Commit Graph

14238 Commits (d73a0006dfa7b9e57d3cf83aca05ef3eb2716611)

Author SHA1 Message Date
jvazquez-r7 7a0b5a6169 Added module for CVE-2012-1876 2012-07-31 23:14:29 +02:00
Meatballs1 75a9283fbf Removed auto migrate as exploit loads in a seperate process to browser anyway 2012-07-31 20:44:14 +01:00
Meatballs1 6f697ce519 Working with WebDAV 2012-07-31 20:26:47 +01:00
sinn3r 9815faec37 Add OSVDB-83822 2012-07-31 13:31:06 -05:00
sinn3r 20489864fc Merge branch 'zenoss_3.2.1_showdaemonxmlconfig_exec' of https://github.com/bcoles/metasploit-framework into bcoles-zenoss_3.2.1_showdaemonxmlconfig_exec 2012-07-31 08:42:34 -05:00
sinn3r e7db0ebcef Blah, removed the wrong ref. 2012-07-30 12:47:32 -05:00
sinn3r edfe43e7e0 When I say to remove BID ref, I mean it... 2012-07-30 12:46:27 -05:00
sinn3r e84214d1e1 Remove some references to avoid confusion.
rgod's poc and Mikado aren't actually the same thing, despite the
fact they both use the same method. To avoid confusion, refs to
Secunia and CVE are removed, but OSVDB/EDB are kept unless OSVDB
decides rgod's and Mikado's are separate issues.
2012-07-30 12:42:27 -05:00
Meatballs1 f298dbbd04 Fixed to work with browser_autopwn 2012-07-30 16:43:21 +01:00
Meatballs1 066020e572 Msftidy 2012-07-30 15:51:56 +01:00
Meatballs1 404909cb95 Check as IE crashes if length > 693 2012-07-30 15:41:58 +01:00
Meatballs1 690c381abd Initial commit 2012-07-30 14:49:34 +01:00
bcoles bdf8f1a543 Clean up Zenoss exploit + minor improvements
Changed send_request_raw() to send_request_cgi()
 - Removed redundant request headers 'Content-Length'

Added rescue error message for connection failures

Changed username to the default 'admin' account
2012-07-30 18:04:14 +09:30
jvazquez-r7 2fa88366be Added module for MS10-104 2012-07-30 09:01:38 +02:00
bcoles 8d3700cc3c Add Zenoss <= 3.2.1 exploit and Python payload
- modules/exploits/linux/http/zenoss_3.2.1_showdaemonxmlconfig_exec.rb
 - modules/payloads/singles/cmd/unix/reverse_python.rb
2012-07-30 01:24:27 +09:30
Matt Andreko 2f7b5f35af Added Sysax 5.64 Create Folder exploit 2012-07-29 10:40:02 -04:00
h0ng10 36be7cd9c4 removed unnecessary cleanup 2012-07-27 16:32:08 -04:00
sinn3r d67234bd03 Better regex and email format correction 2012-07-27 01:14:32 -05:00
sinn3r 2939e3918e Rename file 2012-07-27 01:06:57 -05:00
bcoles cec15aa204 Added CuteFlow v2.11.2 Arbitrary File Upload
- modules/exploits/multi/http/cuteflow_2.11.2_upload_exec.rb
2012-07-27 12:30:20 +09:30
sinn3r 80e0688c68 Merge branch 'symantec_pbcontrol' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-symantec_pbcontrol 2012-07-26 15:16:23 -05:00
sinn3r e483af64e4 Random text 2012-07-26 15:14:02 -05:00
sinn3r 6c3b05f1c4 Add CVE-2012-2953 Symantec Web Gateway proxy_file() cmd exec bug 2012-07-26 13:11:05 -05:00
jvazquez-r7 0bbcac96ea cleanup: delete revision metadata plus fix disc date 2012-07-26 15:04:15 +02:00
jvazquez-r7 e885b84347 Added module for CVE-2012-0284 2012-07-26 13:08:24 +02:00
sinn3r 3cb60fb42a Fix 1.8-specific regexp syntax bug
The bug was:
line 343: warning: regexp has invalid interval
line 343: warning: regexp has '}' without escape
2012-07-26 02:19:13 -05:00
jvazquez-r7 d2e1f4b448 Added module for OSVDB 83745 2012-07-25 19:24:09 +02:00
sinn3r 87aae548e6 Final cleanup 2012-07-24 13:11:04 -05:00
sinn3r fc0683310e Merge branch 'master' of https://github.com/morisson/metasploit-framework into morisson-master 2012-07-24 13:05:04 -05:00
Bruno Morisson dbc779e02d implemented fixes requested by sinn3r
Implemented the fixes, and re-tested the modules
2012-07-24 11:02:49 +01:00
sinn3r 716028c907 Catch exceptions that are expected when a host isn't pingable. 2012-07-23 18:34:03 -05:00
sinn3r bc176b4148 Merge branch 'pingsweep_fix' of https://github.com/darkoperator/metasploit-framework into darkoperator-pingsweep_fix 2012-07-23 17:37:01 -05:00
Carlos Perez cdee09b5cd Fixes in threading and for Java Meterpreter on OSX 2012-07-23 18:34:05 -04:00
HD Moore c25ebabce0 Fix up incompatibility with MaxDataSize (thanks @mubix) 2012-07-23 13:40:41 -05:00
Bruno Morisson 397d708340 Added bulk file retrieval to sap_mgmt_con_getlogfiles, and new module to get SAP process list from remote host
* Added option to retrieve all available files from remote SAP host to
sap_mgmt_con_getlogfiles, based on the listing request provided in
sap_mgmt_con_listlogfiles module, if the variable GETALL is set to true.
Kept previous functionality of retrieving just one chosen file.

* Added new module sap_mgmt_con_getprocesslist to remotely list SAP
processes using SAP SOAP interface. Based on the other sap_mgmt_con_*
modules by Chris John Riley.
2012-07-23 16:26:33 +01:00
sinn3r 4efe84c609 Merge branch 'Fix_Threading' of https://github.com/darkoperator/metasploit-framework into darkoperator-Fix_Threading 2012-07-23 02:58:30 -05:00
webstersprodigy 3c7ad96b45 Changing a string concat from + to << 2012-07-22 20:28:17 -04:00
webstersprodigy d56ccc69b9 Forgot to git add client.rb 2012-07-22 20:13:57 -04:00
webstersprodigy 6bb31280fb Took/tested all egypt's comments, other than the Actions one 2012-07-22 20:02:12 -04:00
sinn3r d3f9e8ce72 Merge branch 'nevdull77-sip-capture' 2012-07-22 03:36:21 -05:00
sinn3r 33ee6ee699 Merge branch 'sip-capture' of https://github.com/nevdull77/metasploit-framework into nevdull77-sip-capture 2012-07-22 03:36:13 -05:00
sinn3r b527356e00 This check can be handy 2012-07-22 03:34:16 -05:00
sinn3r 5fd58eda71 Merge branch 'sws_connection_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-sws_connection_bof 2012-07-22 03:29:33 -05:00
Carlos Perez 4042275421 Fixed threading and added verbose print for each attempt 2012-07-22 00:26:37 -04:00
Carlos Perez 2f85f57922 Fixed threading and added new SRV records to enumerate. 2012-07-22 00:12:32 -04:00
Carlos Perez 7fc9d57f89 Fixed the threading for the reverse DNS lookup and improvements when ran against a Java Meterpreter session. 2012-07-21 23:54:29 -04:00
Carlos Perez 2941755576 Fixed the threading for ARP Scanner and skipped making a note is OUI is not known 2012-07-21 23:38:41 -04:00
jvazquez-r7 2f66aa7c4f Added module for OSVDB 83891 2012-07-21 12:14:29 +02:00
jvazquez-r7 beb1fbb55d Added module for Simple Web Server Connection header bof 2012-07-21 12:07:36 +02:00
Rob Fuller 70017511f5 Implement proto/smb/client find_next for find_files
Squashed commit of the following:

commit b5370b24d48a0b79d13cff465ef1fe53738754d0
Author: Rob Fuller <jd.mubix@gmail.com>
Date:   Sat Jul 21 01:52:31 2012 -0400

    add some documentation for smb client

commit 92438f515ef272337ce02b6deebb35f62a50f0a3
Author: Rob Fuller <jd.mubix@gmail.com>
Date:   Fri Jul 20 03:09:27 2012 -0400

    adds find_next to find_files

[Closes #627]
2012-07-21 00:03:19 -06:00