dd876008f9
Update instantcms_exec.rb
2013-07-02 17:26:14 +01:00
dafa333e57
Update instantcms_exec.rb
2013-07-01 22:03:37 +01:00
760133d878
Error on line 60
2013-07-01 12:04:03 -04:00
4cd08966ff
added InstantCMS 1.6 PHP Code Injection
2013-07-01 11:44:47 -04:00
3c1af8217b
Land #2011 , @matthiaskaiser's exploit for cve-2013-2460
2013-06-26 14:35:22 -05:00
e4fb5b327f
Land #2028 , update references for multiple modules
2013-06-26 10:18:27 -05:00
6ea622c45e
reference updates
2013-06-26 09:44:56 -05:00
3e929fb812
Use fixed `write_file` instead of re-implementing
2013-06-25 17:25:14 -05:00
5b71013dde
reference updates
2013-06-25 13:41:22 -05:00
4fa789791d
Explain Ranking
2013-06-25 13:10:15 -05:00
127300c62d
Fix also ruby module
2013-06-25 12:59:42 -05:00
b32513b1b8
Fix CVE-2013-2171 with @jlee-r7 feedback
2013-06-25 10:40:55 -05:00
c9a7372f9f
Land #2014 , @wchen-r7's exploit for CVE-2013-2171
2013-06-25 09:33:56 -05:00
d6374ddfff
Land #2020 , CVE and OSVDB update
2013-06-25 08:17:54 -05:00
4df943d1a2
CVE and OSVDB update
2013-06-25 02:06:20 -05:00
795dd6a02a
Add module for OSVDB 93718
2013-06-24 23:51:28 -05:00
72847ee4c9
Land #2007 - Add local privilege escalation for ZPanel zsudo
2013-06-24 19:25:27 -05:00
d974e395e4
Add a check by checking uname
2013-06-24 15:54:41 -05:00
6b8e0605c0
Use FileDropper
2013-06-24 15:48:54 -05:00
24b7d19ecc
Fix target regex and wfsdelay
2013-06-24 14:56:43 -05:00
b86b4d955a
Make random strings also length random
2013-06-24 12:01:30 -05:00
6780566a54
Add CVE-2013-2171: FreeBSD 9 Address Space Manipulation Module
2013-06-24 11:50:21 -05:00
f7650a4b18
Fix wrong local variable
2013-06-24 11:35:26 -05:00
b3d90c68a4
Land #2008 - More OSVDB refs
2013-06-24 01:53:29 -05:00
8a96b7f9f2
added Java7u21 RCE module
...
Click2Play bypass doesn't seem to work anymore.
2013-06-24 02:04:38 -04:00
a920127f8c
reference updates for several modules
2013-06-23 20:43:34 -05:00
5b0092ff39
Land #2006 - Ref updates
2013-06-23 18:26:48 -05:00
6672679530
Add local privilege escalation for ZPanel zsudo abuse
2013-06-23 11:00:39 -05:00
e9883fe5b9
Land #2005 , @wchen-r7's exploit for ZPanel htpasswd
2013-06-22 13:24:23 -05:00
427f063c48
fix formatting
2013-06-22 07:32:29 -05:00
1e25dedb66
fix formatting
2013-06-22 07:31:47 -05:00
14850cd387
reference updates for multiple modules
2013-06-22 07:28:04 -05:00
de659326ce
Land #2003 - Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation
2013-06-21 21:52:32 -05:00
5de7fff685
Credit
2013-06-21 21:38:40 -05:00
339f2a5c83
Hmmm, one extra ','
2013-06-21 21:29:17 -05:00
8d422c9a39
Forgot to randomize the fake pass and remove the payload during testing
2013-06-21 21:27:11 -05:00
e7d75d6d16
Add OSVDB-94038: ZPanel htpasswd Module Username Command Execution
2013-06-21 21:03:10 -05:00
afa0e6c42a
Use CmdStagerVBS instead of CmdStagerTFTP
...
By using `php.exe` as stager, the bad characters can be completely
bypassed. This allows the use of the CmdStagerVBS, which should be
working on all supported Windows systems.
2013-06-22 01:13:03 +02:00
f106b6db50
Add comment with the component version
2013-06-21 17:38:30 -05:00
5fe9a80bf0
Add module for OSVDB 46578
2013-06-21 17:31:40 -05:00
4cc1f2440d
Land #1996 , references for several modules
2013-06-20 11:32:55 -05:00
322ba27f0f
re-order refs
2013-06-20 11:17:23 -05:00
22026352e6
Land #1995 , OSVDB reference for Gitorious
2013-06-20 10:51:51 -05:00
e4cbd4b174
Land #1994 , OSVDB reference for JBoss
2013-06-20 10:51:28 -05:00
66f4424202
fix formatting
2013-06-20 10:41:14 -05:00
a3a5dec369
add osvdb ref 94441
2013-06-20 08:03:34 -05:00
abea7e6a47
add osvdb ref 76389
2013-06-20 07:55:50 -05:00
cab20062a4
add osvdb ref 84706
2013-06-20 07:38:34 -05:00
a824a0583e
add osvdb ref 89059
2013-06-20 07:34:15 -05:00
89f649ab99
add osvdb ref 89026
2013-06-20 07:28:29 -05:00
Ricardo Almeida
jvazquez-r7
William Vu
Steve Tornio
James Lee
sinn3r
HD Moore
Matthias Kaiser
Markus Wulftange