Commit Graph

107 Commits (d5888a7f6fb3d0d11624072c9a2e1759ed61efd4)

Author SHA1 Message Date
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
Christian Mehlmauer f45b89503d change WPVULNDBID to WPVDB 2014-10-03 17:13:18 +02:00
Christian Mehlmauer 33b37727c7 Added wpvulndb links 2014-10-02 23:03:31 +02:00
Christian Mehlmauer a7be5b5164
Added fingerprinting 2014-08-07 18:12:58 +02:00
Christian Mehlmauer d6e60453d6
Added Wordpress XMLRPC DoS 2014-08-07 11:38:44 +02:00
jvazquez-r7 8937fbb2f5 Fix email format 2014-07-11 12:45:23 -05:00
Tod Beardsley 062175128b
Update @Meatballs and @FireFart in authors.rb 2014-04-09 10:46:10 -05:00
William Vu 170608e97b Fix first chunk of msftidy "bad char" errors
There needs to be a better way to go about preventing/fixing these.
2014-03-11 11:18:54 -05:00
Tod Beardsley de6be50d64
Minor cleanup and finger-wagging about a for loop 2014-03-03 14:12:22 -06:00
jvazquez-r7 449d0d63d1 Do small clean up 2014-02-26 08:52:51 -06:00
ribeirux ead7cbc692 Author and URI fixed 2014-02-24 22:20:34 +01:00
ribeirux 8f7f1d0497 Add module for CVE-2014-0050 2014-02-22 14:56:59 +01:00
sinn3r a239e14084 Fix nodejs_popelining check 2014-01-19 17:06:35 -06:00
Tod Beardsley e737b136cc
Minor grammar/caps fixup for release 2013-12-09 14:01:27 -06:00
jvazquez-r7 fdebfe3d2f Add references 2013-12-07 14:25:58 -06:00
sinn3r adc241faf8 Last one, I say 2013-12-06 15:52:42 -06:00
sinn3r 17193e06a9 Last commit, I swear 2013-12-06 15:49:44 -06:00
sinn3r 58a70779ac Final update 2013-12-06 15:48:59 -06:00
sinn3r 9f5768ae37 Another update 2013-12-06 14:53:35 -06:00
sinn3r af16f11784 Another update 2013-12-06 14:39:26 -06:00
sinn3r 87e77b358e Use the correct URI 2013-12-06 12:08:19 -06:00
sinn3r 5d4acfa274 Plenty of changes 2013-12-06 11:57:02 -06:00
sinn3r c07686988c random uri 2013-12-05 18:07:24 -06:00
sinn3r 8e9723788d Correct description 2013-12-04 17:25:58 -06:00
sinn3r fb2fcf429f This one actually works 2013-12-04 17:22:42 -06:00
sinn3r d0071d7baa Add CVE-2013-6414 Rails Action View DoS 2013-12-04 14:57:30 -06:00
Tod Beardsley 23448b58e7
Remove timeout checkers that are rescued anyway 2013-11-25 12:37:23 -06:00
Tod Beardsley f311b0cd1e
Add user-controlled verbs.
GET, HEAD, POST, and PROPFIND were tested on WebRick, all successful.
2013-11-25 12:29:05 -06:00
Tod Beardsley 6a28aa298e
Module for CVE-2013-4164
So far, just a DoS. So far, just tested on recent Rails with Webrick and
Thin front ends -- would love to see some testing on ngix/apache with
passenger/mod_rails but I don't have it set up at the moment.
2013-11-22 16:51:02 -06:00
jvazquez-r7 f963f960cb Update title 2013-11-18 15:07:59 -06:00
jvazquez-r7 274247bfcd
Land #2647, @jvennix-r7's module for Gzip Memory Bomb DoS 2013-11-18 15:06:46 -06:00
joev 589660872e Kill FILEPATH datastore option. 2013-11-18 14:13:25 -06:00
joev 8e889c61f7 Update description. 2013-11-17 15:48:27 -06:00
joev f7820139dc Add a content_type datastore option. 2013-11-17 15:38:55 -06:00
joev 43d2711b98 Default to 1 round compression. 2013-11-17 15:35:35 -06:00
joev 1e3860d648 Add gzip bomb dos aux module. 2013-11-17 14:44:33 -06:00
William Vu 2c485c509e Fix caps on module titles (first pass) 2013-11-15 00:03:42 -06:00
Tod Beardsley 9045eb06b0
Various title and description updates 2013-10-28 14:00:19 -05:00
jvazquez-r7 bdf07456ba Last cleanup for nodejs_pipelining 2013-10-22 15:00:58 -05:00
Jonathan Rudenberg db447b65f9 Add exploit for Node.js HTTP Pipelining DoS 2013-10-22 15:12:14 -04:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
FireFart 09fa7b7692 remove rport methods since it is already defined in Msf::Exploit::Remote::HttpClient 2013-09-25 23:50:34 +02:00
FireFart 84ec2cbf11 remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient 2013-09-25 23:42:44 +02:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
Tod Beardsley bc24f99f8d Various description and title updates 2013-07-01 15:37:37 -05:00
sinn3r 6168eb7590 Land #1981 - Canon Wireless Printer Denial of Service 2013-06-18 19:04:48 -05:00
sinn3r 7d15dc379d Make msftidy happy 2013-06-18 19:04:03 -05:00
Matt Andreko 0533ca68dc Added DoS result checking
Lowered the http timeout
2013-06-18 19:48:21 -04:00
Matt Andreko 8c28631d4b Fixed the date format
Removed the rport option
These are items that were code-review for my other related module, so
I figured they should be done here too
2013-06-18 12:17:50 -04:00
Tod Beardsley 4ca9a88324 Tidying up grammar and titles 2013-06-17 16:49:14 -05:00