Commit Graph

14400 Commits (d938959e97caae70408aeb6f93d433d94772425d)

Author SHA1 Message Date
Stephen Haywood d938959e97 Module to find SVN wc.db files. 2012-12-06 16:30:23 -05:00
sinn3r 36483d1500 Merge branch 'oracle_btm_writetofil' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-oracle_btm_writetofil 2012-09-14 17:51:36 -05:00
Samuel Huckins 7f03e37cc3 Removing unneeded user-agent gem from cache 2012-09-14 12:33:02 -05:00
jvazquez-r7 9a83c7c338 changes according to egypt review 2012-09-14 18:47:50 +02:00
jvazquez-r7 eae571592c Added rgod email 2012-09-14 17:45:16 +02:00
jvazquez-r7 a2649dc8d1 fix typo 2012-09-14 17:10:41 +02:00
jvazquez-r7 e27d5e2eb7 Description improved 2012-09-14 17:08:59 +02:00
jvazquez-r7 9c77c15cf5 Added module for osvdb 85087 2012-09-14 16:54:28 +02:00
Samuel Huckins 578b507dc7 Adding new user-agent gem. 2012-09-13 12:52:33 -05:00
James Lee caf7619b86 Remove extra comma, fixes syntax errors in 1.8
Thanks, Kanedaaa, for reporting
2012-09-13 12:07:34 -05:00
sinn3r c6c59b6df6 Merge branch 'jlee-r7-bug/redmine-7226-rhost-dns' 2012-09-13 11:04:51 -05:00
sinn3r 1f58458073 Merge branch 'udev_netlink' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-udev_netlink 2012-09-13 10:37:52 -05:00
sinn3r b31e8fd080 Merge branch 'qdpm_upload_exec' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-qdpm_upload_exec 2012-09-13 10:37:10 -05:00
sinn3r 71a0db9ae5 Make sure the user has a 'myAccount' page 2012-09-13 10:33:43 -05:00
jvazquez-r7 6771466cb7 Added module for CVE-2011-2750 2012-09-13 17:24:16 +02:00
sinn3r 658502d5ad Add OSVDB-82978
This module exploits a vuln in qdPM - a web-based project
management software. The user profile's photo upload feature can
be abused to upload any arbitrary file onto the victim server
machine, which allows remote code execution. However, note in
order to use this module, the attacker must have a valid cred
to sign.
2012-09-13 10:01:08 -05:00
jvazquez-r7 12f3ef9c7c added osvdb numbers 2012-09-13 14:00:12 +02:00
James Lee ac2ec99fb7 Add bin for mephos' netstat fixes
[Closes #777]
2012-09-12 16:57:17 -05:00
James Lee 823bc0a7f6 Merge branch 'mephos-netstat' into rapid7 2012-09-12 16:56:17 -05:00
Tod Beardsley 39f2cbfc3c Older targets confirmed for CoolType SING 2012-09-12 16:51:51 -05:00
Tod Beardsley fba219532c Updating BID for openfiler 2012-09-12 14:13:21 -05:00
m m 40b383e247 I was pretty sure to have removed those fclose before 2012-09-12 13:11:24 -05:00
m m 76e05dff30 fix netstat program name 2012-09-12 13:11:24 -05:00
m m 2ec92030ae fix netstat program name 2012-09-12 13:11:24 -05:00
Tod Beardsley 033442bf28 Merge remote branch 'jlee-r7/bug/redmine-7233-meterpreter-on-client-exploits' 2012-09-11 15:24:29 -05:00
James Lee 46dfeec402 Adds meterpreter bins all compiled with the same VS
Not sure exactly what was causing the breakage, but using bins compiled
with the same version of Visual Studio seems to have fixed the issue.

[FixRM #7233]
2012-09-11 14:16:21 -05:00
Tod Beardsley 32e2232de3 Disambiguating hkm from hdm
Having an author name of "hkm" really looks like a typo for "hdm," but
it's not.
2012-09-11 11:13:20 -05:00
sinn3r b0ce2c0003 Merge branch 'master' of github.com:rapid7/metasploit-framework into jvazquez-r7-winamp_maki_bof 2012-09-10 16:24:27 -05:00
sinn3r 83f4b38609 Merge branch 'winamp_maki_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-winamp_maki_bof 2012-09-10 16:19:14 -05:00
jvazquez-r7 61bf15114a deregistering FILENAME option 2012-09-10 23:14:14 +02:00
sinn3r 2259de3130 Merge branch 'winamp_maki_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-winamp_maki_bof 2012-09-10 16:10:22 -05:00
jvazquez-r7 199fbaf33d use a static filename 2012-09-10 23:08:21 +02:00
HD Moore 221eb88313 Make filename easy to override 2012-09-10 15:59:01 -05:00
sinn3r 1c14c270bc Merge branch 'winamp_maki_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-winamp_maki_bof 2012-09-10 15:53:16 -05:00
jvazquez-r7 cb975ce0a2 cleanup plus documentation for the maki template 2012-09-10 22:48:04 +02:00
sinn3r c1604d989f Merge branch 'bug/redmine-7226-rhost-dns' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-bug/redmine-7226-rhost-dns 2012-09-10 14:05:00 -05:00
sinn3r f5a0f74d27 Merge branch 'wanem_exec_improve' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-wanem_exec_improve 2012-09-10 13:35:48 -05:00
James Lee bbeb6cc97a Add a privilege escalation exploit for udev < 1.4.1
Also includes a new ```rm_f``` method for Post::File for deleting remote
files in a platform-independent way.
2012-09-10 12:32:14 -05:00
jvazquez-r7 607c0f023a added edb references 2012-09-10 17:30:31 +02:00
jvazquez-r7 b813e4e650 Added module for CVE-2009-1831 2012-09-10 16:46:16 +02:00
Tod Beardsley cf98f52036 Should resuce nil as well 2012-09-10 09:33:45 -05:00
RageLtMan 1facfcf6d9 remove commented old method 2012-09-10 09:33:45 -05:00
RageLtMan ef0f4d0acc Fix Meterpreter edit command file removal
fs.rb was originally attempting to call the "close" method on a
string holding the temporary path to the file being editted.
Replaced with ::File.delete(temp_path).
2012-09-10 09:33:45 -05:00
sinn3r 64b8696e3c Extra condition that's not actually needed
Don't actually need to check nil res, because no code will
actually try to access res when it's nil anyway. And the 'return'
at the of the function will catch it when the response times out.
2012-09-09 04:06:48 -05:00
bcoles cb95a7b520 Add openfiler_networkcard_exec exploit 2012-09-09 17:28:09 +09:30
jvazquez-r7 37c7f366f2 check function test vulnerability + minor improvements 2012-09-09 00:42:02 +02:00
bcoles f02659184a Add WANem v2.3 command execution 2012-09-08 16:01:45 +09:30
jvazquez-r7 caae54a7ca added osvdb reference 2012-09-07 16:56:37 +02:00
Tod Beardsley aaf7fcd5e9 Closing bracket doh 2012-09-07 08:57:27 -05:00
Tod Beardsley 53e4818c2e Humble-desser, not humble-dresser 2012-09-07 08:49:27 -05:00