Commit Graph

5746 Commits (c7c1fcfa9860774c8850495d9bd09bbad9733369)

Author SHA1 Message Date
William Vu f5d1d8eace chmod -x .rb files without #! in modules and lib
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
Tod Beardsley e488a54a06
Resplat new WMI module 2013-10-30 15:14:16 -05:00
Tod Beardsley 98224ee89f
CVE update for vtiger issue 2013-10-30 13:48:35 -05:00
Tod Beardsley 344413b74d
Reorder refs for some reason. 2013-10-30 12:25:55 -05:00
Tod Beardsley 32794f9d37
Move OpenBravo to aux module land 2013-10-30 12:20:04 -05:00
Tod Beardsley 17d796296c
Un-dupe References for ispconfig 2013-10-30 12:03:35 -05:00
Tod Beardsley 0d480f3a7d
Typo fix 2013-10-30 11:38:04 -05:00
Tod Beardsley 97a4ca0752
Update references for FOSS modules 2013-10-30 11:36:16 -05:00
Tod Beardsley 78381316a2
Add @brandonprry's seven new modules
Already reviewed privately, no associated PR.
2013-10-30 11:04:21 -05:00
Tod Beardsley 5b76947767
Add a few more modules. 2013-10-30 10:25:48 -05:00
jvazquez-r7 c8ceaa25c6
Land #2589, @wvu-r7's exploit for OSVDB 98714 2013-10-29 14:56:30 -05:00
jvazquez-r7 9f81aeb4ad Fix style 2013-10-29 14:55:16 -05:00
William Vu 5af42f2c28 Add short comment on why the padding is necessary 2013-10-29 11:46:10 -05:00
William Vu e368cb0a5e Add Win7 SP1 to WinXP SP3 target 2013-10-29 10:45:14 -05:00
jvazquez-r7 c4c171d63f Clean processmaker_exec 2013-10-29 09:53:39 -05:00
bcoles 3eed800b85 Add ProcessMaker Open Source Authenticated PHP Code Execution 2013-10-29 23:27:29 +10:30
William Vu ea7bba4035 Add Beetel Connection Manager NetConfig.ini BOF 2013-10-28 22:52:02 -05:00
Tod Beardsley 9045eb06b0
Various title and description updates 2013-10-28 14:00:19 -05:00
William Vu 278dff93e7 Add missing require for Msf::Exploit::Powershell
Thanks for the report, @mubix.
2013-10-25 21:41:24 -05:00
jvazquez-r7 b69ee1fc67 [FixRM #8419] Add module platform to ms04_011_pct 2013-10-25 09:29:19 -05:00
jvazquez-r7 2ef33aabe7 Clean open_flash_chart_upload_exec 2013-10-24 10:15:28 -05:00
bcoles 8a5d4d45b4 Add Open Flash Chart v2 Arbitrary File Upload exploit 2013-10-24 22:46:41 +10:30
William Vu bea04cceeb Remove the trailing slash from the ZDI ref 2013-10-23 11:05:33 -05:00
Booboule 7d84fa487e Correct ZDI ref to match new scheme 2013-10-23 11:44:44 +02:00
sinn3r acc73dd545
Land #2282 - BypassUAC now checks if the process is LowIntegrityLevel 2013-10-22 17:16:26 -05:00
sinn3r af174639cd
Land #2468 - Hwnd Broadcast Performance 2013-10-22 17:03:02 -05:00
sinn3r 2e8c369c69
Land #2559 - remove content-length 2013-10-22 16:03:42 -05:00
Tod Beardsley dc0d9ae21d
Land #2560, ZDI references
[FixRM #8513]
2013-10-22 15:58:21 -05:00
Meatballs 8611a2a24c
Merge remote-tracking branch 'upstream/master' into low_integ_bypassuac 2013-10-22 21:42:36 +01:00
sinn3r ba1edc6fa8
Land #2402 - Windows Management Instrumentation Local -> Peers 2013-10-22 15:39:32 -05:00
jvazquez-r7 11b2719ccc Change module plate 2013-10-22 12:36:58 -05:00
jvazquez-r7 df42dfe863
Land #2536, @ddouhine's exploit for ZDI-11-061 2013-10-22 12:35:40 -05:00
jvazquez-r7 c34155b8be Clean replication_manager_exec 2013-10-22 12:34:35 -05:00
jvazquez-r7 71fab72e06 Delete duplicate content-length from axis2_deployer 2013-10-21 15:35:51 -05:00
William Vu 2aed8a3aea Update modules to use new ZDI reference 2013-10-21 15:13:46 -05:00
jvazquez-r7 10a4ff41de Delete Content-Length duplicate header 2013-10-21 15:11:37 -05:00
sinn3r 1599d1171d
Land #2558 - Release fixes 2013-10-21 13:48:11 -05:00
Tod Beardsley c1954c458c
Just warn, don't bail
Even if the OS detection returns non-Win7, maybe it's Win 8 or something
where it'll still work. We rarely bail out on checks like these.

If I'm crazy, feel free to skip or revert this commit (it shouldn't hold
up the release at all)

For details on this module, see #2503. I don't see any comments about
this line in particular
2013-10-21 13:39:45 -05:00
Tod Beardsley bce8d9a90f
Update license comments with resplat. 2013-10-21 13:36:15 -05:00
Tod Beardsley c070108da6
Release-related updates
* Lua is not an acronym
  * Adds an OSVDB ref
  * credit @jvazquez-r7, not HD, for the Windows CMD thing
2013-10-21 13:33:00 -05:00
sinn3r 4c14595525
Land #2535 - Use %PATH% for notepad 2013-10-21 13:14:44 -05:00
sinn3r 032da9be10
Land #2426 - make use of Msf::Config.data_directory 2013-10-21 13:07:33 -05:00
Tod Beardsley e7d3206dc9
Revert "Land #2505" to resolve new rspec fails
This reverts commit 717dfefead, reversing
changes made to 6430fa3354.
2013-10-21 12:47:57 -05:00
sinn3r cacaf40276
Land #2542 - D-Link DIR-605L Captcha Handling Buffer Overflow 2013-10-21 12:03:07 -05:00
sinn3r 9bfd98b001 Change plate 2013-10-21 11:54:42 -05:00
William Vu 717dfefead
Land #2505, missing source fix for sock_sendpage 2013-10-21 11:47:55 -05:00
sinn3r 6430fa3354
Land #2539 - Support Windows CMD generic payload
This also upgrades auxiliary/admin/scada/igss_exec_17 to an exploit
2013-10-21 11:26:13 -05:00
sinn3r 45d06dd28d Change plate 2013-10-21 11:24:30 -05:00
sinn3r 8c05f8cf51
Land #2550 - Add HP Intelligent Managemetn UploadServlet dir traversal 2013-10-21 11:14:22 -05:00
sinn3r d22e4ac2f1 Check timeout condition 2013-10-21 11:13:48 -05:00