/trunk@13694 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-05 16:27:04 +00:00
Mario Ceballos 2f2421badc initial coverage of the pnsize bug (fileformat) 
git-svn-id: file:///home/svn/framework3/trunk@13691 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-03 21:17:58 +00:00
Wei Chen 44ba7e80d5 This module still works against 2.5 (most current as of Sept 2 2011) 
git-svn-id: file:///home/svn/framework3/trunk@13688 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-03 04:52:04 +00:00
David Rude 8a070b81a2 Add the noobfuscation arg to the heaplib call 
git-svn-id: file:///home/svn/framework3/trunk@13675 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-01 09:00:20 +00:00
Wei Chen 4e92190fa8 Add additional references, correct disclosure date 
git-svn-id: file:///home/svn/framework3/trunk@13673 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-01 05:20:47 +00:00
Wei Chen 717b0eddee Add DVD X plf playlist buffer overflow 
git-svn-id: file:///home/svn/framework3/trunk@13672 4d416f70-5f16-0410-b530-b9f4589650da
 2011-09-01 05:14:21 +00:00
Wei Chen 22dc0ed551 Fix disclosure date 
git-svn-id: file:///home/svn/framework3/trunk@13670 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-31 00:15:46 +00:00
David Rude c5fe6ed503 Reset the target to allow for multiple client connections 
git-svn-id: file:///home/svn/framework3/trunk@13669 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-30 22:29:14 +00:00
David Rude 70dffd6afb Adds Citrix Gateway ActiveX Stack Based Buffer Overflow module 
git-svn-id: file:///home/svn/framework3/trunk@13666 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-30 22:22:32 +00:00
HD Moore 5fa7ddf5f4 Move this aux module out of the exploits tree 
git-svn-id: file:///home/svn/framework3/trunk@13657 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-29 15:30:13 +00:00
Matt Weeks 6853221762 Fixes #5313 by adding logging support to pivoted PXE attacks, and displaying results as the module runs. 
git-svn-id: file:///home/svn/framework3/trunk@13646 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-27 15:46:49 +00:00
Joshua Drake 496170eac1 aDjUsT tHe CaSe 
git-svn-id: file:///home/svn/framework3/trunk@13644 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-26 23:46:49 +00:00
David Rude ab11d3e3eb Fix the CVE reference 
git-svn-id: file:///home/svn/framework3/trunk@13642 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-26 15:25:27 +00:00
David Rude 76f0226ff0 Adds the RealVNC Null Authentication Bypass exploit - gj thelightcosine =) 
git-svn-id: file:///home/svn/framework3/trunk@13641 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-26 04:40:21 +00:00
Matt Weeks f9e651d382 Report to DB too. 
git-svn-id: file:///home/svn/framework3/trunk@13640 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-25 22:56:22 +00:00
Matt Weeks 23b4f4ed98 Address #5313 for locally-launched PXE attacks. 
git-svn-id: file:///home/svn/framework3/trunk@13639 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-25 22:48:33 +00:00
amaloteaux 9cfba23558 psexec: allow o upload payload in a subfolder 
git-svn-id: file:///home/svn/framework3/trunk@13638 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-25 22:30:46 +00:00
Matt Weeks 06c3dabe31 Fixes #5312 for pivoted PXE attacks. 
git-svn-id: file:///home/svn/framework3/trunk@13634 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-25 02:07:35 +00:00
HD Moore 81cb99c7ab A better fix 
git-svn-id: file:///home/svn/framework3/trunk@13605 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-21 19:26:41 +00:00
David Rude b39ed220ca remove the .strip call in banner check causes stack traces in some cases 
git-svn-id: file:///home/svn/framework3/trunk@13604 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-21 06:50:51 +00:00
David Rude b331073851 cleaned up some column width issues, added on_new_session clean up code to remove files 
git-svn-id: file:///home/svn/framework3/trunk@13599 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-20 17:47:03 +00:00
Joshua Drake 79c7fc7c70 fix up a typo 
git-svn-id: file:///home/svn/framework3/trunk@13598 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-20 05:41:59 +00:00
Wei Chen 6723c7fb3e Minor metadata format fix 
git-svn-id: file:///home/svn/framework3/trunk@13593 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-20 00:11:22 +00:00
Wei Chen 8fbd81a0f0 Add HP Easy Printer xmlsimpleaccessor exploit 
git-svn-id: file:///home/svn/framework3/trunk@13592 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 23:49:45 +00:00
Mario Ceballos aef764de08 working on moving things referenced in Feature #653. added different param for secure backup 
git-svn-id: file:///home/svn/framework3/trunk@13591 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 18:35:29 +00:00
Wei Chen fe53151324 fix tabs 
git-svn-id: file:///home/svn/framework3/trunk@13590 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 16:58:50 +00:00
Wei Chen 056adf7063 Add Win 7 target 
git-svn-id: file:///home/svn/framework3/trunk@13589 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 16:57:19 +00:00
David Rude c78ba0e4d5 hehe remove debugging put call 
git-svn-id: file:///home/svn/framework3/trunk@13586 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 05:59:32 +00:00
David Rude 63e2b759e7 require the URI option 
git-svn-id: file:///home/svn/framework3/trunk@13585 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 05:54:58 +00:00
David Rude 402ca57bb4 Adds Struts2 Remote Code Execution exploit CVE-2010-1870 
git-svn-id: file:///home/svn/framework3/trunk@13584 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-19 05:52:09 +00:00
Wei Chen 2a62ac35ac Fix bug #5267 
git-svn-id: file:///home/svn/framework3/trunk@13573 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-17 06:14:51 +00:00
Wei Chen 6c58dad979 ugh, why the extra spaces 
git-svn-id: file:///home/svn/framework3/trunk@13566 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-15 15:34:49 +00:00
Wei Chen eaa5cf6b5d Use heaplib on IE 8, allow obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13565 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-15 15:32:17 +00:00
Wei Chen 55d60a1af2 Allow JavaScript obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13556 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-13 02:28:49 +00:00
Wei Chen c29a4d5ea3 Specify UUID offset for the custom .Net binary 
git-svn-id: file:///home/svn/framework3/trunk@13555 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-13 02:15:05 +00:00
Wei Chen f8bf910fbb missing var 
git-svn-id: file:///home/svn/framework3/trunk@13554 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-13 02:05:08 +00:00
Wei Chen 8bf7a9990b Improve javascript obfuscation, and allow it as an option 
git-svn-id: file:///home/svn/framework3/trunk@13553 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-12 23:03:11 +00:00
Wei Chen 20f4280d9f Exploit is much more reliable than before, it gets a promotion 
git-svn-id: file:///home/svn/framework3/trunk@13549 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-12 19:17:23 +00:00
Wei Chen bfc59e4c62 Add MS10-026 exploit 
git-svn-id: file:///home/svn/framework3/trunk@13547 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-12 19:04:25 +00:00
Wei Chen 3b04e7bd9e Add routine to check target before exploiting it 
git-svn-id: file:///home/svn/framework3/trunk@13535 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 23:05:45 +00:00
Wei Chen 0d9908435a Allow JavaScript obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13533 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 22:18:25 +00:00
Wei Chen 456aeeb90b Allow JavaScript obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13530 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 18:47:21 +00:00
Wei Chen 4ac431948a Allow JavaScript obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13524 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 15:50:43 +00:00
Wei Chen a1526e86b8 Use heaplib to spray, and use obfuscation as an option 
git-svn-id: file:///home/svn/framework3/trunk@13523 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 15:25:14 +00:00
Steve Tornio a6a444930e add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13522 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 11:17:30 +00:00
Wei Chen 950a4215a0 Fix a problem where resp.index() might return nil 
git-svn-id: file:///home/svn/framework3/trunk@13521 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 09:03:19 +00:00
Wei Chen 6a89cf5859 Add TeeChart Professional ActiveX exploit 
git-svn-id: file:///home/svn/framework3/trunk@13520 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 08:41:30 +00:00
Matt Weeks dad6103944 Fix documentation to match change; will only affect windows. 
git-svn-id: file:///home/svn/framework3/trunk@13519 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 03:05:58 +00:00
Matt Weeks f12742a05f Better cleanup for PXE attacks. 
git-svn-id: file:///home/svn/framework3/trunk@13518 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-11 02:57:02 +00:00
Wei Chen 58198f37ba Fix reference link 
git-svn-id: file:///home/svn/framework3/trunk@13513 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-10 18:58:20 +00:00
Wei Chen 8dc4228ee0 Fix very minor typo 
git-svn-id: file:///home/svn/framework3/trunk@13508 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-10 17:05:49 +00:00
Wei Chen 3b1769d621 Add Mozilla Firefox 3.6.16 mChannel Use After Free exploit by Rh0 
git-svn-id: file:///home/svn/framework3/trunk@13507 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-10 05:58:02 +00:00
Steve Tornio 28177fd255 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13505 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-10 02:54:56 +00:00
Matt Weeks b2733c04db More PXE dust for extra magic! 
git-svn-id: file:///home/svn/framework3/trunk@13493 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-05 17:10:27 +00:00
HD Moore f1afbacb2a Cron'd 
git-svn-id: file:///home/svn/framework3/trunk@13485 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-04 17:36:01 +00:00
Wei Chen a0168d59a8 Minor fix to comply with the 100 columns per line guideline 
git-svn-id: file:///home/svn/framework3/trunk@13467 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-01 21:20:29 +00:00
David Rude bee7fba3c8 Small typo fix and some minor formatting 
git-svn-id: file:///home/svn/framework3/trunk@13466 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-01 19:34:01 +00:00
David Rude 118ca372b3 adding CA Arcserve D2D GWT Credential Information Disclosure module 
git-svn-id: file:///home/svn/framework3/trunk@13465 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-01 14:40:52 +00:00
HD Moore 1fb64f099d Typo 
git-svn-id: file:///home/svn/framework3/trunk@13427 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-30 18:23:52 +00:00
James Lee d58d061735 complain if the given applet name is not formatted correctly, fixes #5082 
git-svn-id: file:///home/svn/framework3/trunk@13389 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-28 17:46:36 +00:00
Tod Beardsley df52bfaa4f Ensure that we check for pcaprub before doing much anything else for those modules that actually require it. In some cases, that means moving open_pcap() up to be the first method call, in others, insert check_pcaprub_loaded first. Also removes a few cases of redundant checking (the Capture mixin does all this already anyway). 
git-svn-id: file:///home/svn/framework3/trunk@13381 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-27 20:21:47 +00:00
Tod Beardsley b22ca615c7 Fixes #5038, missed a couple mentions of Racket. Excised now for sure. 
git-svn-id: file:///home/svn/framework3/trunk@13371 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-27 17:44:36 +00:00
Tod Beardsley c54e18d757 Fixes #5038. Removes all instances of Racket objects, as far as I can tell. If I missed any through my mighty grep -ril racket . statement, please reopen! 
git-svn-id: file:///home/svn/framework3/trunk@13342 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-26 01:29:21 +00:00
Wei Chen 6fc59d5287 Fill in BID reference 
git-svn-id: file:///home/svn/framework3/trunk@13330 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-24 19:42:40 +00:00
Wei Chen 6bf90f884e Fix debug mode and some extra tabs in JS 
git-svn-id: file:///home/svn/framework3/trunk@13325 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-24 00:22:29 +00:00
Wei Chen f47a2c7565 Format dictatorship round 2: Fix author e-mail format for all exploit modules 
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-22 20:17:58 +00:00
Wei Chen 25c89c2e7a Put the short jmp in there 
git-svn-id: file:///home/svn/framework3/trunk@13224 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-19 15:07:00 +00:00
HD Moore 7dbb56b38b No longer default a target for XP systems; some obscure builds of XP Embedded SP1 have a different offset and not good way to differentiate 
git-svn-id: file:///home/svn/framework3/trunk@13214 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-19 01:40:26 +00:00
Wei Chen 3ca9b51984 oops, a little mistake in the description 
git-svn-id: file:///home/svn/framework3/trunk@13212 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-18 20:46:08 +00:00
Wei Chen 821e9dd68b Updated metadata, merged code with #4923. Thx Joff. 
git-svn-id: file:///home/svn/framework3/trunk@13211 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-18 20:39:27 +00:00
HD Moore 764bb36f44 Wait a little longer for a session (5 seconds) 
git-svn-id: file:///home/svn/framework3/trunk@13208 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-18 16:05:51 +00:00
HD Moore 8887fe86b8 Either the offset or the env page moves around for this exploit on some non-english systems, do not default the target for 2003 SP0 
git-svn-id: file:///home/svn/framework3/trunk@13206 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-18 14:59:55 +00:00
Wei Chen d13654740a Update some jboss modules' metadata associated with CVE-2010-0738 
git-svn-id: file:///home/svn/framework3/trunk@13204 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-18 05:18:25 +00:00
Wei Chen 2eeffc39fc Add Iconics GENESIS32 GenBroker exploit by lincoln and corelanc0d3r 
git-svn-id: file:///home/svn/framework3/trunk@13197 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-17 15:01:46 +00:00
Wei Chen 681563adc9 Fix that extra tab in the description 
git-svn-id: file:///home/svn/framework3/trunk@13194 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-16 05:21:20 +00:00
Wei Chen 2e93ba06ba Add HP NNM ToolBar.exe exploit aganist the OvOSLocale cookie parameter 
git-svn-id: file:///home/svn/framework3/trunk@13193 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-16 05:14:33 +00:00
Wei Chen 86b40e894b Make room for another exploit against ToolBar.exe 
git-svn-id: file:///home/svn/framework3/trunk@13192 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-16 04:45:21 +00:00
James Lee 1d25a6d7d1 add an exploit for java's rmid and rmiregistry code-execution-by-design and supporting source. fixes #4378, thanks mihi! 
git-svn-id: file:///home/svn/framework3/trunk@13185 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-15 20:42:31 +00:00
Matt Weeks 1162aafa1e p function causes problems with rpc. 
git-svn-id: file:///home/svn/framework3/trunk@13184 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-15 18:45:05 +00:00
James Lee c412a836ed add VERBOSE option to all modules and vprint_* methods to use it 
git-svn-id: file:///home/svn/framework3/trunk@13183 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-15 15:33:35 +00:00
Steve Tornio 9278b0a5f5 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13152 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-11 06:59:00 +00:00
Wei Chen 94aea207d3 Remove extra tabs and spaces 
git-svn-id: file:///home/svn/framework3/trunk@13148 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 21:10:45 +00:00
Wei Chen 9892eb39eb Syntax fix 
git-svn-id: file:///home/svn/framework3/trunk@13147 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 20:50:52 +00:00
Wei Chen 32a7eb0000 svn propset 
git-svn-id: file:///home/svn/framework3/trunk@13146 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 19:19:00 +00:00
David Rude 7958516549 Adds Xeros Firefox nstreerange exploit 
git-svn-id: file:///home/svn/framework3/trunk@13143 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 17:12:53 +00:00
Wei Chen 5b69b52ec4 "InitialAutoRunScript" is more like it 
git-svn-id: file:///home/svn/framework3/trunk@13142 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 07:28:12 +00:00
Wei Chen 6448daf571 MS10-018, y u no InitialAutoRunScript 
git-svn-id: file:///home/svn/framework3/trunk@13141 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-10 07:02:38 +00:00
Wei Chen 15f82402af I changed my mind. The ATTEMPTS options is required. 
git-svn-id: file:///home/svn/framework3/trunk@13137 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-09 04:10:52 +00:00
Wei Chen 1246fd5731 Added Blue Coat Authentication Authorization Agent exploit 
git-svn-id: file:///home/svn/framework3/trunk@13134 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-09 01:40:29 +00:00
Steve Tornio 94640b6bc4 add osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@13115 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-07 11:54:54 +00:00
Wei Chen 47e6c4a89f Added #4870 - MicroP .mppl buffer overflow exploit 
git-svn-id: file:///home/svn/framework3/trunk@13114 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-07 06:29:37 +00:00
HD Moore 78f2525fdc Fixes #4879 by adding a new target from bperry 
git-svn-id: file:///home/svn/framework3/trunk@13110 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-07 03:33:04 +00:00
Wei Chen 1058948419 Updated ROP, no more hardcoded ntdll addresses 
git-svn-id: file:///home/svn/framework3/trunk@13106 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-06 07:22:24 +00:00
Wei Chen 7589f8d2f1 Updated target name that works against multiple systems (thx corelanc0d3r) 
git-svn-id: file:///home/svn/framework3/trunk@13105 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-06 01:59:24 +00:00
HD Moore ab4961bfa9 Timeline 
git-svn-id: file:///home/svn/framework3/trunk@13099 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-05 05:20:47 +00:00
HD Moore e678bb0a8e Update the description to match the latest information 
git-svn-id: file:///home/svn/framework3/trunk@13098 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-05 05:11:00 +00:00
HD Moore c82063d708 Update based on feedback from mc, indicating this backdoor was in place since February 15th 2011 and likely even earlier 
git-svn-id: file:///home/svn/framework3/trunk@13097 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-05 01:49:05 +00:00
Wei Chen 1e4dfaf6de Change author name for dookie 
git-svn-id: file:///home/svn/framework3/trunk@13096 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-04 22:33:47 +00:00
HD Moore 5482a59910 Exit cleanly if the shell as not valid 
git-svn-id: file:///home/svn/framework3/trunk@13095 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-04 21:18:44 +00:00
HD Moore bd12c8c6a9 Fix a couple small typos 
git-svn-id: file:///home/svn/framework3/trunk@13094 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-04 21:10:30 +00:00
HD Moore e6968c202a A couple bug fixes to enable cmd_interact and a new module for the VSFTPD backdoor 
git-svn-id: file:///home/svn/framework3/trunk@13093 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-04 20:09:32 +00:00
Wei Chen 2f6b89516a Added HP Data Protector omniinet buffer overflow with opcode 20 
git-svn-id: file:///home/svn/framework3/trunk@13092 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-04 17:02:40 +00:00
HD Moore db6b8c3545 Probably time to fess up :) 
git-svn-id: file:///home/svn/framework3/trunk@13088 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-02 01:09:46 +00:00
Wei Chen dbd04d754a Change to a better P/P/R, tested on 4 different machines. Thx fdiskyou. 
git-svn-id: file:///home/svn/framework3/trunk@13081 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-01 22:26:12 +00:00
Mario Ceballos b6e1c6a967 add exploit module hp_omniinet_3.rb 
git-svn-id: file:///home/svn/framework3/trunk@13080 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-01 17:07:38 +00:00
Wei Chen fc33b1d20e '\x00' isn't the same as "\x00" 
git-svn-id: file:///home/svn/framework3/trunk@13051 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-28 19:45:51 +00:00
Wei Chen 73dc5c605b Change ranking. Because looks like it works better than "average" 
git-svn-id: file:///home/svn/framework3/trunk@13042 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-27 18:00:12 +00:00
Wei Chen e6995b4912 Added ZDI-11-023 Citrix Provisioning Services bof exploit (Feature #4798) 
git-svn-id: file:///home/svn/framework3/trunk@13041 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-27 17:54:18 +00:00
Wei Chen 1b25cf3c43 Using SEH instead of egghunter. Verified again on Win2k3. thx to MC. 
git-svn-id: file:///home/svn/framework3/trunk@13036 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 19:28:14 +00:00
Joshua Drake bf20ace73e totally noobd out on that one, thx 
git-svn-id: file:///home/svn/framework3/trunk@13035 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 18:09:21 +00:00
Wei Chen 6325515ca7 Minor name change 
git-svn-id: file:///home/svn/framework3/trunk@13034 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 16:09:53 +00:00
Wei Chen 07f415f4e0 Forgot to switch back to random paddings 
git-svn-id: file:///home/svn/framework3/trunk@13033 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 16:06:39 +00:00
Joshua Drake a29002ee2e handle a few corner cases 
git-svn-id: file:///home/svn/framework3/trunk@13032 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 06:03:23 +00:00
Wei Chen f0e6159a35 Minor name change for the exploit 
git-svn-id: file:///home/svn/framework3/trunk@13031 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 06:01:21 +00:00
Wei Chen 13b2209f3d Added Microsoft Visio DXF File Buffer Overflow Exploit by Juan 
git-svn-id: file:///home/svn/framework3/trunk@13030 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-26 05:59:37 +00:00
Wei Chen 0cf51f8d5a Exploit name change. Also, this thing doesn't use seh. 
git-svn-id: file:///home/svn/framework3/trunk@13026 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-25 14:25:45 +00:00
Steve Tornio 27eb48f650 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13025 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-25 11:27:55 +00:00
Wei Chen f16f850fc6 Added Siemens FactoryLink 8 csservice.exe (port 7580) 
git-svn-id: file:///home/svn/framework3/trunk@13019 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-25 00:54:18 +00:00
David Rude 37b7345fea Adds Ranking and Fileformat version of the Lotus Notes LZH Exploit 
git-svn-id: file:///home/svn/framework3/trunk@13015 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-23 15:43:54 +00:00
Steve Tornio 59943cb367 add osvdb and cve refs 
git-svn-id: file:///home/svn/framework3/trunk@13014 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-23 12:05:09 +00:00
David Rude 7b5860d0ab Fix a bug if the RHOST length is 15 or longer 
git-svn-id: file:///home/svn/framework3/trunk@13013 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-23 09:58:50 +00:00
David Rude df8bf68722 Adds Lotus Notes .lzh Autonomy Keyview Exploit 
git-svn-id: file:///home/svn/framework3/trunk@13012 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-23 09:51:16 +00:00
Wei Chen 1223275330 Change ranking for now until we have a better solution for SP3 
git-svn-id: file:///home/svn/framework3/trunk@13009 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-23 01:04:29 +00:00
Wei Chen bd62c13fb0 Added RealWin SCADA Server DATAC Login Buffer Overflow (Feature #4787)) 
git-svn-id: file:///home/svn/framework3/trunk@13007 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-22 22:36:55 +00:00
James Lee 57cf0b04a7 stack overflow != stack buffer overflow 
git-svn-id: file:///home/svn/framework3/trunk@13001 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 23:27:16 +00:00
Steve Tornio 465bc8ce88 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@13000 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 22:42:53 +00:00
Mario Ceballos a5a1f1587f add another scada module. winlog_runtime.rb 
git-svn-id: file:///home/svn/framework3/trunk@12999 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 21:48:30 +00:00
Wei Chen 0400a72ab0 RCA, description update, and some text randomness 
git-svn-id: file:///home/svn/framework3/trunk@12998 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 21:08:57 +00:00
Joshua Drake 69963a45ab Fixes #4752 - Auto-detect the windows directory and use it for subsequent requests 
git-svn-id: file:///home/svn/framework3/trunk@12997 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 18:55:28 +00:00
Steve Tornio 03464a168e add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@12996 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 18:02:35 +00:00
David Rude d796f523a6 Adds FactorLink vrn.exe exploit from hal 
git-svn-id: file:///home/svn/framework3/trunk@12995 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 13:20:18 +00:00
Wei Chen fdbc038bd0 Add BlackIce Cover Page ActiveX downloadimagefileurl exploit 
git-svn-id: file:///home/svn/framework3/trunk@12992 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-21 02:51:39 +00:00
Steve Tornio 8ee3bf7f54 add cve, osvdb and bugtraq id. 
git-svn-id: file:///home/svn/framework3/trunk@12978 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-20 11:07:22 +00:00
HD Moore 3831e49455 See #4506 for Macro handling 
git-svn-id: file:///home/svn/framework3/trunk@12977 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-20 07:23:16 +00:00
Wei Chen 0b30256203 Add licensing 
git-svn-id: file:///home/svn/framework3/trunk@12975 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-20 04:01:47 +00:00
Wei Chen eff703b3ad Add SCADA Realwin On_FC_CONNECT_FCS_a_FILE buffer overflow 
git-svn-id: file:///home/svn/framework3/trunk@12974 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-20 00:37:13 +00:00
Steve Tornio 650762517f update CVE and OSVDB to match what the author said 
git-svn-id: file:///home/svn/framework3/trunk@12964 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-17 17:35:57 +00:00
Steve Tornio 7c47b48f5b add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@12962 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-17 01:56:20 +00:00
Wei Chen 23cc89482b CVE correction, thanks Kurt. 
git-svn-id: file:///home/svn/framework3/trunk@12961 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-17 00:56:11 +00:00
Wei Chen eae350b88b CVE-2011-1260 seems to be the right one 
git-svn-id: file:///home/svn/framework3/trunk@12959 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-16 22:27:10 +00:00
James Lee 8e5311cb61 File.read is not binary safe. replace it with File.open in a few places where it matters. 
git-svn-id: file:///home/svn/framework3/trunk@12957 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-16 22:02:00 +00:00
Wei Chen 0a04835138 Added MS11-050 by d0c_s4vage 
git-svn-id: file:///home/svn/framework3/trunk@12956 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-16 21:19:12 +00:00
James Lee ea5dc1c85c use the right uri for our jar when other webserver modules are running 
git-svn-id: file:///home/svn/framework3/trunk@12944 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-14 23:57:10 +00:00
HD Moore d11e1f3294 Make all keywords consistent for modules. 
git-svn-id: file:///home/svn/framework3/trunk@12936 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-13 03:38:31 +00:00
HD Moore eea05fcaaa Correct the parent class name 
git-svn-id: file:///home/svn/framework3/trunk@12930 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-12 19:31:38 +00:00
HD Moore 7f3e2d182d Fix Axis2 to inherit from the correct class, prevent a stack trace when a non-Remote exploit has the cleanup method called. 
git-svn-id: file:///home/svn/framework3/trunk@12928 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-12 18:32:27 +00:00
David Rude 04d280fdd0 minor fixes 
git-svn-id: file:///home/svn/framework3/trunk@12925 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-12 00:04:55 +00:00
David Rude ee7454c5e6 Added IBM Tivoli Endpoint Manager HTTP POST query buffer overflow exploit 
git-svn-id: file:///home/svn/framework3/trunk@12922 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-11 23:48:18 +00:00
Steve Tornio 579d823070 add osvdb and cve refs 
git-svn-id: file:///home/svn/framework3/trunk@12893 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-09 20:44:52 +00:00