Commit Graph

1019 Commits (c76389629abd913edb6886af404cd442d9591d20)

Author SHA1 Message Date
wchen-r7 7259d2a65c Use unless instead of if ! 2016-01-05 13:05:01 -06:00
Brendan Coles 7907c93047 Add D-Link DCS-931L File Upload module 2016-01-05 04:15:38 +00:00
Jon Hart 27a6aa0be1
Fix current msftidy warnings about PACKETSTORM vs URL 2015-12-24 09:05:02 -08:00
Jon Hart efdb6a8885
Land #6392, @wchen-r7's 'def peer' cleanup, fixing #6362 2015-12-24 08:53:32 -08:00
Brent Cook e4f9594646
Land #6331, ensure generic payloads raise correct exceptions on failure 2015-12-23 15:43:12 -06:00
wchen-r7 cea3bc27b9 Fix #6362, avoid overriding def peer repeatedly
def peer is a method that gets repeated a lot in modules, so we
should have it in the tcp mixin. This commit also clears a few
modules that use the HttpClient mixin with def peer.
2015-12-23 11:44:55 -06:00
wchen-r7 ab3fe64b6e Add method peer for jenkins_java_deserialize.rb 2015-12-15 01:18:27 -06:00
wchen-r7 bd8aea2618 Fix check for jenkins_java_deserialize.rb
This fixes the following:

* nil return value checks
* handle missing X-Jenkins-CLI-Port scenario more properly
* proper HTTP path normalization
2015-12-14 11:25:59 -06:00
dmohanty-r7 eb4611642d Add Jenkins CLI Java serialization exploit module
CVE-2015-8103
2015-12-11 14:57:10 -06:00
karllll a5c6e260f2 Update hp_vsa_login_bof.rb
Updated reference URL to latest location
2015-12-10 10:56:39 -05:00
wchen-r7 11c1eb6c78 Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails
Most exploits don't check nil for generate_payload_exe, they just
assume they will always have a payload. If the method returns nil,
it ends up making debugging more difficult. Instead of checking nil
one by one, we just raise.
2015-12-08 21:13:23 -06:00
James Lee 385378f338 Add reference to Rapid7 advisory 2015-12-01 11:37:27 -06:00
HD Moore 9dbf7cb86c Remove the SSL option (not needed) 2015-12-01 11:34:03 -06:00
HD Moore 758e7c7b58 Rename 2015-12-01 11:33:45 -06:00
HD Moore ea2174fc95 Typo and switch from raw -> encoded 2015-12-01 10:59:12 -06:00
HD Moore 16d0d53150 Update Shellshock modules, add Advantech coverage 2015-12-01 10:40:46 -06:00
Jon Hart 8d1f5849e0
Land #6228, @m0t's module for F5 CVE-2015-3628 2015-11-18 15:39:40 -08:00
Jon Hart ae3d65f649
Better handling of handler creation output 2015-11-18 15:31:32 -08:00
Jon Hart bcdf2ce1e3
Better handling of invulnerable case; fix 401 case 2015-11-18 15:24:41 -08:00
Jon Hart deec836828
scripts/handlers cannot start with numbers 2015-11-18 12:31:46 -08:00
Jon Hart 7399b57e66
Elminate multiple sessions, better sleep handling for session waiting 2015-11-18 12:23:28 -08:00
Jon Hart e4bf5c66fc
Use slightly larger random script/handler names to avoid conflicts 2015-11-18 11:51:44 -08:00
Jon Hart e7307d1592
Make cleanup failure messages more clear 2015-11-18 11:44:34 -08:00
Jon Hart 0e3508df30 Squash minor rubocop gripes 2015-11-18 11:05:10 -08:00
Jon Hart f8218f0536 Minor updates to print_ output; wire in handler_exists; 2015-11-18 11:05:10 -08:00
Jon Hart 392803daed Tighten up cleanup code 2015-11-18 11:05:10 -08:00
m0t c0d9c65ce7 always overwrite the payload file 2015-11-18 18:48:34 +00:00
Jon Hart e21bf80ae4
Squash a rogue space 2015-11-17 14:17:59 -08:00
Jon Hart 3396fb144f
A little more simplification/cleanup 2015-11-17 14:16:29 -08:00
Jon Hart dcfb3b5fbc
Let Filedropper handle removal 2015-11-17 13:01:06 -08:00
Jon Hart 715f20c92c
Add missing super in setup 2015-11-16 14:45:13 -08:00
Jon Hart 902951c0ca
Clean up description; Simplify SOAP code more 2015-11-16 11:06:45 -08:00
Jon Hart 1aa1d7b5e4
Use random path for payload 2015-11-16 10:57:48 -08:00
Jon Hart ee5d91faab
Better logging when exploit gets 401 2015-11-16 10:41:48 -08:00
Jon Hart c4ffd7ae36
When sending SOAP requests, print out proto/status/message when fail 2015-11-16 10:38:40 -08:00
Jon Hart e58e17450a
Simplify XML building 2015-11-13 11:36:56 -08:00
Jon Hart ecbd453301
Second pass at style cleanup. Conforms now 2015-11-13 11:24:11 -08:00
Jon Hart 85e5b0abe9
Initial style cleanup 2015-11-13 10:42:26 -08:00
m0t eae2d6c89d F5 module 2015-11-12 09:51:09 +00:00
HD Moore f86f427d54 Move Compat into Payload so that is actually used 2015-11-09 16:06:05 -06:00
m0t 66ed66cc81 Merge pull request #1 from m0t/changes
F5 BIG-IP iCall privilege escalation vulnerability (CVE-2015-3628)
2015-11-09 16:11:29 +00:00
m0t daa999fb1c f5 module 2015-11-09 16:02:32 +00:00
m0t d4d4e3ddb0 f5 module 2015-11-09 13:41:59 +00:00
m0t 893c4cd52d f5 module 2015-11-09 13:10:54 +00:00
wchen-r7 154fb585f4 Remove bad references (dead links)
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
HD Moore d67b55d195 Fix autofilter values for aggressive modules 2015-10-13 15:56:18 -07:00
Tod Beardsley 185e947ce5
Spell 'D-Link' correctly 2015-10-12 17:12:01 -05:00
Tod Beardsley 336c56bb8d
Note the CAPTCHA exploit is good on 1.12. 2015-10-12 17:09:45 -05:00
jvazquez-r7 23ab702ec4
Land #5631, @blincoln682F048A's module for Endian Firewall Proxy
* Exploit CVE-2015-5082
2015-09-04 16:28:32 -05:00
jvazquez-r7 2abfcd00b1
Use snake_case 2015-09-04 16:27:09 -05:00