William Vu
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
Tod Beardsley
e488a54a06
Resplat new WMI module
2013-10-30 15:14:16 -05:00
Tod Beardsley
98224ee89f
CVE update for vtiger issue
2013-10-30 13:48:35 -05:00
Tod Beardsley
344413b74d
Reorder refs for some reason.
2013-10-30 12:25:55 -05:00
Tod Beardsley
32794f9d37
Move OpenBravo to aux module land
2013-10-30 12:20:04 -05:00
Tod Beardsley
17d796296c
Un-dupe References for ispconfig
2013-10-30 12:03:35 -05:00
Tod Beardsley
0d480f3a7d
Typo fix
2013-10-30 11:38:04 -05:00
Tod Beardsley
97a4ca0752
Update references for FOSS modules
2013-10-30 11:36:16 -05:00
Tod Beardsley
78381316a2
Add @brandonprry's seven new modules
...
Already reviewed privately, no associated PR.
2013-10-30 11:04:21 -05:00
Tod Beardsley
5b76947767
Add a few more modules.
2013-10-30 10:25:48 -05:00
jvazquez-r7
c8ceaa25c6
Land #2589 , @wvu-r7's exploit for OSVDB 98714
2013-10-29 14:56:30 -05:00
jvazquez-r7
9f81aeb4ad
Fix style
2013-10-29 14:55:16 -05:00
William Vu
5af42f2c28
Add short comment on why the padding is necessary
2013-10-29 11:46:10 -05:00
William Vu
e368cb0a5e
Add Win7 SP1 to WinXP SP3 target
2013-10-29 10:45:14 -05:00
jvazquez-r7
c4c171d63f
Clean processmaker_exec
2013-10-29 09:53:39 -05:00
bcoles
3eed800b85
Add ProcessMaker Open Source Authenticated PHP Code Execution
2013-10-29 23:27:29 +10:30
William Vu
ea7bba4035
Add Beetel Connection Manager NetConfig.ini BOF
2013-10-28 22:52:02 -05:00
Tod Beardsley
9045eb06b0
Various title and description updates
2013-10-28 14:00:19 -05:00
William Vu
278dff93e7
Add missing require for Msf::Exploit::Powershell
...
Thanks for the report, @mubix.
2013-10-25 21:41:24 -05:00
jvazquez-r7
b69ee1fc67
[FixRM #8419 ] Add module platform to ms04_011_pct
2013-10-25 09:29:19 -05:00
jvazquez-r7
2ef33aabe7
Clean open_flash_chart_upload_exec
2013-10-24 10:15:28 -05:00
bcoles
8a5d4d45b4
Add Open Flash Chart v2 Arbitrary File Upload exploit
2013-10-24 22:46:41 +10:30
William Vu
bea04cceeb
Remove the trailing slash from the ZDI ref
2013-10-23 11:05:33 -05:00
Booboule
7d84fa487e
Correct ZDI ref to match new scheme
2013-10-23 11:44:44 +02:00
sinn3r
acc73dd545
Land #2282 - BypassUAC now checks if the process is LowIntegrityLevel
2013-10-22 17:16:26 -05:00
sinn3r
af174639cd
Land #2468 - Hwnd Broadcast Performance
2013-10-22 17:03:02 -05:00
sinn3r
2e8c369c69
Land #2559 - remove content-length
2013-10-22 16:03:42 -05:00
Tod Beardsley
dc0d9ae21d
Land #2560 , ZDI references
...
[FixRM #8513 ]
2013-10-22 15:58:21 -05:00
Meatballs
8611a2a24c
Merge remote-tracking branch 'upstream/master' into low_integ_bypassuac
2013-10-22 21:42:36 +01:00
sinn3r
ba1edc6fa8
Land #2402 - Windows Management Instrumentation Local -> Peers
2013-10-22 15:39:32 -05:00
jvazquez-r7
11b2719ccc
Change module plate
2013-10-22 12:36:58 -05:00
jvazquez-r7
df42dfe863
Land #2536 , @ddouhine's exploit for ZDI-11-061
2013-10-22 12:35:40 -05:00
jvazquez-r7
c34155b8be
Clean replication_manager_exec
2013-10-22 12:34:35 -05:00
jvazquez-r7
71fab72e06
Delete duplicate content-length from axis2_deployer
2013-10-21 15:35:51 -05:00
William Vu
2aed8a3aea
Update modules to use new ZDI reference
2013-10-21 15:13:46 -05:00
jvazquez-r7
10a4ff41de
Delete Content-Length duplicate header
2013-10-21 15:11:37 -05:00
sinn3r
1599d1171d
Land #2558 - Release fixes
2013-10-21 13:48:11 -05:00
Tod Beardsley
c1954c458c
Just warn, don't bail
...
Even if the OS detection returns non-Win7, maybe it's Win 8 or something
where it'll still work. We rarely bail out on checks like these.
If I'm crazy, feel free to skip or revert this commit (it shouldn't hold
up the release at all)
For details on this module, see #2503 . I don't see any comments about
this line in particular
2013-10-21 13:39:45 -05:00
Tod Beardsley
bce8d9a90f
Update license comments with resplat.
2013-10-21 13:36:15 -05:00
Tod Beardsley
c070108da6
Release-related updates
...
* Lua is not an acronym
* Adds an OSVDB ref
* credit @jvazquez-r7, not HD, for the Windows CMD thing
2013-10-21 13:33:00 -05:00
sinn3r
4c14595525
Land #2535 - Use %PATH% for notepad
2013-10-21 13:14:44 -05:00
sinn3r
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
Tod Beardsley
e7d3206dc9
Revert "Land #2505" to resolve new rspec fails
...
This reverts commit 717dfefead
, reversing
changes made to 6430fa3354
.
2013-10-21 12:47:57 -05:00
sinn3r
cacaf40276
Land #2542 - D-Link DIR-605L Captcha Handling Buffer Overflow
2013-10-21 12:03:07 -05:00
sinn3r
9bfd98b001
Change plate
2013-10-21 11:54:42 -05:00
William Vu
717dfefead
Land #2505 , missing source fix for sock_sendpage
2013-10-21 11:47:55 -05:00
sinn3r
6430fa3354
Land #2539 - Support Windows CMD generic payload
...
This also upgrades auxiliary/admin/scada/igss_exec_17 to an exploit
2013-10-21 11:26:13 -05:00
sinn3r
45d06dd28d
Change plate
2013-10-21 11:24:30 -05:00
sinn3r
8c05f8cf51
Land #2550 - Add HP Intelligent Managemetn UploadServlet dir traversal
2013-10-21 11:14:22 -05:00
sinn3r
d22e4ac2f1
Check timeout condition
2013-10-21 11:13:48 -05:00