William Vu
dc7ec450da
Land #3384 , AIX ibstat exploit interface detection
2014-05-22 16:25:06 -05:00
mercd
28459299b2
Update ibstat_path.rb
...
Add interface detection, defaulting to en0.
2014-05-22 14:16:04 -07:00
William Vu
ebd70cbd8f
Land #3382 , references for IBM Sametime modules
2014-05-22 12:12:18 -05:00
William Vu
d31908b72e
Land #3374 , RPC deadlock fix
...
[FixRM #8794 ]
2014-05-22 12:07:23 -05:00
Tod Beardsley
fa353e6bd9
Add CVE, IBM ref for SameTime modules
2014-05-22 11:34:04 -05:00
Spencer McIntyre
e3630278ce
Land #3379 , [FixRM #8803 ] - Improve fb_cnct_group check
2014-05-21 11:39:10 -04:00
jvazquez-r7
b9464e626e
Delete unnecessary line
2014-05-21 10:18:03 -05:00
sinn3r
a22c089aa0
Land #3378 - Add Reference for katello_satellite_priv_esc
2014-05-21 01:30:59 -05:00
jvazquez-r7
af415c941b
[SeeRM #8803 ] Avoid false positives when checking fb_cnct_group
2014-05-20 18:44:28 -05:00
jvazquez-r7
8a9c005f13
Add URL
2014-05-20 17:43:07 -05:00
jvazquez-r7
727054df0b
Land #3375 , @bugch3ck's support for Safari
2014-05-20 16:38:55 -05:00
Jonas Vestberg
7cabfacfa3
Test adobe_flash_pixel_bender_bof on Safari 5.1.7
...
Added browser-requirement for Safari after successful test using Safari 5.1.7 with Adobe Flash Player 13.0.0.182 running on Windows 7 SP1.
2014-05-20 01:43:19 +02:00
Meatballs
52b182d212
Add a small note to bypassuac_injection concerning EXE::Custom
2014-05-19 22:00:35 +01:00
Meatballs
b84379ab3b
Note about EXE::Custom
2014-05-19 22:00:09 +01:00
Meatballs
eeae071468
Land #3363 , Workstation Length Auth Bug
2014-05-19 21:46:57 +01:00
William Vu
a30d6b1f2d
Quick cleanup for sap_icm_urlscan
2014-05-19 09:21:26 -05:00
William Vu
dc0e649a10
Clean up case statement
2014-05-19 09:21:07 -05:00
William Vu
bc64e47698
Land #3370 , cleanup for sap_icm_urlscan
2014-05-19 09:16:18 -05:00
William Vu
8235556cec
Land #3372 , release fixes
2014-05-19 09:10:38 -05:00
Tod Beardsley
0ef2e07012
Minor desc and status updates, cosmetic
2014-05-19 08:59:54 -05:00
Tod Beardsley
1ef16fb722
Land #3367 , new wordlists from unhash
...
Thanks @tkisason!
2014-05-19 08:44:54 -05:00
Meatballs
848227e18a
401 should be a valid url
2014-05-19 10:59:38 +01:00
Meatballs
5d96f54410
Be verbose about 307
2014-05-19 10:52:06 +01:00
Meatballs
88b7dc3def
re-add content length
2014-05-19 10:46:47 +01:00
Meatballs
e59f104195
Use unless
2014-05-19 10:41:01 +01:00
sinn3r
bf52c0b888
Land #3364 - Symantec Workspace Streaming Arbitrary File Upload
2014-05-19 00:25:33 -05:00
jvazquez-r7
2fb0dbb7f8
Delete debug print_status
2014-05-18 23:34:04 -05:00
jvazquez-r7
d35ba208ed
Land #3369 @bugch3ck's support for plugin flash exploitation on adobe_flash_pixel_bender
2014-05-18 23:25:08 -05:00
jvazquez-r7
975cdcb537
Allow exploitation also on FF
2014-05-18 23:24:01 -05:00
Jonas Vestberg
033757812d
Updates to adobe_flash_pixel_bender_bof:
...
1. Added embed-element to work with IE11 (and Firefox). Removed browser-requirements for ActiveX (clsid and method).
2. Added Cache-Control header on SWF-download to avoid AV-detection (no disk caching = no antivirus-analysis :).
Testing performed:
Successfully tested with Adobe Flash Player 13.0.0.182 with IE9, IE10 and IE11 running on Windows 7SP1. (Exploit will trigger on FF29, although sandboxed.)
2014-05-18 22:43:51 +02:00
Tonimir Kisasondi
9b29c572a7
Comments dont work with auth_brute.rb
2014-05-18 21:14:17 +02:00
Tonimir Kisasondi
c9bb2d5165
Added headers to files
2014-05-18 20:55:50 +02:00
Tonimir Kisasondi
97b63d708c
Corrected naming to be in line with msf convention
2014-05-18 18:18:23 +02:00
Tonimir Kisasondi
7d79f8a4c2
Removed wrongly named list.
2014-05-18 18:15:17 +02:00
Tonimir Kisasondi
d7bf66973c
Fixed userpass delimiters.
2014-05-18 18:13:03 +02:00
Tonimir Kisasondi
6ec926b573
Added separate users/pass/userpass dictionaries
2014-05-18 10:18:07 +02:00
William Vu
a97d9ed54f
Land #3148 , check_urlprefixes for sap_icm_urlscan
2014-05-17 16:10:52 -05:00
sappirate
dd1a47f31f
Modified sap_icm_urlscan to check for authentication of custom URLs
...
Fixed ruby coding style
2014-05-17 22:47:49 +02:00
Tonimir Kisasondi
af82ae262c
Added a large default password list for services.
2014-05-16 23:27:18 +02:00
James Lee
d2ebab09aa
Add timeout for SSL renegotiation after migrating
...
[SeeRM #8794 ]
2014-05-16 15:42:46 -05:00
Christian Mehlmauer
488c3e6b93
Land #3358 , @jvazquez-r7 Advantech WebAccess 7.1 SQLI module
2014-05-16 21:26:41 +02:00
jvazquez-r7
2012d41b3d
Add origin of the user, and mark web users
2014-05-16 13:51:42 -05:00
jvazquez-r7
4143474da9
Add support for web databases
2014-05-16 11:47:01 -05:00
jvazquez-r7
883d2f14b5
delete debug print_status
2014-05-16 11:13:03 -05:00
jvazquez-r7
ea38a2c6e5
Handle ISO-8859-1 special chars
2014-05-16 11:11:58 -05:00
Tod Beardsley
10e4204829
Land #3365 , SNMP info leak vulns
2014-05-16 09:05:42 -05:00
jvazquez-r7
c9465a8922
Rescue when the recovered info is in a format we can't understand
2014-05-16 08:57:59 -05:00
Tod Beardsley
3c1363b990
Add new SNMP enumeration modules
2014-05-16 08:32:46 -05:00
jvazquez-r7
7ec85c9d3a
Delete blank lines
2014-05-16 01:03:04 -05:00
jvazquez-r7
9091ce443a
Add suport to decode passwords
2014-05-16 00:59:27 -05:00