Commit Graph

1700 Commits (d1de6fde36c8f2071137fbd4c532a64b2f6cc0f0)

Author SHA1 Message Date
Joshua Drake a75929889a add exploit for cve-2010-1318
git-svn-id: file:///home/svn/framework3/trunk@9229 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 20:05:39 +00:00
Joshua Drake 2cb99aa091 upgrade ranking to great
git-svn-id: file:///home/svn/framework3/trunk@9222 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-05 15:24:43 +00:00
Joshua Drake 4bc86e603e fix a couple more silly regex mishaps
git-svn-id: file:///home/svn/framework3/trunk@9220 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-04 23:09:32 +00:00
Joshua Drake 0e72894e58 more cleanups
git-svn-id: file:///home/svn/framework3/trunk@9212 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-03 17:13:09 +00:00
Joshua Drake 61402c4b55 add to description
git-svn-id: file:///home/svn/framework3/trunk@9202 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-02 21:04:56 +00:00
Joshua Drake ff46c5d867 add exploit module for cve-2010-0361 on windows
git-svn-id: file:///home/svn/framework3/trunk@9201 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-02 20:52:14 +00:00
Joshua Drake 665baa7691 modify ms09-002 exploit to use encrypt_js
git-svn-id: file:///home/svn/framework3/trunk@9200 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-02 20:42:34 +00:00
HD Moore 42da9e899a Improvements to the cleanup process, close sockets properly for exploits and auxiliary
git-svn-id: file:///home/svn/framework3/trunk@9187 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 16:26:24 +00:00
Joshua Drake ce372f62ff fix aurora encrypt and add js_encrypt to chilikat module
git-svn-id: file:///home/svn/framework3/trunk@9185 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 02:31:17 +00:00
Joshua Drake 2662055be8 add encrypt_js call to aurora exploit
git-svn-id: file:///home/svn/framework3/trunk@9184 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 02:14:26 +00:00
Joshua Drake 2e2142d345 add Maple exploit from scriptjunkie
git-svn-id: file:///home/svn/framework3/trunk@9183 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-01 02:05:56 +00:00
Joshua Drake 0ea6eca4bc big module whitespace/formatting cleanup pass
git-svn-id: file:///home/svn/framework3/trunk@9179 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 08:40:19 +00:00
Joshua Drake 54725099d5 oops it wasnt broken after all!
git-svn-id: file:///home/svn/framework3/trunk@9178 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 06:38:48 +00:00
Joshua Drake 22529ae81b add USERNAME/PASSWORD options
git-svn-id: file:///home/svn/framework3/trunk@9177 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 06:30:59 +00:00
Joshua Drake b6d9f2fac5 another ill-place "end" statement...
git-svn-id: file:///home/svn/framework3/trunk@9176 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 06:13:26 +00:00
Joshua Drake 5f7d3cd0d1 fix final "end" statement -- wow almost 3 years like that
git-svn-id: file:///home/svn/framework3/trunk@9175 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 06:08:08 +00:00
Joshua Drake 5b629c8dc7 fix copy pasta error
git-svn-id: file:///home/svn/framework3/trunk@9174 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-30 02:12:29 +00:00
James Lee 8923de2d8d change squirrelmail_pgp_plugin to manual rank because it requires an email address
git-svn-id: file:///home/svn/framework3/trunk@9171 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-29 18:29:22 +00:00
Joshua Drake 6e3a26bc07 add custom LAUNCH_MESSAGE option
git-svn-id: file:///home/svn/framework3/trunk@9170 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-29 17:02:33 +00:00
Joshua Drake 4cdb64f6b9 corrected version range
samba.org reports 3.0.0 - 3.0.25rc3 but that is for the underlying cmd execution bugs
username map script wasnt introduced until 3.0.20


git-svn-id: file:///home/svn/framework3/trunk@9168 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-28 06:43:51 +00:00
Joshua Drake 4f364e2830 add description, versions, fix whitespace
git-svn-id: file:///home/svn/framework3/trunk@9167 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-28 03:54:24 +00:00
Joshua Drake b2f338984b cosmetic statement reorder
git-svn-id: file:///home/svn/framework3/trunk@9166 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-28 00:48:00 +00:00
Joshua Drake 8a0785f91e change exit func and ensure return is invalid (causes exception)
git-svn-id: file:///home/svn/framework3/trunk@9162 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 19:13:56 +00:00
Joshua Drake d91046c470 detect and split JS and non-JS versions
git-svn-id: file:///home/svn/framework3/trunk@9160 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 17:45:35 +00:00
Joshua Drake 49f6fc4d98 ugh
git-svn-id: file:///home/svn/framework3/trunk@9159 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 16:46:21 +00:00
Joshua Drake 2f3171906c remove splash screen
git-svn-id: file:///home/svn/framework3/trunk@9158 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 15:58:05 +00:00
Joshua Drake ac188bebdb added support for older JREs using javascript methods from taviso's exploit
git-svn-id: file:///home/svn/framework3/trunk@9151 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-27 00:42:52 +00:00
Joshua Drake cb13ab93cc add additional targets and version notes
git-svn-id: file:///home/svn/framework3/trunk@9147 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 21:23:40 +00:00
Joshua Drake 9f0b05d18f add exploit module for easyftp server
git-svn-id: file:///home/svn/framework3/trunk@9145 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 19:52:25 +00:00
Steve Tornio 9e06b1e777 more refs
git-svn-id: file:///home/svn/framework3/trunk@9143 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 18:56:46 +00:00
Joshua Drake a953c47cfb remove carriage returns
git-svn-id: file:///home/svn/framework3/trunk@9140 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 18:29:24 +00:00
Joshua Drake e3a1c63e98 add exploit module for trellian ftp client from dookie
git-svn-id: file:///home/svn/framework3/trunk@9139 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 18:20:27 +00:00
Joshua Drake 62760e4d30 add exploit module for xftp client from dookie
git-svn-id: file:///home/svn/framework3/trunk@9138 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-26 18:16:52 +00:00
Joshua Drake 251953ec59 add post-first-patch target
git-svn-id: file:///home/svn/framework3/trunk@9118 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-23 18:35:18 +00:00
Tod Beardsley bd94145d8d Allows reporting auth credentials to be optional with exploit/windows/smb/psexec. Sometimes you don't want this, especially if you already have an auth credential via smb_login.
For auxiliary/scanner/smb/smb_login, if a password hash is used instead of a password, record it as a :hash instead of a :pass when reporting to the DB.



git-svn-id: file:///home/svn/framework3/trunk@9116 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-22 17:23:29 +00:00
Joshua Drake fda05bfe16 update check functionality
git-svn-id: file:///home/svn/framework3/trunk@9111 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-20 01:55:21 +00:00
Joshua Drake ef7aef50db correct BID reference
git-svn-id: file:///home/svn/framework3/trunk@9110 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-20 00:09:11 +00:00
Joshua Drake 2fe1dcbaa1 comment out debug print
git-svn-id: file:///home/svn/framework3/trunk@9109 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-20 00:07:38 +00:00
Joshua Drake 9a5c1ccf68 minor whitespace tweaks
git-svn-id: file:///home/svn/framework3/trunk@9108 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-19 23:53:27 +00:00
Joshua Drake 6a794fc25a better url generation (more random and more reliable)
git-svn-id: file:///home/svn/framework3/trunk@9106 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-19 22:55:08 +00:00
Steve Tornio 3dcc643bd6 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@9101 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-17 11:22:37 +00:00
Joshua Drake 8131f623ad add exploit module for cve-2010-0478
git-svn-id: file:///home/svn/framework3/trunk@9100 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-17 07:39:59 +00:00
Joshua Drake bc68b7d92e fix name
git-svn-id: file:///home/svn/framework3/trunk@9097 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 08:08:40 +00:00
Joshua Drake fc2fab9bd7 fix name
git-svn-id: file:///home/svn/framework3/trunk@9096 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 08:08:36 +00:00
Joshua Drake 51e6a64e07 add UNCPATH option
git-svn-id: file:///home/svn/framework3/trunk@9095 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 08:08:14 +00:00
Joshua Drake d03eacc386 move exploit specific stuff back to exploit method
git-svn-id: file:///home/svn/framework3/trunk@9094 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 05:30:27 +00:00
Joshua Drake 74a344ce7a unbreak the module, oops
git-svn-id: file:///home/svn/framework3/trunk@9093 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 05:10:36 +00:00
Joshua Drake a402a69de6 make error more friendly and clean up whitespace
git-svn-id: file:///home/svn/framework3/trunk@9092 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 04:51:08 +00:00
Joshua Drake 80cec47e17 added cve
git-svn-id: file:///home/svn/framework3/trunk@9091 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 00:31:31 +00:00
Joshua Drake 180ca93bbb updated description
git-svn-id: file:///home/svn/framework3/trunk@9090 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-16 00:31:03 +00:00
Joshua Drake 8e5f0a37d8 rename modules to microsoft bulletin names and update references
git-svn-id: file:///home/svn/framework3/trunk@9085 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 16:08:27 +00:00
Joshua Drake 73dfe9729b update default option settings and auto_target
git-svn-id: file:///home/svn/framework3/trunk@9083 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 15:23:43 +00:00
Steve Tornio ec74d862a7 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@9082 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-15 11:18:25 +00:00
Joshua Drake 950f571488 add module for java web start arguments vuln - no CVE yet
git-svn-id: file:///home/svn/framework3/trunk@9074 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-14 21:45:23 +00:00
Joshua Drake 321404e2fe add payload/generic/tight_loop - x86 debug payload
git-svn-id: file:///home/svn/framework3/trunk@9070 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-14 07:40:04 +00:00
Joshua Drake 7788873235 fix typos
git-svn-id: file:///home/svn/framework3/trunk@9066 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-14 00:37:06 +00:00
pusscat 99ecd361d3 Fix variable name (care of Monica Sojeong Hong)
git-svn-id: file:///home/svn/framework3/trunk@9061 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-13 19:05:52 +00:00
HD Moore ee4528ed86 Fix negative timeouts
git-svn-id: file:///home/svn/framework3/trunk@9048 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-11 13:26:50 +00:00
Joshua Drake 78d1338171 clean up extra slashes in uris
git-svn-id: file:///home/svn/framework3/trunk@9036 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-07 20:25:34 +00:00
HD Moore c8aae09827 Correct english in the quotation
git-svn-id: file:///home/svn/framework3/trunk@9029 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-07 00:59:20 +00:00
Joshua Drake 1f8605e26d fix check method, lol?
git-svn-id: file:///home/svn/framework3/trunk@9026 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-06 04:58:03 +00:00
Joshua Drake 1a47c436d3 support amd64 arch
git-svn-id: file:///home/svn/framework3/trunk@9025 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-06 04:08:39 +00:00
HD Moore 7af2fdf42e Remove silly cases of print_good
git-svn-id: file:///home/svn/framework3/trunk@9021 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 23:34:10 +00:00
Joshua Drake 1836649937 update references
git-svn-id: file:///home/svn/framework3/trunk@9020 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 20:45:21 +00:00
Joshua Drake e9083bda0d add exploit module for cve-2010-0805 - from zsploit
git-svn-id: file:///home/svn/framework3/trunk@9018 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 20:25:56 +00:00
Joshua Drake b35559e1ec add a 6.1.22.0 target (from WorldMail3.1.2x_installer.exe)
git-svn-id: file:///home/svn/framework3/trunk@9015 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 03:48:07 +00:00
Joshua Drake 7d45b8fdf0 update targets, add auto_target functionality
git-svn-id: file:///home/svn/framework3/trunk@9012 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-05 02:09:32 +00:00
HD Moore 52faebea30 Typo
git-svn-id: file:///home/svn/framework3/trunk@9006 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 04:57:42 +00:00
HD Moore 3258f30ba7 Typo
git-svn-id: file:///home/svn/framework3/trunk@9005 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 04:46:28 +00:00
HD Moore 8f0e3ced67 Correct spelling typo
git-svn-id: file:///home/svn/framework3/trunk@9004 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-04 00:46:49 +00:00
HD Moore cd2760f2c2 Bug fixes and size improvements for the reverse_https stager
git-svn-id: file:///home/svn/framework3/trunk@9001 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-03 13:53:35 +00:00
Joshua Drake eb003518ce add auto_target to apache_chunked exploit - should reduce run duration in most cases
git-svn-id: file:///home/svn/framework3/trunk@8980 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 16:26:01 +00:00
Joshua Drake 776259e3c6 bleh, fix comma
git-svn-id: file:///home/svn/framework3/trunk@8979 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 15:51:55 +00:00
Joshua Drake 5c34cce14a add note about possibly incorrect references
git-svn-id: file:///home/svn/framework3/trunk@8978 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-02 15:38:11 +00:00
Joshua Drake 82b6f05fa9 add exploit module from m_101
git-svn-id: file:///home/svn/framework3/trunk@8975 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 17:10:07 +00:00
Joshua Drake 61b4500ffd remove svn:executable from various files
git-svn-id: file:///home/svn/framework3/trunk@8974 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 16:20:34 +00:00
Steve Tornio 970efbc628 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8971 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 11:27:56 +00:00
natron b5ee26770b Cameled all vars on accident, uncameling regular opts. Also, broke native osx payload, oops.
git-svn-id: file:///home/svn/framework3/trunk@8970 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 05:15:26 +00:00
Mario Ceballos f10d0fbb41 added exploit module hp_nnm_ovwebhelp.rb
git-svn-id: file:///home/svn/framework3/trunk@8969 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-01 00:47:31 +00:00
Joshua Drake ff8cdc29aa update description with a little history
git-svn-id: file:///home/svn/framework3/trunk@8968 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:36:10 +00:00
Joshua Drake 516a6f47e5 move USERNAME/PASSWORD setting to exploit instead of auto_target so manual targets work - fixes #1416
git-svn-id: file:///home/svn/framework3/trunk@8967 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:29:47 +00:00
natron c1fa8d60f7 Expose exe :template and :insert via advanced options plus formatting changes. Thanks MarkBagget for the kick in the pants and the example options to to_win32pe\!
git-svn-id: file:///home/svn/framework3/trunk@8966 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 22:05:32 +00:00
Joshua Drake da874c323a renamed and udpated "iepeers" vuln with latest information/name
git-svn-id: file:///home/svn/framework3/trunk@8965 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-31 20:15:22 +00:00
Joshua Drake 477a424cab silly comma...
git-svn-id: file:///home/svn/framework3/trunk@8959 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 06:42:59 +00:00
Joshua Drake ee90abb049 author fix
git-svn-id: file:///home/svn/framework3/trunk@8958 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 04:26:14 +00:00
Joshua Drake c9d321b352 clean up comments
git-svn-id: file:///home/svn/framework3/trunk@8957 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-30 01:40:26 +00:00
Joshua Drake b2f3e91c8b add a target for v8.6.0.1936
git-svn-id: file:///home/svn/framework3/trunk@8955 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-29 18:19:59 +00:00
Joshua Drake 0a6547045d add exploit module for cve-2007-2888
git-svn-id: file:///home/svn/framework3/trunk@8953 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-29 17:21:15 +00:00
HD Moore 4bac76cc9e Fix XOR encoding for this module
git-svn-id: file:///home/svn/framework3/trunk@8940 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 20:17:33 +00:00
Joshua Drake 79e277450a add reliable IE7 trigger from Nanika
git-svn-id: file:///home/svn/framework3/trunk@8935 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 01:31:19 +00:00
Joshua Drake 3dc30aeed6 minor whitespace change
git-svn-id: file:///home/svn/framework3/trunk@8934 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 01:30:40 +00:00
Joshua Drake 89d6907a8f fix typoez
git-svn-id: file:///home/svn/framework3/trunk@8933 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-27 00:35:48 +00:00
Joshua Drake f649c4a92c raise exception if unable to login
git-svn-id: file:///home/svn/framework3/trunk@8932 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-26 19:00:23 +00:00
HD Moore 22cb5a6bea 1.9 compatibility fixes for lpd exploits, clarification in the print messages that we are *trying* to exploit something, not absolutely doing so
git-svn-id: file:///home/svn/framework3/trunk@8916 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 14:52:35 +00:00
James Lee a27c941714 targ_host -> target_host
git-svn-id: file:///home/svn/framework3/trunk@8909 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-25 01:09:04 +00:00
Joshua Drake 4f657ef868 add exploit module for cve-2009-1260
git-svn-id: file:///home/svn/framework3/trunk@8900 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 19:35:29 +00:00
HD Moore 2b419a421d Add default timeouts to autopwn, control with -T
git-svn-id: file:///home/svn/framework3/trunk@8892 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-24 00:11:21 +00:00
Joshua Drake 5c1cf6aefb correction to target descriptions
git-svn-id: file:///home/svn/framework3/trunk@8889 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 06:54:45 +00:00
Joshua Drake 39537bfc53 add an office xp sp0 target
git-svn-id: file:///home/svn/framework3/trunk@8888 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-23 06:00:54 +00:00
Joshua Drake b8b11338b1 add linux x86/x86_64 support for tomcat manger deploy, see #1016
git-svn-id: file:///home/svn/framework3/trunk@8853 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-19 02:13:02 +00:00
Joshua Drake d270d8aa95 update author comments
git-svn-id: file:///home/svn/framework3/trunk@8852 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-18 23:52:28 +00:00
Joshua Drake a940d9a810 add exploit module for VariCAD 2010-2.05 DWB bug
git-svn-id: file:///home/svn/framework3/trunk@8851 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-18 23:47:52 +00:00
Joshua Drake ef299e71d2 candy mountain whitespace fixes!
git-svn-id: file:///home/svn/framework3/trunk@8834 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-16 18:07:49 +00:00
Joshua Drake 7fcad1f4b8 add exploit module for cve-2010-0188 (possibly cve-2006-3549)
git-svn-id: file:///home/svn/framework3/trunk@8833 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-16 18:06:50 +00:00
Joshua Drake 40dd65494e add notes about vulnerable versions
git-svn-id: file:///home/svn/framework3/trunk@8811 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-13 18:15:06 +00:00
HD Moore 13410d4daa Rename aurora module to the MSB naming convention
git-svn-id: file:///home/svn/framework3/trunk@8780 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 05:49:45 +00:00
HD Moore a23344b5d0 Consistency in how IE/Internet Explorer is named
git-svn-id: file:///home/svn/framework3/trunk@8779 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 05:49:14 +00:00
Steve Tornio d3da883aa2 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8774 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:07:04 +00:00
HD Moore baf64ed999 Remove trailing
git-svn-id: file:///home/svn/framework3/trunk@8771 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:01:43 +00:00
Joshua Drake 3c57fe6e81 add exploit module for cve-2010-0806
git-svn-id: file:///home/svn/framework3/trunk@8770 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 22:01:32 +00:00
HD Moore aaea62bb92 Report the correct local/peer names for the session information. Fix a return value check
git-svn-id: file:///home/svn/framework3/trunk@8765 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 07:13:18 +00:00
Joshua Drake b419a40c45 finished periodic missing CVE reference check (hint vulns w/o CVEs here!)
also some minor cleanups here and there

git-svn-id: file:///home/svn/framework3/trunk@8762 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:58:01 +00:00
Joshua Drake 3b9524697f add verbose option
git-svn-id: file:///home/svn/framework3/trunk@8761 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 05:55:47 +00:00
Joshua Drake 52647260b3 add offset for alternative file open methods
git-svn-id: file:///home/svn/framework3/trunk@8757 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 05:57:22 +00:00
Joshua Drake fbc157df56 add exploit module for cve-2010-0688
git-svn-id: file:///home/svn/framework3/trunk@8754 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-09 01:04:44 +00:00
HD Moore b1973c6630 Adds detection and exploitation coverage for the Energizer Duo trojan
git-svn-id: file:///home/svn/framework3/trunk@8749 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-08 19:06:50 +00:00
Joshua Drake 83419da78b check for vulnerable version in JS prior to triggering vuln, closes #1011
git-svn-id: file:///home/svn/framework3/trunk@8731 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-06 04:36:16 +00:00
Joshua Drake 35c4a1d123 handle missing targets more gracefully, stub out linux and x86_64 support detection
git-svn-id: file:///home/svn/framework3/trunk@8729 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:35:18 +00:00
Joshua Drake 28f4eb2fd9 handle failed logins - fixes #1014
git-svn-id: file:///home/svn/framework3/trunk@8728 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 17:05:12 +00:00
Joshua Drake de9e944ad9 fix compile error
git-svn-id: file:///home/svn/framework3/trunk@8723 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 06:47:19 +00:00
Joshua Drake 73da75a931 big update to cmd stager
1. returns array of commands instead of big blob of lines
2. combine lines together when possible (to reduce # of commands to execute)
3. add cmd stager usage in mssql_payload
4. remove extraneous stuff here and there

git-svn-id: file:///home/svn/framework3/trunk@8721 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-05 00:29:44 +00:00
Joshua Drake 1629bf7bf0 move http_send_cmd into cmdweb test exploit
git-svn-id: file:///home/svn/framework3/trunk@8716 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 21:00:58 +00:00
Joshua Drake 0900314a15 redirect requests without subdirectories
git-svn-id: file:///home/svn/framework3/trunk@8713 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 18:28:05 +00:00
Joshua Drake 4bd857b53e add exploit module for cve-2008-3558
git-svn-id: file:///home/svn/framework3/trunk@8712 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 17:41:26 +00:00
Joshua Drake e8f22a7136 add exploit module for cve-2008-3878
git-svn-id: file:///home/svn/framework3/trunk@8705 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-04 06:19:37 +00:00
Joshua Drake 5aebed8fe7 add exploit module for cve-2008-5002
git-svn-id: file:///home/svn/framework3/trunk@8703 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 21:17:31 +00:00
Joshua Drake fb5906385d add exploit module for cve-2009-1534
git-svn-id: file:///home/svn/framework3/trunk@8698 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 18:12:37 +00:00
Joshua Drake d86575701d added CVE, KB references
git-svn-id: file:///home/svn/framework3/trunk@8696 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-03 03:20:58 +00:00
Steve Tornio 074b4ada44 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8688 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 12:23:17 +00:00
Joshua Drake 4b59410507 rename module per ms bulletin
git-svn-id: file:///home/svn/framework3/trunk@8686 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 07:50:25 +00:00
Joshua Drake d0153225a0 add exploit module for cve-2009-1612
git-svn-id: file:///home/svn/framework3/trunk@8685 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-02 02:26:55 +00:00
Joshua Drake cc9113397c add exploit for IE Windows Help vulnerability
git-svn-id: file:///home/svn/framework3/trunk@8682 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 23:14:20 +00:00
Joshua Drake e80df81350 correct the CVE reference
git-svn-id: file:///home/svn/framework3/trunk@8678 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 19:47:13 +00:00
Joshua Drake cc891bce80 whitespace cleanups
git-svn-id: file:///home/svn/framework3/trunk@8677 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-01 15:13:04 +00:00
James Lee 3b59bc7cfc use the same option names for user/pass
git-svn-id: file:///home/svn/framework3/trunk@8674 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 22:14:58 +00:00
Stephen Fewer b4339930e7 rename this module with the updated MSB and swap out the hard coded kernel stager for the new kernel stager mixin.
git-svn-id: file:///home/svn/framework3/trunk@8656 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 13:42:17 +00:00
Joshua Drake 541a409f44 remove app_name variable
git-svn-id: file:///home/svn/framework3/trunk@8619 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-24 16:53:55 +00:00
Joshua Drake afd2df315b rename module part deux!
git-svn-id: file:///home/svn/framework3/trunk@8607 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 18:12:10 +00:00
Joshua Drake 705a4626e4 remove dash from file name
git-svn-id: file:///home/svn/framework3/trunk@8605 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 18:06:35 +00:00
Joshua Drake 81f93d48e7 add german target from contributor, thx!
git-svn-id: file:///home/svn/framework3/trunk@8601 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-23 17:23:05 +00:00
Joshua Drake b810e9665f add comment about autofilter mapping
git-svn-id: file:///home/svn/framework3/trunk@8592 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:30:38 +00:00
Joshua Drake b818536e46 corrected comment text
git-svn-id: file:///home/svn/framework3/trunk@8590 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:27:15 +00:00
Joshua Drake e3b009471b move code in autofilter into check
git-svn-id: file:///home/svn/framework3/trunk@8589 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 22:26:28 +00:00
Joshua Drake 1faec528de fix InitAutoRunScript -> InitialAutoRunScript
git-svn-id: file:///home/svn/framework3/trunk@8582 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-22 17:52:19 +00:00
Joshua Drake 6414821ea8 add exploit modules for CVEs 2005-2877 and 2004-1037
git-svn-id: file:///home/svn/framework3/trunk@8578 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 20:31:09 +00:00
Joshua Drake 865969e059 whitespace adjustments - finally closes #773
git-svn-id: file:///home/svn/framework3/trunk@8575 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 01:44:34 +00:00
Joshua Drake 32bf50c627 add exploit module to get code exec from jboss.system:MainDeployer access
git-svn-id: file:///home/svn/framework3/trunk@8574 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-21 01:41:24 +00:00
Joshua Drake 8446a0c305 add auto-targeting to tomcat_mgr_deploy, fixes #887
git-svn-id: file:///home/svn/framework3/trunk@8564 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-20 01:14:39 +00:00
Steve Tornio 93acc977fe fix osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8563 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 19:42:08 +00:00
Joshua Drake 6e8eddcf5e add exploit module for cve-2008-0506
git-svn-id: file:///home/svn/framework3/trunk@8562 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 07:31:12 +00:00
HD Moore 1a53411282 Filter out the other test modules from automation
git-svn-id: file:///home/svn/framework3/trunk@8559 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:18:43 +00:00
HD Moore 0db3ada840 Filter this from automation
git-svn-id: file:///home/svn/framework3/trunk@8558 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:15:03 +00:00
natron 5b3c87c9c5 Add option to save java code to file.
git-svn-id: file:///home/svn/framework3/trunk@8557 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-19 05:11:56 +00:00
Joshua Drake 2e77c76824 add exploit module to get code exec on a tomcat manager instance, closes #772
git-svn-id: file:///home/svn/framework3/trunk@8552 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 18:18:43 +00:00
Patrick Webster 350c189a34 Added exploit module qbik_wingate_wwwproxy.
git-svn-id: file:///home/svn/framework3/trunk@8547 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-18 15:58:26 +00:00
Joshua Drake 797ab55f52 add exploit module for cve-2009-2011
git-svn-id: file:///home/svn/framework3/trunk@8541 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 20:14:40 +00:00
Joshua Drake b4ead057f6 add exploit module for cve-2000-0917
git-svn-id: file:///home/svn/framework3/trunk@8530 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-17 00:56:28 +00:00
Joshua Drake 4800d6841c commit cmd stager stuff from bannedit
git-svn-id: file:///home/svn/framework3/trunk@8518 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 16:38:19 +00:00
et cf29ff333e Added a path to prepend
git-svn-id: file:///home/svn/framework3/trunk@8514 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 05:24:31 +00:00
Joshua Drake 48b7aec12d corrected cve reference
git-svn-id: file:///home/svn/framework3/trunk@8512 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 00:30:17 +00:00
Joshua Drake a996668cfa added payload notes
git-svn-id: file:///home/svn/framework3/trunk@8511 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 00:27:45 +00:00
Joshua Drake 82369aa9e8 add exploit module for cve-2007-2447
git-svn-id: file:///home/svn/framework3/trunk@8510 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-16 00:26:41 +00:00
Joshua Drake 8c59c9cfdc fix typos
git-svn-id: file:///home/svn/framework3/trunk@8508 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 22:42:16 +00:00
Joshua Drake b1ef6075c0 add exploit module for cve-2007-5208
git-svn-id: file:///home/svn/framework3/trunk@8507 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 22:38:50 +00:00
HD Moore 1857268af8 Uber-fast-get-me-a-php-shell mode :)
git-svn-id: file:///home/svn/framework3/trunk@8505 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 17:59:54 +00:00
HD Moore 32357b1f64 Skip the debugging target for automatic mode
git-svn-id: file:///home/svn/framework3/trunk@8499 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 01:02:12 +00:00
HD Moore 5d7139ad6f Various module cleanups
git-svn-id: file:///home/svn/framework3/trunk@8498 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 00:48:03 +00:00
Patrick Webster f9ae031055 Added piranha_passwd_exec exploit module.
git-svn-id: file:///home/svn/framework3/trunk@8497 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-14 20:27:24 +00:00
Patrick Webster ee4fd8c75d Ported sambar6_search_results from v2.
git-svn-id: file:///home/svn/framework3/trunk@8480 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 20:15:19 +00:00
HD Moore 7aa7995da9 Autodetect and exploit 2003 SP0
git-svn-id: file:///home/svn/framework3/trunk@8479 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 20:04:24 +00:00
Patrick Webster 01cbe85468 Fixed OSVDB refs and added CA Server module.
git-svn-id: file:///home/svn/framework3/trunk@8478 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 16:16:13 +00:00
Patrick Webster c8da073f80 Ported calicclnt_getconfig exploit module from msf2.
git-svn-id: file:///home/svn/framework3/trunk@8476 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 15:38:06 +00:00
Joshua Drake 1896c82e39 add exploit module for cve-2009-2484
git-svn-id: file:///home/svn/framework3/trunk@8475 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 06:58:27 +00:00
Joshua Drake 8c28d583aa bump ranking up a notch
git-svn-id: file:///home/svn/framework3/trunk@8474 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-13 06:57:58 +00:00
Joshua Drake d561b8e8ec add references, update description
git-svn-id: file:///home/svn/framework3/trunk@8471 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 21:09:09 +00:00
Joshua Drake f3c6b01bbd add first exploit module using Rex::OLE (cve-2009-3129)
git-svn-id: file:///home/svn/framework3/trunk@8470 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 20:52:41 +00:00
Patrick Webster 3fd3d44ad6 Added barcode_ax49.rb exploit module.
git-svn-id: file:///home/svn/framework3/trunk@8466 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 18:06:49 +00:00
HD Moore 3fe41a0d94 Fix a small typo
git-svn-id: file:///home/svn/framework3/trunk@8463 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 14:44:23 +00:00
natron 9729b22972 Loopty version of the wireshark exploit. This will continually blast packets as a background job.
git-svn-id: file:///home/svn/framework3/trunk@8460 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-12 01:58:33 +00:00
Joshua Drake 6e80c7a62c use Rex::Arch::pack_addr
git-svn-id: file:///home/svn/framework3/trunk@8454 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-11 09:03:48 +00:00
Joshua Drake 0f942df9cd whitespace changes
git-svn-id: file:///home/svn/framework3/trunk@8451 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-11 06:00:12 +00:00
Joshua Drake f82c53db2a move 70k binary to data/exploits instead of hex encoded in the exploit
git-svn-id: file:///home/svn/framework3/trunk@8446 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 23:17:19 +00:00
James Lee eb6ce38e0c old zero-day shows its age
git-svn-id: file:///home/svn/framework3/trunk@8445 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 20:41:07 +00:00
Joshua Drake d96a6a1f8f add exploit module for cve-2009-2261 - first consumer of zip library!
git-svn-id: file:///home/svn/framework3/trunk@8440 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-10 17:28:25 +00:00
Joshua Drake 48a159006a Regenerate the payload with the specified AIX level, cleanups
git-svn-id: file:///home/svn/framework3/trunk@8427 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 04:15:47 +00:00
Joshua Drake e7f7ac20ea extended brute range, minor cleanups
git-svn-id: file:///home/svn/framework3/trunk@8426 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 04:15:15 +00:00
HD Moore af978cbbdc Regenerate the payload with the specified AIX level
git-svn-id: file:///home/svn/framework3/trunk@8424 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 03:59:20 +00:00
Joshua Drake 7bf3de2a3d randomize filler
git-svn-id: file:///home/svn/framework3/trunk@8422 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 00:43:56 +00:00
Joshua Drake 40579ce936 it works! don't forget to "set AIX <version>"
git-svn-id: file:///home/svn/framework3/trunk@8421 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-09 00:41:49 +00:00
HD Moore ba34abc232 Fix unpack("H*") vs unpack("H*")[0]
git-svn-id: file:///home/svn/framework3/trunk@8416 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 21:37:07 +00:00
HD Moore c6c1cda153 Try to delete the file (doesn't always work)
git-svn-id: file:///home/svn/framework3/trunk@8413 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 19:12:59 +00:00
HD Moore bc62eaf99b Adds a module to exploit insecure IIS configurations (PUT)
git-svn-id: file:///home/svn/framework3/trunk@8412 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 19:04:19 +00:00
Steve Tornio f3ad1c0a15 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8410 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 18:53:21 +00:00
Joshua Drake f04ae6f20d minor cleanups -- getting closer
git-svn-id: file:///home/svn/framework3/trunk@8402 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 01:03:46 +00:00
HD Moore 7870638481 Expose the SunRPC socket; we need to overhaul the SunRPC code sometime
git-svn-id: file:///home/svn/framework3/trunk@8399 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:52:58 +00:00
Joshua Drake 8b63d506f7 initial commit of aix cmsd exploit (not fully working yet)
git-svn-id: file:///home/svn/framework3/trunk@8398 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:44:54 +00:00
Joshua Drake 9f174795d4 add exploit module for vermillion ftpd memory corruption
git-svn-id: file:///home/svn/framework3/trunk@8396 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-08 00:39:48 +00:00
Joshua Drake a772bc2c85 minor cleanups
git-svn-id: file:///home/svn/framework3/trunk@8395 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-07 21:42:12 +00:00
HD Moore bd91871763 Correct credit for the advisory
git-svn-id: file:///home/svn/framework3/trunk@8391 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 23:22:28 +00:00
Joshua Drake 875a66553f clean up a couple comments to save future pain
git-svn-id: file:///home/svn/framework3/trunk@8380 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 06:53:31 +00:00
Joshua Drake bd3a4760da fixes to adobe_pdf_embedded_exe
optimized the directory search, and cmdline in general
added the Documents (Vista/Win7) to the list of directories to check
fixes #767



git-svn-id: file:///home/svn/framework3/trunk@8379 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 06:51:13 +00:00
Joshua Drake 9397c897ba fix spoof support
git-svn-id: file:///home/svn/framework3/trunk@8367 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-04 04:56:18 +00:00
Joshua Drake 9b79ebd000 add a windows target, thx redsand!
also removed some cruft


git-svn-id: file:///home/svn/framework3/trunk@8364 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-03 18:24:42 +00:00
Joshua Drake 7538b93aae add exploit module for cve-2006-6665
git-svn-id: file:///home/svn/framework3/trunk@8361 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-03 06:09:31 +00:00
Joshua Drake a41647a922 add silly jmp esp target for wireshark gui on debian
git-svn-id: file:///home/svn/framework3/trunk@8360 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-03 00:08:28 +00:00
Steve Tornio 2cbd6d152d Add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@8347 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-02 12:37:07 +00:00
Joshua Drake 98dd073368 add an exploit module for one of the wireshark lwres vulns
git-svn-id: file:///home/svn/framework3/trunk@8346 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-02 06:20:18 +00:00
Joshua Drake 746c4fc263 whitespace change
git-svn-id: file:///home/svn/framework3/trunk@8345 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-02 06:19:34 +00:00
Joshua Drake fde3fbb2e3 add exploit module for cve-2009-1569
git-svn-id: file:///home/svn/framework3/trunk@8339 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 03:56:02 +00:00
Joshua Drake c073cd707a removed unecessary parameter, commented target
git-svn-id: file:///home/svn/framework3/trunk@8338 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 03:33:38 +00:00
Joshua Drake 2783c5884e add exploit module for cve-2009-1568
git-svn-id: file:///home/svn/framework3/trunk@8336 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-01 02:40:47 +00:00
natron 3ecabe1be9 Adds static signed jar and user messages letting them know.
git-svn-id: file:///home/svn/framework3/trunk@8328 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 19:47:40 +00:00
Joshua Drake 4863faf0a7 add reference to cve-2000-1209 (sa blank password)
git-svn-id: file:///home/svn/framework3/trunk@8324 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 16:37:06 +00:00
Joshua Drake c514c2274b typo, fixes #786, see also r8315
git-svn-id: file:///home/svn/framework3/trunk@8316 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 01:06:06 +00:00
Joshua Drake 53fd14c9c0 updated description, added PATH variable
git-svn-id: file:///home/svn/framework3/trunk@8315 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-29 01:04:23 +00:00
natron 69ad365b46 Added STDERR to pure java payload, cleaned up user's view.
git-svn-id: file:///home/svn/framework3/trunk@8308 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 22:53:36 +00:00
Steve Tornio 70c0cb7530 add osvdb ref
git-svn-id: file:///home/svn/framework3/trunk@8307 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 21:04:40 +00:00
Steve Tornio a3f4d4f65e add cve and osvdb refs
git-svn-id: file:///home/svn/framework3/trunk@8306 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 21:04:01 +00:00
Joshua Drake c0e556f7ad oops, broke the tree again!
git-svn-id: file:///home/svn/framework3/trunk@8305 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 20:37:44 +00:00
Joshua Drake 4751d83cb8 some cleanups, added some CVE references
git-svn-id: file:///home/svn/framework3/trunk@8304 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 20:15:32 +00:00
Joshua Drake 7789db860d add exploit module for Audiotran .pls file bof
git-svn-id: file:///home/svn/framework3/trunk@8303 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 19:24:41 +00:00
Joshua Drake d9e5de5683 note the CLSID of this control
git-svn-id: file:///home/svn/framework3/trunk@8302 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 19:17:50 +00:00
Joshua Drake 15e13348c0 add exploit module for AOL phobos bug
git-svn-id: file:///home/svn/framework3/trunk@8300 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 18:58:14 +00:00
Joshua Drake 0fbe42395f added automatic target detection
git-svn-id: file:///home/svn/framework3/trunk@8287 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-28 07:34:47 +00:00
Joshua Drake 008755b025 add exploit module for yassl CertDecoder::GetName vuln
also renames old mysql_yassl exploit to _hello

git-svn-id: file:///home/svn/framework3/trunk@8282 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 23:24:44 +00:00
natron 9891d60dfc Move applet generation up for slight speed improvement and less spamminess to the user.
git-svn-id: file:///home/svn/framework3/trunk@8281 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 23:15:36 +00:00
natron 5e4442a4d4 Fix a bug missed due to caching issues.
git-svn-id: file:///home/svn/framework3/trunk@8276 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 20:58:13 +00:00
natron c135462768 <@jduck> natron: you need some svn keywords magic
git-svn-id: file:///home/svn/framework3/trunk@8274 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 20:20:32 +00:00
natron cd5e5880d2 Initial commit of Msf::Exploit::Java mixin and multi/browser/java_signed_applet exploit.
git-svn-id: file:///home/svn/framework3/trunk@8267 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-27 19:46:39 +00:00
Joshua Drake 31949c4343 svn keywords fixups
fixed a bunch of $Id$ and $Revision$ typos
added keywords property to files missing it



git-svn-id: file:///home/svn/framework3/trunk@8242 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-26 20:12:13 +00:00
HD Moore 1bdd286936 This bug actually affected 9.2 as well according to adobe, reference updated
git-svn-id: file:///home/svn/framework3/trunk@8222 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-25 14:22:13 +00:00
Joshua Drake 87adb7714f fixed whitespace
git-svn-id: file:///home/svn/framework3/trunk@8219 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-25 04:52:49 +00:00
Joshua Drake 83f47796fe add reference to ms09-032 (the mitigation)
git-svn-id: file:///home/svn/framework3/trunk@8212 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-24 00:05:19 +00:00
Joshua Drake 14862e0106 added another target
git-svn-id: file:///home/svn/framework3/trunk@8204 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 21:43:40 +00:00
Joshua Drake 6fd20d411f add exploit module for cve-2009-4179
git-svn-id: file:///home/svn/framework3/trunk@8192 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 05:52:53 +00:00
Joshua Drake 409d44bfad fix another typo
git-svn-id: file:///home/svn/framework3/trunk@8190 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 19:26:04 +00:00
Joshua Drake 9cb3ac9340 fix typo
git-svn-id: file:///home/svn/framework3/trunk@8189 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 19:24:54 +00:00
Joshua Drake ab1a1c58db escape more format specifiers passed to util.printd
prevents mucking with the allocation size (hopefully)
a better solution would be to find a different way to allocate the freed memory..


git-svn-id: file:///home/svn/framework3/trunk@8188 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 18:32:01 +00:00
Joshua Drake a87d4e7eb4 escape randomly generated format specifiers passed to util.printd
prevents mucking with the allocation size (hopefully)


git-svn-id: file:///home/svn/framework3/trunk@8186 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 17:09:46 +00:00
Joshua Drake 2b8a2d56a1 some variable renaming
git-svn-id: file:///home/svn/framework3/trunk@8184 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 04:55:16 +00:00
Joshua Drake 72e1b9bb50 added a couple better error messages
git-svn-id: file:///home/svn/framework3/trunk@8183 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:30:08 +00:00
Joshua Drake 97c3159293 fixed version command, check function
git-svn-id: file:///home/svn/framework3/trunk@8182 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:15:20 +00:00
Joshua Drake e8048704be add exploit module for cve-2009-1979 (oracle pre-auth bof)
git-svn-id: file:///home/svn/framework3/trunk@8181 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-21 00:05:18 +00:00
Joshua Drake 310be42bfa try not to repeatedly load static files - see #694
git-svn-id: file:///home/svn/framework3/trunk@8166 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 19:12:42 +00:00
Joshua Drake db5097af91 bump ranking up, comment about crash recovery
git-svn-id: file:///home/svn/framework3/trunk@8154 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 07:23:22 +00:00
Joshua Drake 477468147b cleanup exceptions, optimize query length, add some entropy
git-svn-id: file:///home/svn/framework3/trunk@8153 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 05:09:40 +00:00
Joshua Drake 7c402d1d79 changed a comment
git-svn-id: file:///home/svn/framework3/trunk@8152 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 01:56:31 +00:00
Joshua Drake 52b71077d3 major overhaul of ms09-004 (cve-2008-5416) exploit
git-svn-id: file:///home/svn/framework3/trunk@8151 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 01:51:48 +00:00
James Lee bbe10b439f let the user know when a client connects
git-svn-id: file:///home/svn/framework3/trunk@8140 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-16 01:00:01 +00:00
HD Moore 69f609bdcd Updated description to make the source of the exploit clear and why it only triggers reliably vs 6 now. Adjusts the heap spray to be slightly bigger
git-svn-id: file:///home/svn/framework3/trunk@8138 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-16 00:55:42 +00:00
Steve Tornio a0326fc842 add CVE and OSVDB refs
git-svn-id: file:///home/svn/framework3/trunk@8137 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 22:05:02 +00:00
HD Moore 579a6fe799 Metasploit port of the IE "Aurora" exploit, based on this sample: http://wepawet.iseclab.org/view.php?hash=1aea206aa64ebeabb07237f1e2230d0f&type=js
git-svn-id: file:///home/svn/framework3/trunk@8136 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-15 21:36:04 +00:00
Joshua Drake fba8a1d110 added a German target with 0x0a0a0a0a as the spray addr
git-svn-id: file:///home/svn/framework3/trunk@8125 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-14 22:24:56 +00:00
HD Moore b1f79c6342 Use nohup to prevent the telnet session close from killing the command
git-svn-id: file:///home/svn/framework3/trunk@8082 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-07 00:10:03 +00:00
Joshua Drake 8399ff46b2 oops, left out a var
git-svn-id: file:///home/svn/framework3/trunk@8081 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:55:41 +00:00
Joshua Drake c51c14bcba fix typos :-/
git-svn-id: file:///home/svn/framework3/trunk@8080 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:09:34 +00:00
Joshua Drake 97338e6848 add exploit module for cve-2007-2280 (split from other)
git-svn-id: file:///home/svn/framework3/trunk@8079 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:04:58 +00:00
Joshua Drake 75ff9d327a _2 == cve-2009-3844
git-svn-id: file:///home/svn/framework3/trunk@8078 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 20:01:08 +00:00
Joshua Drake 3a9b384554 renamed the moduled
git-svn-id: file:///home/svn/framework3/trunk@8077 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 19:29:11 +00:00
Joshua Drake 4a0051d93a lots of updates, preparing to split into two modules
git-svn-id: file:///home/svn/framework3/trunk@8076 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-06 19:28:19 +00:00
Steve Tornio 888b7637c0 Add OSVDB ref, fixed exploit-db refs
git-svn-id: file:///home/svn/framework3/trunk@8071 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 11:49:12 +00:00
Joshua Drake 905d391d5e add exploit module for bigant 2.52 usv bug
git-svn-id: file:///home/svn/framework3/trunk@8070 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 08:24:35 +00:00
Joshua Drake efb3dbb2af minor tweaks
git-svn-id: file:///home/svn/framework3/trunk@8069 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 00:35:46 +00:00
Joshua Drake 789d875d24 record addr for stack hijacking
git-svn-id: file:///home/svn/framework3/trunk@8068 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-05 00:02:15 +00:00
Joshua Drake 9a9c92d785 added description, sql2ksp3 target, minor reliability improvement
git-svn-id: file:///home/svn/framework3/trunk@8067 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-04 22:07:03 +00:00
Steve Tornio c62e314ac4 Add OSVDB ref
git-svn-id: file:///home/svn/framework3/trunk@8063 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-04 13:02:18 +00:00
Mario Ceballos 1239ce132e added exploit module nettransport.rb from dookie
git-svn-id: file:///home/svn/framework3/trunk@8062 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-03 16:07:54 +00:00
Joshua Drake bb07ea9854 many updates, now supporting two diff techniques
git-svn-id: file:///home/svn/framework3/trunk@8061 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-03 08:10:28 +00:00
James Lee 3c6cbbc47e make sure IE service packs don't throw off the version comparison
git-svn-id: file:///home/svn/framework3/trunk@8049 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 21:24:00 +00:00
Joshua Drake e2a0ff92ce add check and auto-target selection
git-svn-id: file:///home/svn/framework3/trunk@8048 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 16:26:32 +00:00
Steve Tornio 64e524545e Update OSVDB ref
git-svn-id: file:///home/svn/framework3/trunk@8045 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 13:30:35 +00:00
Joshua Drake 23d7f53f3a add exploit module for cve-2008-5416
git-svn-id: file:///home/svn/framework3/trunk@8044 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-31 05:18:55 +00:00
Joshua Drake 2283e029db crossing fingers, big cr removal batch
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-30 22:24:22 +00:00
Joshua Drake 4827d81966 formatting fixes
git-svn-id: file:///home/svn/framework3/trunk@8029 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-30 00:48:16 +00:00
Joshua Drake 48c2184fb2 reinstated linux bruteforce target from msf2 exploit
git-svn-id: file:///home/svn/framework3/trunk@8025 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-29 22:57:02 +00:00
Joshua Drake 57fd341f4a added auto targeting, XPSP1 target, updated 2ksp4 target, notes, description
git-svn-id: file:///home/svn/framework3/trunk@8023 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-29 19:22:43 +00:00
HD Moore 922cef26fa Store the domain name in the SMB client object, along with other fields provided by NTLMSSP responses. Show the domain name and netbios name in the version scanner. Update MS06-070 to remove the default target, use the domain name from the server response, and use a more reliable return address for 2000 SP4.
git-svn-id: file:///home/svn/framework3/trunk@8022 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-29 14:00:49 +00:00
Joshua Drake 6170998ba3 add exploit module for cve-2006-4691
git-svn-id: file:///home/svn/framework3/trunk@8021 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-29 05:13:57 +00:00
Joshua Drake 1f2c1e7866 corrected cve, removed cr's, added keywords
git-svn-id: file:///home/svn/framework3/trunk@8012 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 21:12:11 +00:00
Joshua Drake 45a9d50d0d add exploit module for CVE-2008-4193
git-svn-id: file:///home/svn/framework3/trunk@8010 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 20:38:50 +00:00
HD Moore 364880fb4d Bump the session wait to 10 seconds
git-svn-id: file:///home/svn/framework3/trunk@8004 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 14:27:33 +00:00
Steve Tornio 5ac485eb48 Add OSVDB reference
git-svn-id: file:///home/svn/framework3/trunk@8002 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 12:33:40 +00:00
HD Moore 4728a29bae Two new modules from dijital1
git-svn-id: file:///home/svn/framework3/trunk@8000 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-28 04:36:25 +00:00
HD Moore 16062eed2d Holiday present from EgiX
git-svn-id: file:///home/svn/framework3/trunk@7989 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-26 18:50:44 +00:00
HD Moore d0969746a4 Mostly cosmetic changes from local tree
git-svn-id: file:///home/svn/framework3/trunk@7970 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-26 03:31:20 +00:00
HD Moore 87176f9591 Correct a syntax error in adobe_u3d_meshdecl
git-svn-id: file:///home/svn/framework3/trunk@7959 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-23 12:50:55 +00:00
HD Moore 92c703ba6f Wait a second before deleting the file, catch an exception on delete, combined these reduce some of the issues around psexec
git-svn-id: file:///home/svn/framework3/trunk@7954 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-23 04:02:59 +00:00
James Lee b933f49ec3 this exploit always uses an exe, so default EXITFUNC to process so we don't leave processes lying around
git-svn-id: file:///home/svn/framework3/trunk@7950 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-23 01:29:16 +00:00
Joshua Drake 1e6c9bef74 fix uri for check/detect
git-svn-id: file:///home/svn/framework3/trunk@7942 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 23:10:38 +00:00
Joshua Drake 6219116ebf removed exit calls
git-svn-id: file:///home/svn/framework3/trunk@7940 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 23:03:03 +00:00
Joshua Drake d0098095a4 hopefully resolved some hang issues
git-svn-id: file:///home/svn/framework3/trunk@7939 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 22:57:36 +00:00
Joshua Drake 9afb67aa5f removed exit call
git-svn-id: file:///home/svn/framework3/trunk@7936 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 22:10:18 +00:00
Joshua Drake 5830e359b6 corrected "privileged" flag
git-svn-id: file:///home/svn/framework3/trunk@7932 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 18:18:18 +00:00
Joshua Drake 19d32b6c97 add jabra to author list
git-svn-id: file:///home/svn/framework3/trunk@7931 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 17:01:12 +00:00
Steve Tornio 544efd879b Add OSVDB references
git-svn-id: file:///home/svn/framework3/trunk@7929 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 11:53:20 +00:00
Joshua Drake 47ef693b77 add CVE references!
git-svn-id: file:///home/svn/framework3/trunk@7928 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 09:38:42 +00:00
Joshua Drake 86dc8da1bb bump ranking up
git-svn-id: file:///home/svn/framework3/trunk@7927 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-21 07:56:48 +00:00
Joshua Drake 4b883322f5 moved length adjustment
git-svn-id: file:///home/svn/framework3/trunk@7926 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-20 22:45:33 +00:00
Joshua Drake 3767b6be7a add exploit module for cve-2008-4828
git-svn-id: file:///home/svn/framework3/trunk@7925 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-20 22:40:14 +00:00
Joshua Drake 6f243f6515 add exploit module for cve-2009-3853
git-svn-id: file:///home/svn/framework3/trunk@7924 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-20 11:09:39 +00:00