795dd6a02a
Add module for OSVDB 93718
2013-06-24 23:51:28 -05:00
72847ee4c9
Land #2007 - Add local privilege escalation for ZPanel zsudo
2013-06-24 19:25:27 -05:00
24b7d19ecc
Fix target regex and wfsdelay
2013-06-24 14:56:43 -05:00
b86b4d955a
Make random strings also length random
2013-06-24 12:01:30 -05:00
f7650a4b18
Fix wrong local variable
2013-06-24 11:35:26 -05:00
b3d90c68a4
Land #2008 - More OSVDB refs
2013-06-24 01:53:29 -05:00
a920127f8c
reference updates for several modules
2013-06-23 20:43:34 -05:00
5b0092ff39
Land #2006 - Ref updates
2013-06-23 18:26:48 -05:00
6672679530
Add local privilege escalation for ZPanel zsudo abuse
2013-06-23 11:00:39 -05:00
e9883fe5b9
Land #2005 , @wchen-r7's exploit for ZPanel htpasswd
2013-06-22 13:24:23 -05:00
427f063c48
fix formatting
2013-06-22 07:32:29 -05:00
1e25dedb66
fix formatting
2013-06-22 07:31:47 -05:00
14850cd387
reference updates for multiple modules
2013-06-22 07:28:04 -05:00
de659326ce
Land #2003 - Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation
2013-06-21 21:52:32 -05:00
5de7fff685
Credit
2013-06-21 21:38:40 -05:00
339f2a5c83
Hmmm, one extra ','
2013-06-21 21:29:17 -05:00
8d422c9a39
Forgot to randomize the fake pass and remove the payload during testing
2013-06-21 21:27:11 -05:00
e7d75d6d16
Add OSVDB-94038: ZPanel htpasswd Module Username Command Execution
2013-06-21 21:03:10 -05:00
afa0e6c42a
Use CmdStagerVBS instead of CmdStagerTFTP
...
By using `php.exe` as stager, the bad characters can be completely
bypassed. This allows the use of the CmdStagerVBS, which should be
working on all supported Windows systems.
2013-06-22 01:13:03 +02:00
f106b6db50
Add comment with the component version
2013-06-21 17:38:30 -05:00
5fe9a80bf0
Add module for OSVDB 46578
2013-06-21 17:31:40 -05:00
4cc1f2440d
Land #1996 , references for several modules
2013-06-20 11:32:55 -05:00
322ba27f0f
re-order refs
2013-06-20 11:17:23 -05:00
22026352e6
Land #1995 , OSVDB reference for Gitorious
2013-06-20 10:51:51 -05:00
e4cbd4b174
Land #1994 , OSVDB reference for JBoss
2013-06-20 10:51:28 -05:00
66f4424202
fix formatting
2013-06-20 10:41:14 -05:00
a3a5dec369
add osvdb ref 94441
2013-06-20 08:03:34 -05:00
abea7e6a47
add osvdb ref 76389
2013-06-20 07:55:50 -05:00
cab20062a4
add osvdb ref 84706
2013-06-20 07:38:34 -05:00
a824a0583e
add osvdb ref 89059
2013-06-20 07:34:15 -05:00
89f649ab99
add osvdb ref 89026
2013-06-20 07:28:29 -05:00
2b55e0e0a6
add osvdb ref 64171
2013-06-20 07:17:22 -05:00
d19bd7a905
add osvdb 85739, cve 2012-5159, edb 21834
2013-06-20 07:01:59 -05:00
6cc7d9ccae
add osvdb ref 85446 and edb ref 20500
2013-06-20 06:54:06 -05:00
ee21120c04
add osvdb ref 85509
2013-06-20 06:47:10 -05:00
ade970afb8
add osvdb ref 89322
2013-06-20 06:44:22 -05:00
42690a5c48
add osvdb ref 77492
2013-06-20 06:38:47 -05:00
0dca5ede7e
add osvdb ref 78480
2013-06-20 06:07:08 -05:00
29bc169507
add osvdb ref 64171
2013-06-20 06:00:05 -05:00
8dfe9b5318
Add login feature
2013-06-20 04:16:23 -05:00
ebde05b783
Improve check
2013-06-20 03:18:33 -05:00
20621d17de
Add CVE-2013-3576 - HP System Management Homepage exploit
2013-06-20 03:08:42 -05:00
494ee160af
Fix indent
2013-06-19 23:12:12 -05:00
2d99c46414
Land #1990 , @wchen-r7's exploit for Libretto CMS
2013-06-19 23:11:34 -05:00
079477c57d
Commit final version
2013-06-19 20:35:24 -05:00
62b23bc594
Initial (incomplete) commit
2013-06-19 16:59:15 -05:00
81b4efcdb8
Fix requires for PhpEXE
...
And incidentally fix some msftidy complaints
2013-06-19 16:27:59 -05:00
d347be35e9
Land #1986 - Restores MoinMoin during exploitation
2013-06-19 12:14:10 -05:00
a894dc83c2
Try restore also at exploiting time
2013-06-19 11:35:52 -05:00
7b0977f897
Change base path
2013-06-19 11:33:45 -05:00
jvazquez-r7
sinn3r
HD Moore
Steve Tornio
Markus Wulftange
William Vu
James Lee