infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
24,374 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

385 Commits (e269c1e4f1af56cbbddbcb2cddd796256400359a)

Author SHA1 Message Date
Tod Beardsley 23d058067a
Redo the boilerplate / splat 
[SeeRM #8496]
 2013-10-15 13:51:57 -05:00
darknight007 7b82c64983 ms12-020 stack print resolve 2013-10-12 16:49:03 +05:00
darknight007 e1b9f1a3c4 modified ms12-020 module to resolve stack print 2013-10-12 16:36:37 +05:00
darknight007 291b90405d Merge branch 'master' of https://github.com/darknight007/metasploit-framework 
Conflicts:
	modules/auxiliary/dos/windows/rdp/ms12_020_maxchannelids.rb
 2013-10-12 16:23:09 +05:00
darknight007 602fd276bc using theirs 2013-10-12 16:20:26 +05:00
darknight007 4e50c574c5 Update ms12_020_maxchannelids.rb 
ms12_020_maxchannelids.rb produces a call stack when the connection is timed out. 

To reproduct, just run the module against a system having no RDP enabled.
 2013-10-12 15:39:13 +05:00
Meatballs c460f943f7
Merge branch 'master' into data_dir 
Conflicts:
	modules/exploits/windows/local/always_install_elevated.rb
	plugins/sounds.rb
	scripts/meterpreter/powerdump.rb
	scripts/shell/spawn_meterpreter.rb
 2013-10-02 20:17:11 +01:00
darknight007 f1ab7b51b1 Update ms12_020_maxchannelids.rb 
ms12_020_maxchannelids.rb produces a call stack when the connection is timed out. 

To reproduct, just run the module against a system having no RDP enabled.
 2013-09-30 13:43:26 +05:00
Meatballs 7ba846ca24 Find and replace 2013-09-26 20:34:48 +01:00
FireFart 09fa7b7692 remove rport methods since it is already defined in Msf::Exploit::Remote::HttpClient 2013-09-25 23:50:34 +02:00
FireFart 84ec2cbf11 remove peer methods since it is already defined in Msf::Exploit::Remote::HttpClient 2013-09-25 23:42:44 +02:00
Tod Beardsley b4b7cecaf4 Various minor desc fixes, also killed some tabs. 2013-09-16 15:50:00 -05:00
jvazquez-r7 a40e0ba704 Clean up read_nttrans_ea_list 2013-09-07 16:11:00 -05:00
Tab Assassin 597f337d1b Retab changes for PR #2298 2013-09-05 13:52:10 -05:00
Tab Assassin acfef429c2 Merge for retab 2013-09-05 13:52:05 -05:00
Boris a23c1f1ad4 added additional "include" 2013-09-03 19:34:37 +04:00
Boris 9a33c674aa RHOST, RPORT removed, Tries option added 2013-09-01 22:58:22 +04:00
Boris 28ca62d60f New option added. Names now random. Dos check added 2013-08-31 13:18:22 +04:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
Boris b3ec8f741f File moved to auxiliary with some bug fixes 2013-08-29 00:11:34 +04:00
Tod Beardsley bc24f99f8d Various description and title updates 2013-07-01 15:37:37 -05:00
sinn3r 6168eb7590 Land #1981 - Canon Wireless Printer Denial of Service 2013-06-18 19:04:48 -05:00
sinn3r 7d15dc379d Make msftidy happy 2013-06-18 19:04:03 -05:00
Matt Andreko 0533ca68dc Added DoS result checking 
Lowered the http timeout
 2013-06-18 19:48:21 -04:00
Matt Andreko 8c28631d4b Fixed the date format 
Removed the rport option
These are items that were code-review for my other related module, so
I figured they should be done here too
 2013-06-18 12:17:50 -04:00
jvazquez-r7 6c2d99c2bc Land #1972, @wchen-r7's patch for [FixRM:#4704] 2013-06-17 23:17:22 -05:00
Tod Beardsley 4ca9a88324 Tidying up grammar and titles 2013-06-17 16:49:14 -05:00
Matt Andreko d877e4d489 Added CVE and disclosure date 2013-06-17 17:41:50 -04:00
sinn3r 8bdd89f68b [FixRM:#4704] - Fix EOFError in filezilla_server_port 
If login fails, the module shouldn't continue sending commands to
the server, otherwise this causes an EOF.
 2013-06-17 14:24:01 -05:00
Matt Andreko 3923bbeee9 Update 2013-06-15 18:28:58 -04:00
Matt Andreko 0494ac9218 Added Canon Wireless Printer DoS module 2013-06-15 18:23:04 -04:00
jvazquez-r7 fd74390952 Clean monkey_headers 2013-06-13 18:07:35 -05:00
sinn3r 73aff97053 Land #1950 - Monkey HTTPD Header Parsing Denial-of-Service 
This is the reviewed/updated version of pull request #1950. We're
landing this one instead because the other one has a lot of
unnecessary commit messages.
 2013-06-13 15:56:34 -05:00
Tod Beardsley f58e279066 Cleanup on module names, descriptions. 2013-06-10 10:52:22 -05:00
jvazquez-r7 3fbbe3e7b3 Make msftidy happy 2013-06-10 08:16:15 -05:00
jvazquez-r7 3c05cf4382 Land #1842, @viris DoS module for cve-2013-0229 2013-06-10 08:15:45 -05:00
Dejan Lukan 154894bda6 Added comments and merged jvazquez-r7-miniupnp_dos_clean branch. 2013-06-10 10:18:26 +02:00
jvazquez-r7 ec52795182 Clean for miniupnp_dos.rb 2013-06-06 11:19:26 -05:00
Dejan Lukan 2fe704ce38 Deleted undeeded comments and spaces. 2013-06-04 09:00:53 +02:00
William Vu 055e0a222c Land #1902, OSVDB reference for memcached 2013-06-03 14:57:43 -05:00
Tod Beardsley 4cf682691c New module title and description fixes 2013-06-03 14:40:38 -05:00
sinn3r b087951118 Add OSVDB reference 92867 for Memcached DoS module 2013-06-03 12:41:33 -05:00
sinn3r 116e2bb418 Landing #1782 - Added Memcached Remote Denial of Service module 2013-06-03 12:30:37 -05:00
sinn3r 3d9dcbf5bd Add a check to see if the host is down 2013-06-03 12:26:57 -05:00
Dejan Lukan 217b263af7 Moved the module to different location and make it msftidy.rb compliant. 2013-06-03 10:35:10 +02:00
Tod Beardsley e3384439ed 64-bit, not '64 bits' 2013-05-13 15:40:17 -05:00
jvazquez-r7 d37d211ecc Fix short escape sequences error 2013-05-09 17:29:55 -05:00
jvazquez-r7 b18a98259b Modify default rport 2013-05-09 16:24:54 -05:00
jvazquez-r7 3e1d1a3f98 Land #1659, @nmonkee's sap_soap_rfc_eps_delete_file module 2013-05-09 16:22:54 -05:00
jvazquez-r7 7b960a4f18 Add OSVDB reference 2013-05-06 00:54:00 -05:00
jvazquez-r7 a17062405d Clean up for sap_soap_rfc_eps_delete_file 2013-05-06 00:53:07 -05:00
jvazquez-r7 5adc2879bf Change module filename 2013-05-06 00:51:23 -05:00
jvazquez-r7 66a5eb74c5 Move file to auxiliary/dos/sap 2013-05-06 00:50:50 -05:00
Gregory Man 76e70adcff Added Memcached Remote Denial of Service module 
https://code.google.com/p/memcached/issues/detail?id=192
 2013-04-30 17:45:09 +03:00
sinn3r a09b3b8023 Lands #1169 - Adds a check 
[Closes #1169]

Conflicts:
	modules/auxiliary/dos/http/apache_range_dos.rb
 2013-04-22 15:50:15 -05:00
sinn3r 882b084cba Changes the default action 2013-04-22 15:47:38 -05:00
sinn3r 7e28a4ddb0 Uses "ACTIONS" keys instead of datastore options 
It's better to use ACTIONS instead of datastore in this case. Also,
did some cleanup.
 2013-04-22 15:41:47 -05:00
jvazquez-r7 225342ce8f final cleanup for sysax_sshd_kexchange 2013-04-08 20:28:37 +02:00
jvazquez-r7 5bc454035c Merge remote-tracking branch 'origin/pr/1710' into landing-pr1710 2013-04-08 20:20:11 +02:00
Matt Andreko f96baa7e7e Code Review Feedback 
made the CLIENTVERSION always include the "SSH-2.0-OpenSSH_5.1p1 " to trigger DoS
 2013-04-08 10:58:35 -04:00
Matt Andreko 4c8e19ad1a Added reference 
Removed final debug print statement
 2013-04-08 08:28:53 -04:00
James Lee 9086c53751 Not an HttpClient, so doesn't have normalize_uri 
[FixRM #7851]
 2013-03-28 13:16:21 -05:00
Matt Andreko fd5bd52e6d Added some error handling if the connection dies. 2013-03-18 17:26:40 -04:00
Matt Andreko 66dcbca562 Sysax Multi-Server SSHD DoS 
This exploit affects Sysax Multi-Server version 6.10. It causes a
Denial of Service by sending a specially crafted Key Exchange, which
causes the service to crash.
 2013-03-18 17:16:12 -04:00
jvazquez-r7 02f90b5bbd cleanup for dopewars 2013-03-14 15:53:19 +01:00
jvazquez-r7 4d9f2bbb06 Merge branch 'master' of https://github.com/dougsko/metasploit-framework into dougsko-master 2013-03-14 15:51:47 +01:00
James Lee 2f11796dfa Fix typo 
[SeeRM #7800]
 2013-03-13 16:10:20 -05:00
Doug P 22133ba8ff removed version number 2013-03-12 16:36:14 -04:00
Doug P 70da739666 fixed errors in dopewars.rb shown by msftidy 2013-03-12 15:47:31 -04:00
Doug P c8c50a6407 cleaned up dopewars module 2013-03-12 12:56:12 -04:00
doug a199c397e4 ... 2013-03-11 17:09:17 -04:00
doug 4d6e19b40b small edits to dopewars.rb 2013-03-11 17:07:05 -04:00
doug 0e607f8252 added dopewars module 2013-03-11 16:52:49 -04:00
James Lee 2160718250 Fix file header comment 
[See #1555]
 2013-03-07 17:53:19 -06:00
jvazquez-r7 781132b1cf cleanup for openssl_aesni 2013-03-05 22:41:16 +01:00
Wolfgang Ettlinger 867875b445 Beautified OpenSSL-AESNI module 
Modifed the CVE-2012-2686 module to follow
suggestions by @jvazquez-r7:
* Added description for all fields in the
  SSL packets
* MAX_TRIES now required
* use get_once instead of timeout
 2013-03-04 19:09:50 +01:00
Wolfgang Ettlinger e7015985e7 Added CVE-2012-2686 
Added Module for a DoS issue in OpenSSL (pre 1.0.1d). Can be exploited
with services that use TLS >= 1.1 and AES-NI. Because of improper
length computation, an integer underflow occurs leading to a
segmentation fault. This module brute-forces serveral encrypted
messages - when the decrypted message coincidentally specifies a
certain value for the size, the integer underflow occurs. Though this
could be accomplished more effectively (e.g. implementing or
maninpulating and TLS implementation), this module still does what it
should do.
 2013-02-27 22:57:53 +01:00
sinn3r 92093cd7d8 There's no HttpClient, so it shouldn't be using normalize_uri 2013-02-19 15:04:18 -06:00
sinn3r c174e6a208 Correctly use normalize_uri() 
normalize_uri() should be used when you're joining URIs.  Because if
you're merging URIs after it's normalized, you could get double
slashes again.
 2013-01-30 23:23:41 -06:00
Tod Beardsley 33751c7ce4 Merges and resolves CJR's normalize_uri fixes 
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules

Note that this trips all kinds of msftidy warnings, but that's for another
day.

Conflicts:
	modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
	modules/exploits/windows/http/xampp_webdav_upload_php.rb
 2013-01-07 11:16:58 -06:00
Christian Mehlmauer e4a6669927 msftidy: remove $Revision$ 2013-01-03 01:05:45 +01:00
Christian Mehlmauer 4d8a2a0885 msftidy: remove $Revision$ 2013-01-03 01:01:18 +01:00
Christian Mehlmauer 95948b9d7c msftidy: remove $Revision$ 2013-01-03 00:58:09 +01:00
Christian Mehlmauer ca890369b1 msftidy: remove $Id$ 2013-01-03 00:54:48 +01:00
T0X1C-1 1714fa21b1 adjusted DOS part to use HttpClient 2012-12-17 15:46:39 +01:00
T0X1C-1 a48c14124b added CHECK functionality to the existing module 2012-12-13 16:54:50 +01:00
sinn3r 64a8b59ff9 Change CVE forma 
Although the original text should work perfectly, for better
consistency, it's best to remove the "CVE" part. This may not
be a big deal in framework, but stands out a lot in Pro.
 2012-12-09 01:09:21 -06:00
HD Moore 93a69ea62e Fix instances of invalid lower-case datastore use 2012-11-29 00:05:36 -06:00
Tod Beardsley 6b4c131cf5 Avoiding a future conflict with release 2012-11-20 13:24:19 -06:00
jvazquez-r7 e8fe6031e9 Let default timeout for send_request_cgi 2012-11-16 18:09:47 +01:00
jvazquez-r7 51f238ec38 up to date 2012-11-16 16:03:09 +01:00
Chris John Riley f88ec5cbc8 Add normalize_uri to modules that may have 
been missed by PULL 1045.

Please ensure PULL 1045 is in place prior to
looking at this (as it implements normalize_uri)

ref --> https://github.com/rapid7/metasploit-framework/pull/1045
 2012-11-08 17:42:48 +01:00
sinn3r 2c4273e478 Correct some modules with res nil 2012-10-29 04:41:30 -05:00
Michael Schierl 910644400d References EDB cleanup 
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
 2012-10-23 21:02:09 +02:00
Michael Schierl 39e81d3e53 Arch/Platform cleanup: aux modules need neither 2012-10-22 20:28:02 +02:00
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
sinn3r 9d97dc8327 Add Metasploit blogs as references, because they're useful. 2012-09-03 15:57:27 -05:00
sinn3r b46fb260a6 Comply with msftidy 
*Knock, knock!*  Who's there? Me, the msftidy nazi!
 2012-08-07 15:59:01 -05:00
sinn3r e5dd6fc672 Update milw0rm references. 
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links.  Change to exploit-db instead.
 2012-06-28 14:27:12 -05:00
HD Moore e31a09203d Take into account an integer-normalized datastore 2012-06-24 22:59:14 -05:00