jvazquez-r7
7641aa3e63
Delete stop_service calls
2013-07-24 16:35:15 -05:00
jvazquez-r7
e9a4f6d5da
Merge branch 'dll_fix' of https://github.com/Meatballs1/metasploit-framework
2013-07-24 14:00:52 -05:00
jvazquez-r7
dbad1a5e4c
Clean up description
2013-07-24 12:02:33 -05:00
jvazquez-r7
18dbdb828f
Land #2133 , @Meatballs1's exploit for PSH Web Delivery
2013-07-24 12:01:37 -05:00
Meatballs
f79d3f7591
Shorten cmd
2013-07-24 17:48:03 +01:00
jvazquez-r7
47c21dfe85
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-24 11:42:11 -05:00
Meatballs
8103baf21a
Update title
2013-07-24 17:29:23 +01:00
Meatballs
18ac83bec1
Final updates and tidy
2013-07-24 17:28:19 +01:00
jvazquez-r7
8dd7a664b4
Give a chance to FileDropper too
2013-07-24 08:57:43 -05:00
jvazquez-r7
04b9e3a3e6
Add module for CVE-2013-2251
2013-07-24 08:52:02 -05:00
jvazquez-r7
b0c17fdebc
Land #2002 , @jlee-r7's patch for better handling uri resources
2013-07-23 15:49:21 -05:00
Tod Beardsley
147d432b1d
Move from DLink to D-Link
2013-07-23 14:11:16 -05:00
jvazquez-r7
e828517ed8
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-22 17:10:45 -05:00
jvazquez-r7
af1bd01b62
Change datastore options names for consistency
2013-07-22 16:57:32 -05:00
jvazquez-r7
99a345f8d1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-22 13:54:26 -05:00
Tod Beardsley
5e55c506cd
Land #2140 , add CWS as a first-class reference.
2013-07-22 13:50:38 -05:00
Tod Beardsley
164153f1e6
Minor updates to titles and descriptions
2013-07-22 13:04:54 -05:00
jvazquez-r7
77e8250349
Add support for CWE
2013-07-22 12:13:56 -05:00
jvazquez-r7
0fdfe866a7
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-22 12:07:44 -05:00
jvazquez-r7
6158415bd3
Clean CWE reference, will ad in new pr
2013-07-22 12:03:55 -05:00
jvazquez-r7
da4fda6cb1
Land #2110 , @rcvalle's exploit for Foreman Ruby Injection
2013-07-22 12:02:43 -05:00
jvazquez-r7
8015938b9a
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-22 11:20:12 -05:00
Ramon de C Valle
04e9398ddd
Fix CSRF regular expressions as per review
2013-07-22 13:10:56 -03:00
jvazquez-r7
de6e2ef6f4
Final cleanup for dlink_upnp_exec_noauth
2013-07-22 10:53:09 -05:00
jvazquez-r7
c1c72dea38
Land @2127, @m-1-k-3's exploit for DLink UPNP SOAP Injection
2013-07-22 10:52:13 -05:00
Ramon de C Valle
11ef4263a4
Remove call to handler as per review
2013-07-22 12:49:42 -03:00
jvazquez-r7
15b0e39617
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-21 13:47:40 -05:00
sinn3r
e7e712fa01
EOL fix
2013-07-20 19:54:05 -05:00
sinn3r
ab515fb66d
Add the file format version of CVE-2013-1017
2013-07-20 19:50:09 -05:00
Meatballs
fe405d2187
Tidyup info
2013-07-19 23:50:59 +01:00
Meatballs
6fab3f6308
Add powershell cmdline
2013-07-19 23:24:54 +01:00
jvazquez-r7
4beea52449
Use instance variables
2013-07-19 14:46:17 -05:00
Meatballs
d1fdcfff91
Initial commit
2013-07-19 19:33:55 +01:00
Ramon de C Valle
6761f95892
Change print_error/ret to fail_with as per review
2013-07-19 12:19:29 -03:00
Sean Verity
f16ed32848
Added '2003 R2 SP2' to target selection
2013-07-19 09:57:09 -04:00
m-1-k-3
e93eef4534
fixing server header check
2013-07-19 08:00:02 +02:00
m-1-k-3
f26b60a082
functions and some tweaking
2013-07-19 07:57:27 +02:00
jvazquez-r7
bdfad076b4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-18 15:43:58 -05:00
jvazquez-r7
cb108a8253
Add module for ZDI-13-147
2013-07-18 15:37:11 -05:00
William Vu
6885ef8aa4
Land #2123 , mutiny_frontend_upload code cleanup
2013-07-18 14:38:03 -05:00
jvazquez-r7
a1a6aac229
Delete debug code from mutiny_frontend_upload
2013-07-18 14:03:19 -05:00
jvazquez-r7
efb8591a49
Update apple_quicktime_rdrf references
2013-07-18 13:57:31 -05:00
jvazquez-r7
1a5e0e10a5
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-18 13:53:57 -05:00
sinn3r
b90e1d54e2
Land #2117 - HP Managed Printing Administration jobAcct Command Exec
2013-07-18 13:21:11 -05:00
sinn3r
280529f885
Make some changes to the description
2013-07-18 13:20:36 -05:00
jvazquez-r7
52079c960f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-18 12:52:42 -05:00
sinn3r
b94cde1d65
Name change for pyoor
2013-07-18 10:50:25 -05:00
jvazquez-r7
104edd8e93
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-18 10:38:53 -05:00
jvazquez-r7
3780b1b59f
Add module for ZDI-11-352
2013-07-18 09:39:55 -05:00
jvazquez-r7
bf023f261a
Delete comma
2013-07-17 20:46:03 -05:00
jvazquez-r7
7ee4855345
Fix msftidy and delete duplicate stack adjustment
2013-07-17 20:45:54 -05:00
sinn3r
6713fb1609
Fix typos
2013-07-17 18:06:40 -05:00
jvazquez-r7
458ac5f289
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-17 15:02:33 -05:00
sinn3r
9ae7c80b15
Add more targets plus some other corrections
2013-07-17 14:43:41 -05:00
sinn3r
c85b994c07
Add CVE-2013-1017: Apple Quicktime Invalid Atom Length BoF
...
This module exploits a vulnerability found in Apple Quicktime. The
flaw is triggered when Quicktime fails to properly handle the data
length for certain atoms such as 'rdrf' or 'dref' in the Alis record,
which may result a buffer overflow by loading a specially crafted .mov
file, and allows arbitrary code execution under the context of the user.
2013-07-17 13:45:05 -05:00
jvazquez-r7
c7361043ae
up to date
2013-07-17 11:47:06 -05:00
jvazquez-r7
11f8b351c0
Merge branch 'nvidia' of https://github.com/Meatballs1/metasploit-framework
2013-07-17 11:44:42 -05:00
jvazquez-r7
73fd14a500
Fix [SeeRM #8239 ] NoMethodError undefined method
2013-07-16 15:59:52 -05:00
Ramon de C Valle
8fd6dd50de
Check session and CSRF variables as per review
2013-07-16 14:30:55 -03:00
Ramon de C Valle
dc51c8a3a6
Change URIPATH option to TARGETURI as per review
2013-07-16 14:27:47 -03:00
Ramon de C Valle
3dbe8fab2c
Add foreman_openstack_satellite_code_exec.rb
...
This module exploits a code injection vulnerability in the 'create'
action of 'bookmarks' controller of Foreman and Red Hat
OpenStack/Satellite (Foreman 1.2.0-RC1 and earlier).
2013-07-16 12:07:31 -03:00
jvazquez-r7
3a8856ae7f
Apply review to spip_connect_exec
2013-07-15 09:44:05 -05:00
jvazquez-r7
bc44d42888
Move module to unix/webapps
2013-07-15 09:43:28 -05:00
jvazquez-r7
19b11cd6e2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-15 08:23:38 -05:00
m-1-k-3
f594c4b128
small cleanup
2013-07-15 08:48:18 +02:00
m-1-k-3
393c1b2a99
session stuff
2013-07-15 07:57:30 +02:00
m-1-k-3
a6b48f3082
HTTP GET
2013-07-14 19:02:53 +02:00
m-1-k-3
9f65264af4
make msftidy happy
2013-07-14 15:45:14 +02:00
m-1-k-3
47ca4fd48f
session now working
2013-07-14 15:42:41 +02:00
m-1-k-3
9133dbac4a
some feedback included and some playing
2013-07-14 14:14:06 +02:00
James Lee
94f8b1d177
Land #2073 , psexec_psh
2013-07-12 16:14:17 -05:00
James Lee
f81369a10d
Don't make promises about AV detection
2013-07-12 16:13:02 -05:00
James Lee
bc88732400
Prints don't need to be rescued
2013-07-12 15:56:04 -05:00
jvazquez-r7
e2f6218104
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-12 08:38:08 -05:00
sinn3r
529471ed53
Land #2081 - MediaCoder .M3U Buffer Overflow
2013-07-11 23:57:43 -05:00
sinn3r
1341d6ec6b
Remove extra commas and try to keep a line in 100 columns
2013-07-11 23:54:54 -05:00
jvazquez-r7
937642762f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-11 15:20:33 -05:00
sinn3r
1cf65623d6
Small desc update
2013-07-11 13:20:39 -05:00
jvazquez-r7
d9107d2bd9
Add module for CVE-2013-3248
2013-07-11 12:30:08 -05:00
Davy Douhine
4d120f49ba
added exploit module for PHP inj in SPIP CMS
2013-07-11 17:28:31 +02:00
modpr0be
16c9effcb4
make msftidy happy
2013-07-11 00:32:32 +07:00
modpr0be
8de88cbd05
change target from win7 sp1 to win7 sp0, fix description
2013-07-11 00:14:30 +07:00
m-1-k-3
49c70911be
dlink upnp command injection
2013-07-09 13:24:12 +02:00
jvazquez-r7
64b2f3f7a0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-08 16:55:39 -05:00
Tod Beardsley
8d7396d60a
Minor description changes on new modules
2013-07-08 16:24:40 -05:00
jvazquez-r7
6a9a9ac20a
Merge branch 'module-mediacoder-m3u' of https://github.com/modpr0be/metasploit-framework
2013-07-08 15:53:36 -05:00
jvazquez-r7
8ab8eb8e59
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-08 15:52:31 -05:00
modpr0be
b2a18c37ee
add dll references for rop
2013-07-09 03:20:05 +07:00
jvazquez-r7
3f874f504c
Use metadata
2013-07-08 09:25:02 -05:00
jvazquez-r7
512dd7d15a
Update title
2013-07-08 09:11:31 -05:00
jvazquez-r7
c60aeaa202
Add module for CVE-2013-3482
2013-07-08 09:11:10 -05:00
modpr0be
ed6d88a28b
credit to mona.py for rop
2013-07-07 18:07:05 +07:00
modpr0be
ecb2667401
remove seh mixin and fix the rop nop address
2013-07-06 23:08:51 +07:00
Meatballs
fc5e5a5aad
Fixup description
2013-07-06 09:29:32 +01:00
Meatballs
22601e6cc7
Exit process when complete
2013-07-06 09:27:27 +01:00
modpr0be
23d2bfc915
add more author
2013-07-06 11:52:16 +07:00
modpr0be
b8354d3d6c
Added MediaCoder exploit module
2013-07-06 11:07:11 +07:00
Meatballs
0e84886bce
Spawn 32bit process
2013-07-05 22:56:21 +01:00
Meatballs
2bfe8b3b29
msftidy
2013-07-05 22:35:22 +01:00
Meatballs
5dc2492b20
Renamed module
2013-07-05 22:32:15 +01:00
Meatballs
0ce3fe2e7c
Added service status checks to Post::Windows::Services
...
Added QueryServiceStatus to Railgun Advapi32 Definitions
Added Checks to module
2013-07-05 22:25:04 +01:00
Meatballs
66c2b79177
Initial commit
2013-07-05 19:48:27 +01:00
jvazquez-r7
7f645807f6
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-05 10:25:41 -05:00
jvazquez-r7
ad94f434ab
Avoid a fix address for the final userland payload
2013-07-05 10:21:11 -05:00
jvazquez-r7
9b7567cd0f
Land #2071 , @wchen-r7's patch to use the Msf::Post::Windows::Process mixin
2013-07-05 10:19:56 -05:00
jvazquez-r7
a4f90ffadd
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-05 09:01:30 -05:00
Thorsten Fischer
e96a5d0237
Fixed a "NameError uninitialized constant" error.
...
On startup of msfconsole, the following error occurred:
modules/exploits/freebsd/local/mmap.rb: NameError uninitialized constant Msf::Post::Common
The addition of a corresponding 'require' line removed that error.
Signed-off-by: Thorsten Fischer <thorsten@froschi.org>
2013-07-05 11:56:15 +02:00
jvazquez-r7
c4485b127c
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-04 19:43:38 -05:00
jvazquez-r7
8772cfa998
Add support for PLESK on php_cgi_arg_injection
2013-07-04 08:24:25 -05:00
Meatballs
479664b5aa
Remove redundant file
2013-07-04 12:07:14 +01:00
Meatballs
cd159960e1
Tidy
2013-07-04 12:02:32 +01:00
Meatballs
9c1a43a417
Check payload arch
2013-07-04 11:46:34 +01:00
Meatballs
83bc32abb4
Remove Exploit::Exe
2013-07-04 11:01:01 +01:00
Meatballs
7d6a78bf1f
Remove report aux
2013-07-04 10:36:32 +01:00
Meatballs
555140b85a
Add warning for persist
2013-07-04 10:30:03 +01:00
Meatballs
44cdc0a1c8
Move options to lib
2013-07-04 10:25:37 +01:00
Meatballs
1368c1c27f
Move options to lib
2013-07-04 10:25:08 +01:00
Meatballs
8590720890
Use fail_with
2013-07-04 10:21:24 +01:00
Meatballs
3eab7107b8
Remove opt supplied by lib
2013-07-04 10:16:03 +01:00
Meatballs
7d273b2c8b
Refactor to psexec lib
2013-07-04 10:11:13 +01:00
Meatballs
1569a15856
Msf license
2013-07-04 10:08:29 +01:00
Meatballs
052c23b980
Add missing require
2013-07-04 09:58:48 +01:00
Meatballs
6fa60be76f
Merge branch 'psexec_psh' of https://github.com/sempervictus/metasploit-framework into psexec_psh
2013-07-04 09:42:18 +01:00
sinn3r
226f4dd8cc
Use execute_shellcode for novell_client_nicm.rb
2013-07-03 13:57:41 -05:00
sinn3r
f9cfba9021
Use execute_shellcode for novell_client_nwfs.rb
2013-07-03 13:55:50 -05:00
jvazquez-r7
6e44cb56bf
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-03 12:44:47 -05:00
jvazquez-r7
f3f3a8239e
Land #2043 , @ricardojba exploit for InstantCMS
2013-07-03 12:11:30 -05:00
jvazquez-r7
2f77e8626f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-03 11:56:25 -05:00
sinn3r
7ef5695867
[FixRM:#8129] - Remove invalid metasploit.com references
...
These "metasploit.com" references aren't related to the vulns,
shouldn't be in them.
2013-07-03 11:52:10 -05:00
jvazquez-r7
c07e65d16e
Improve and clean instantcms_exec
2013-07-03 11:37:57 -05:00
g0tmi1k
2a6056fd2a
exploits/s4u_persistence~Fixed typos+default values
2013-07-03 00:38:50 +01:00
Ricardo Almeida
dd876008f9
Update instantcms_exec.rb
2013-07-02 17:26:14 +01:00
jvazquez-r7
146d1eb27d
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-02 10:06:00 -05:00
jvazquez-r7
1110aefe49
Land #2038 , @modpr0be exploit for ABBS Audio Media Player
2013-07-01 23:20:50 -05:00
modpr0be
2e5398470b
remove additional junk, tested and not needed
2013-07-02 09:23:42 +07:00
jvazquez-r7
72f19181d1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-01 16:38:19 -05:00
Ricardo Almeida
dafa333e57
Update instantcms_exec.rb
2013-07-01 22:03:37 +01:00
Tod Beardsley
bc24f99f8d
Various description and title updates
2013-07-01 15:37:37 -05:00
modpr0be
9b8bfa6290
change last junk from rand_text_alpha_upper to rand_text
2013-07-01 23:49:19 +07:00
modpr0be
c631778a38
make a nice way to fill the rest of buffer
2013-07-01 23:39:08 +07:00
Ricardo Almeida
760133d878
Error on line 60
2013-07-01 12:04:03 -04:00
sinn3r
dbce1b36e5
Land #2036 - CVE-2013-3660
...
Thx Tavis, Keebie4e, and Meatballs
2013-07-01 10:55:51 -05:00
Ricardo Almeida
4cd08966ff
added InstantCMS 1.6 PHP Code Injection
2013-07-01 11:44:47 -04:00
modpr0be
478beee38b
remove unnecessary option and make msftidy happy
2013-07-01 18:51:47 +07:00
modpr0be
f16d097c00
clean version, tested on winxp sp3 and win7 sp1
2013-07-01 18:35:50 +07:00
jvazquez-r7
f58f481399
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-30 22:36:46 -05:00
modpr0be
e0ae71e874
minor fixing in the exploit module description
2013-07-01 03:27:06 +07:00
modpr0be
007fddb6bf
remove SEH function, not needed
2013-07-01 03:13:20 +07:00
modpr0be
1e4b69ab03
Added abbs amp exploit module
2013-07-01 03:08:22 +07:00
jvazquez-r7
0ff1cd24a9
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-30 10:03:30 -05:00
jvazquez-r7
867eed7957
Make msftidy happy
2013-06-30 10:01:40 -05:00
jvazquez-r7
db00599d44
Move carberp_backdoor_exec to unix webapp exploits foler
2013-06-30 10:00:14 -05:00
Brian Wallace
d990c7f21f
Dat line
2013-06-29 09:46:36 -07:00
Brian Wallace
ec7c9b039a
Further refactoring requested
2013-06-29 09:45:22 -07:00
jvazquez-r7
a2b8daf149
Modify fail message when exploitation doen't success
2013-06-29 10:45:13 -05:00
jvazquez-r7
a5c3f4ca9b
Modify ruby code according to comments
2013-06-29 08:54:00 -05:00
Brian Wallace
8542342ff6
Merge branch 'carberp_backdoor_exec' of git@github.com:bwall/metasploit-framework.git into carberp_backdoor_exec
2013-06-28 22:45:03 -07:00
Brian Wallace
b8cada9ab0
Applied some refactoring to decrease line count
2013-06-28 22:44:23 -07:00
jvazquez-r7
427e26c4dc
Fix current_pid
2013-06-28 21:36:49 -05:00
jvazquez-r7
32ae7ec2fa
Fix error description and bad variable usage
2013-06-28 21:30:33 -05:00
jvazquez-r7
fb67002df9
Switch from print_error to print_warning
2013-06-28 21:29:20 -05:00
jvazquez-r7
3ab948209b
Fix module according to @wchen-r7 feedback
2013-06-28 20:44:42 -05:00
jvazquez-r7
00416f3430
Add a new print_status
2013-06-28 18:23:49 -05:00
jvazquez-r7
7725937461
Add Module for cve-2013-3660
2013-06-28 18:18:21 -05:00
(B)rian (Wall)ace
9486364cc4
Added Steven K's email
2013-06-28 15:31:17 -07:00
Brian Wallace
fe0e16183c
Carberp backdoor eval PoC
2013-06-28 14:47:13 -07:00
jvazquez-r7
3c1af8217b
Land #2011 , @matthiaskaiser's exploit for cve-2013-2460
2013-06-26 14:35:22 -05:00
jvazquez-r7
81a2d9d1d5
Merge branch 'module_java_jre17_provider_skeleton' of https://github.com/matthiaskaiser/metasploit-framework
2013-06-26 14:32:59 -05:00
jvazquez-r7
90b30dc317
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-26 14:31:52 -05:00
William Vu
e4fb5b327f
Land #2028 , update references for multiple modules
2013-06-26 10:18:27 -05:00
Steve Tornio
6ea622c45e
reference updates
2013-06-26 09:44:56 -05:00
jvazquez-r7
7ab4d4dcc4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 17:34:29 -05:00
James Lee
3e929fb812
Use fixed `write_file` instead of re-implementing
2013-06-25 17:25:14 -05:00
Steve Tornio
5b71013dde
reference updates
2013-06-25 13:41:22 -05:00
jvazquez-r7
4fa789791d
Explain Ranking
2013-06-25 13:10:15 -05:00
jvazquez-r7
127300c62d
Fix also ruby module
2013-06-25 12:59:42 -05:00
jvazquez-r7
1ade467ac9
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 11:10:43 -05:00
jvazquez-r7
b32513b1b8
Fix CVE-2013-2171 with @jlee-r7 feedback
2013-06-25 10:40:55 -05:00
jvazquez-r7
3244013b1f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 09:48:20 -05:00
jvazquez-r7
c9a7372f9f
Land #2014 , @wchen-r7's exploit for CVE-2013-2171
2013-06-25 09:33:56 -05:00
jvazquez-r7
0c306260be
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 09:13:01 -05:00
William Vu
d6374ddfff
Land #2020 , CVE and OSVDB update
2013-06-25 08:17:54 -05:00
sinn3r
4df943d1a2
CVE and OSVDB update
2013-06-25 02:06:20 -05:00
jvazquez-r7
795dd6a02a
Add module for OSVDB 93718
2013-06-24 23:51:28 -05:00
jvazquez-r7
e9fccb8dbd
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-24 22:07:48 -05:00
sinn3r
72847ee4c9
Land #2007 - Add local privilege escalation for ZPanel zsudo
2013-06-24 19:25:27 -05:00
jvazquez-r7
ca8ce363b8
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-24 16:32:55 -05:00
sinn3r
d974e395e4
Add a check by checking uname
2013-06-24 15:54:41 -05:00
sinn3r
6b8e0605c0
Use FileDropper
2013-06-24 15:48:54 -05:00
HD Moore
24b7d19ecc
Fix target regex and wfsdelay
2013-06-24 14:56:43 -05:00
jvazquez-r7
b86b4d955a
Make random strings also length random
2013-06-24 12:01:30 -05:00
jvazquez-r7
98fddb6ce1
up to date
2013-06-24 11:57:11 -05:00
sinn3r
6780566a54
Add CVE-2013-2171: FreeBSD 9 Address Space Manipulation Module
2013-06-24 11:50:21 -05:00
jvazquez-r7
f7650a4b18
Fix wrong local variable
2013-06-24 11:35:26 -05:00
sinn3r
b3d90c68a4
Land #2008 - More OSVDB refs
2013-06-24 01:53:29 -05:00
Matthias Kaiser
8a96b7f9f2
added Java7u21 RCE module
...
Click2Play bypass doesn't seem to work anymore.
2013-06-24 02:04:38 -04:00
jvazquez-r7
31fcb911f2
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-23 21:41:10 -05:00
Steve Tornio
a920127f8c
reference updates for several modules
2013-06-23 20:43:34 -05:00
sinn3r
5b0092ff39
Land #2006 - Ref updates
2013-06-23 18:26:48 -05:00
jvazquez-r7
6672679530
Add local privilege escalation for ZPanel zsudo abuse
2013-06-23 11:00:39 -05:00
jvazquez-r7
b49c4c4e9e
up to date
2013-06-22 18:28:17 -05:00
jvazquez-r7
345773592f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-22 13:54:47 -05:00
jvazquez-r7
04e6167f90
zpanel
2013-06-22 13:54:22 -05:00
jvazquez-r7
e9883fe5b9
Land #2005 , @wchen-r7's exploit for ZPanel htpasswd
2013-06-22 13:24:23 -05:00
jvazquez-r7
2150d9efb0
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-22 12:06:18 -05:00
Steve Tornio
427f063c48
fix formatting
2013-06-22 07:32:29 -05:00
Steve Tornio
1e25dedb66
fix formatting
2013-06-22 07:31:47 -05:00
Steve Tornio
14850cd387
reference updates for multiple modules
2013-06-22 07:28:04 -05:00
sinn3r
de659326ce
Land #2003 - Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation
2013-06-21 21:52:32 -05:00
sinn3r
5de7fff685
Credit
2013-06-21 21:38:40 -05:00
sinn3r
339f2a5c83
Hmmm, one extra ','
2013-06-21 21:29:17 -05:00
sinn3r
8d422c9a39
Forgot to randomize the fake pass and remove the payload during testing
2013-06-21 21:27:11 -05:00
sinn3r
e7d75d6d16
Add OSVDB-94038: ZPanel htpasswd Module Username Command Execution
2013-06-21 21:03:10 -05:00
Markus Wulftange
afa0e6c42a
Use CmdStagerVBS instead of CmdStagerTFTP
...
By using `php.exe` as stager, the bad characters can be completely
bypassed. This allows the use of the CmdStagerVBS, which should be
working on all supported Windows systems.
2013-06-22 01:13:03 +02:00
jvazquez-r7
f106b6db50
Add comment with the component version
2013-06-21 17:38:30 -05:00
jvazquez-r7
5fe9a80bf0
Add module for OSVDB 46578
2013-06-21 17:31:40 -05:00
James Lee
2c12a43e77
Add a method for dealing with hardcoded URIs
2013-06-21 15:48:02 -05:00
jvazquez-r7
785639148c
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-20 17:18:42 -05:00
William Vu
4cc1f2440d
Land #1996 , references for several modules
2013-06-20 11:32:55 -05:00
Steve Tornio
322ba27f0f
re-order refs
2013-06-20 11:17:23 -05:00
William Vu
22026352e6
Land #1995 , OSVDB reference for Gitorious
2013-06-20 10:51:51 -05:00
William Vu
e4cbd4b174
Land #1994 , OSVDB reference for JBoss
2013-06-20 10:51:28 -05:00
Steve Tornio
66f4424202
fix formatting
2013-06-20 10:41:14 -05:00
Steve Tornio
a3a5dec369
add osvdb ref 94441
2013-06-20 08:03:34 -05:00
Steve Tornio
abea7e6a47
add osvdb ref 76389
2013-06-20 07:55:50 -05:00
Steve Tornio
cab20062a4
add osvdb ref 84706
2013-06-20 07:38:34 -05:00
Steve Tornio
a824a0583e
add osvdb ref 89059
2013-06-20 07:34:15 -05:00
Steve Tornio
89f649ab99
add osvdb ref 89026
2013-06-20 07:28:29 -05:00
Steve Tornio
2b55e0e0a6
add osvdb ref 64171
2013-06-20 07:17:22 -05:00
Steve Tornio
d19bd7a905
add osvdb 85739, cve 2012-5159, edb 21834
2013-06-20 07:01:59 -05:00
Steve Tornio
6cc7d9ccae
add osvdb ref 85446 and edb ref 20500
2013-06-20 06:54:06 -05:00
Steve Tornio
ee21120c04
add osvdb ref 85509
2013-06-20 06:47:10 -05:00
Steve Tornio
ade970afb8
add osvdb ref 89322
2013-06-20 06:44:22 -05:00
Steve Tornio
42690a5c48
add osvdb ref 77492
2013-06-20 06:38:47 -05:00
Steve Tornio
0dca5ede7e
add osvdb ref 78480
2013-06-20 06:07:08 -05:00
Steve Tornio
29bc169507
add osvdb ref 64171
2013-06-20 06:00:05 -05:00
sinn3r
8dfe9b5318
Add login feature
2013-06-20 04:16:23 -05:00
sinn3r
ebde05b783
Improve check
2013-06-20 03:18:33 -05:00
sinn3r
20621d17de
Add CVE-2013-3576 - HP System Management Homepage exploit
2013-06-20 03:08:42 -05:00
jvazquez-r7
fc7670fa5f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-19 23:16:04 -05:00
jvazquez-r7
494ee160af
Fix indent
2013-06-19 23:12:12 -05:00
jvazquez-r7
2d99c46414
Land #1990 , @wchen-r7's exploit for Libretto CMS
2013-06-19 23:11:34 -05:00
sinn3r
079477c57d
Commit final version
2013-06-19 20:35:24 -05:00
jvazquez-r7
869438cb73
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-19 19:57:40 -05:00
sinn3r
62b23bc594
Initial (incomplete) commit
2013-06-19 16:59:15 -05:00
James Lee
81b4efcdb8
Fix requires for PhpEXE
...
And incidentally fix some msftidy complaints
2013-06-19 16:27:59 -05:00
jvazquez-r7
6d1101b65b
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-19 12:14:53 -05:00
sinn3r
d347be35e9
Land #1986 - Restores MoinMoin during exploitation
2013-06-19 12:14:10 -05:00
jvazquez-r7
a894dc83c2
Try restore also at exploiting time
2013-06-19 11:35:52 -05:00
sinn3r
7b0977f897
Change base path
2013-06-19 11:33:45 -05:00