d938959e97
Module to find SVN wc.db files.
2012-12-06 16:30:23 -05:00
270fa1b87b
updated descriptions for hp sitescope modules tested over linux
2012-09-05 23:25:08 +02:00
bed3c7bbac
Merge branch 'hp_sitescope_loadfilecontent_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_loadfilecontent_fileaccess
2012-09-05 13:59:49 -05:00
598fdb5c50
Merge branch 'hp_sitescope_getsitescopeconfiguration' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_getsitescopeconfiguration
2012-09-05 13:58:39 -05:00
20655232d7
cleanup, tested and added osvdb reference
2012-09-05 20:03:46 +02:00
c6f5b1f072
cleanup, test, osvdb reference
2012-09-05 19:56:04 +02:00
ea2eb046c3
cleanup, final test, osvdb reference
2012-09-05 19:45:50 +02:00
166f68b194
added module for ZDI-12-177
2012-09-05 12:54:30 +02:00
534ab55e5c
Added module for ZDI-12-173
2012-09-05 12:53:03 +02:00
8a50ca2f47
Added module for ZDI-12-176
2012-09-05 12:51:25 +02:00
638d9d1095
Fix nil res bug, change action name, etc
2012-08-25 02:41:50 -05:00
cad590488d
Update modules/auxiliary/scanner/http/http_traversal.rb
2012-08-24 15:47:07 -03:00
586d937161
Msftidy fix and adding OSVDB
2012-08-15 13:43:50 -05:00
db4f31de76
Fix use of URI option for glassfish_login
...
auxiliary/scanner/http/glassfish_login offers URI option to set the path
where Glassfish is installed, but it doesn't work. Replaced it with
TARGETURI and call target_uri.path to get a base path.
2012-08-10 15:44:53 -05:00
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
f1e7ef06cc
Add webpagetest dir traversal module
...
How did I forget this while writing the exploit?
2012-08-06 03:11:07 -05:00
ecb4e20c92
Instead of deleting the "/", here's a different approach
2012-07-06 01:23:41 -05:00
7876d7fd60
Delete the extra "/"
2012-07-06 01:20:31 -05:00
686f176a99
Correct path
2012-07-06 01:12:47 -05:00
0c18662d46
Make msftidy happy and change the traversal option
2012-07-06 01:10:39 -05:00
3b7e1cd73a
Add Dillion's module for Wangkongbao
2012-07-06 00:54:55 -05:00
68c582873b
Add the MSF license text
2012-06-27 17:11:00 -05:00
d3bc78c53b
applied changes proposed by sinn3r
2012-06-27 23:55:51 +02:00
2c5cc697c9
Added auxiliary module for CVE-2012-2926
2012-06-27 10:21:18 +02:00
348a0b8f6e
Merge branch 'master' into feature/vuln-info
2012-06-24 23:00:13 -05:00
c28d47dc70
Take into account an integer-normalized datastore
2012-06-24 23:00:02 -05:00
e31a09203d
Take into account an integer-normalized datastore
2012-06-24 22:59:14 -05:00
05eaac9085
Fix possible param duplicates
2012-06-24 19:05:42 -05:00
c388cba421
Fix up modules calling report_vuln() to use new syntax
2012-06-17 23:39:20 -05:00
5006db7550
The cert module now defaults SSL to true (didnt make sense)
2012-06-15 10:55:53 -05:00
b55f233f16
The cert module now defaults SSL to true (didnt make sense)
2012-06-15 10:55:07 -05:00
ef84ce68e4
Fixes a module that used Wmap stuff without including it
...
[FIXRM #6983 ]
2012-06-13 15:58:54 -06:00
698e2eab68
Fix nil res when vprints
2012-06-06 09:53:19 -05:00
462a91b005
Massive whitespace destruction
...
Remove tabs at the end of the line
2012-06-06 00:44:38 -05:00
3f0431cf51
Massive whitespace destruction
...
Remove whitespace found at the end of the line
2012-06-06 00:36:17 -05:00
c30af98b53
Massive whitespace destruction
...
Remove all the lines that have nothing but whitespace
2012-06-06 00:22:36 -05:00
0fcc53b0a2
Handle nil for get_once
2012-06-04 15:31:10 -05:00
a071d2805e
Fix the rest of possible nil res bugs I've found
2012-06-04 14:56:27 -05:00
01803c4a33
Fix possible nil res. Bug #6939 . Part 1.
2012-06-04 13:11:47 -05:00
0759c3b75c
Adding swtornio's OSVDB ref
...
Watch the trailing commas, that wangs up Ruby 1.8.7 and prior.
Squashed commit of the following:
commit c00363993a726cd0c87fbaee769c44f680feff72
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon Jun 4 09:33:18 2012 -0500
Removing trailing comma
commit 594cae0cab60ba0493a6c50a001cd6885f05522b
Author: Steve Tornio <swtornio@gmail.com>
Date: Mon Jun 4 09:10:36 2012 -0500
add osvdb ref
2012-06-04 09:34:28 -05:00
3752c10ccf
Adding FireFart's RPORT(80) cleanup
...
This was tested by creating a resource script to load every changed
module and displaying the options, like so:
````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````
...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.
Thanks FireFart!
Squashed commit of the following:
commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com>
Date: Fri May 25 22:09:42 2012 +0200
Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
4d94eeb79d
Merge pull request #430 from wchen-r7/s40_traversal
...
Add s40 dir traversal vuln
2012-05-31 02:46:53 -07:00
a19583624e
Add s40 dir traversal vuln
...
I can't believe I stayed up all night, and this is all I could find.
2012-05-31 04:43:57 -05:00
84269f399b
Correct EDB reference
2012-05-14 15:10:21 -05:00
f4a446a6c1
Add module CVE-2011-4404
2012-05-14 15:08:43 -05:00
91a8ff2766
Use print_good when SQL injection is found
2012-05-08 01:30:13 -05:00
fa9d23d839
When a blind SQL injection, it's a good thing (for the attacker), so we should use print_good
2012-05-08 01:26:39 -05:00
9c3d2355b1
Allow this module to be more verbose for future debugging
2012-05-04 15:47:30 -05:00
8b3b952ccd
Fix bug #6761 - false negative when OWA brings the user to the Options page insetad of inbox
2012-05-04 12:30:43 -05:00
a1f9d2c27a
Bump up the wait_timeout (works with the recent AR patch) and fix a typo in the http_version commit
2012-04-23 02:44:56 -05:00
Stephen Haywood
jvazquez-r7
sinn3r
Ewerson Guimaraes (Crash)
Tod Beardsley
Daniel Miller
HD Moore
James Lee
Steve Tornio
Christian Mehlmauer
sinn3r