062175128b
Update @Meatballs and @FireFart in authors.rb
2014-04-09 10:46:10 -05:00
4012dd0acc
Fix everything that needs to be fixed
2014-04-08 14:57:42 -05:00
ca7dcc0781
cleanup with msftidy
2014-04-06 12:41:58 +02:00
c90c49e319
Add vtiger install rce 0 day
2014-04-04 10:16:55 +02:00
d27264b402
Land #2782 , fix expand_path abuse
2014-03-19 08:41:28 -05:00
c916b62f47
Removes hash rockets from references.
...
[SeeRM #8776 ]
2014-03-17 09:40:32 -05:00
170608e97b
Fix first chunk of msftidy "bad char" errors
...
There needs to be a better way to go about preventing/fixing these.
2014-03-11 11:18:54 -05:00
3ea3968d88
Merge branch 'upstream/master' into stop_abusing_expand_path
...
Conflicts:
lib/msf/core/post/windows/shadowcopy.rb
modules/exploits/windows/local/bypassuac.rb
modules/post/windows/gather/wmic_command.rb
modules/post/windows/manage/persistence.rb
2014-03-11 23:13:39 +10:00
c981bbeab9
Land #3011 , @wchen-r7's fix for Dexter exploit
2014-02-24 10:53:10 -06:00
998fa06912
Land #2998 , @bit4bit's fix for the vtigercrm exploit
2014-02-20 08:36:05 -06:00
0b27cd13e8
Make module work
2014-02-20 08:35:37 -06:00
ed2ac95396
Always replace \ with / for Dexter exploit
...
Fix for the following:
48199fec27 (commitcomment-5419010)
2014-02-19 09:24:07 -06:00
4ca4d82d89
Land #2939 , @Meatballs1 exploit for Wikimedia RCE and a lot more...
2014-02-18 17:48:02 -06:00
a863d0a526
Pre-release fixes, including msftidy errors.
2014-02-18 14:02:37 -06:00
52ac85be11
Land #2931 - Oracle Forms and Reports RCE
2014-02-17 08:54:23 -06:00
110ffbf342
Indent looks off for this line
2014-02-17 08:53:29 -06:00
632ea05688
100 columns
2014-02-17 08:52:56 -06:00
8da7ba131b
In case people actually don't know what RCE means
2014-02-17 08:51:48 -06:00
73459baefd
Add OSVDB references
2014-02-17 08:50:34 -06:00
fb7b938f8e
check func fixed
2014-02-17 15:11:56 +01:00
e27d98368e
fixed local server issues
2014-02-16 18:26:08 +01:00
e40b9e5f37
updated and improved
2014-02-16 16:24:39 +01:00
74344d6c7e
vtigerolservice.php to vtigerservice.php
...
using direct soap/vtigerolservice.php not work..php need require('config.php');
2014-02-15 20:36:36 -05:00
b7d69c168c
bugfix and user supplied local path support
2014-02-15 16:24:59 +01:00
48199fec27
Change URL identifier, and make the user choose a target
2014-02-14 17:15:00 -06:00
ff267a64b1
Have into account the Content-Transfer-Encoding header
2014-02-12 12:40:11 -06:00
783e62ea85
Applied changes from @wchen-r7's comments
2014-02-11 10:14:52 -08:00
51df2d8b51
Use the fixed API on the mediawiki exploit
2014-02-11 08:28:58 -06:00
79d559a0c9
Fix MIME message to_s
2014-02-10 22:23:23 -06:00
13fadffe7e
Dexter panel (CasinoLoader) SQLi to PHP code exec - Initial
2014-02-10 13:44:30 -08:00
8ece4a7750
Delete debug print
2014-02-10 08:57:45 -06:00
57320a59f1
Do small clean up for mediawiki_thumb pr
2014-02-10 08:57:09 -06:00
dcff06eba1
More verbose failure messages
2014-02-07 23:59:28 +00:00
783a986a19
Windows and auto target up and running
2014-02-07 23:26:57 +00:00
a0f47f6b2b
Correct error check logic
2014-02-07 22:06:53 +00:00
443a51bbf5
Undo revert from merge
2014-02-07 21:28:04 +00:00
56359aa99f
Merge changes from other dev machine
2014-02-07 21:22:44 +00:00
a4cc75bf98
Potential .pdf support
2014-02-07 20:37:44 +00:00
e13520d7fb
Handle a blank filename
2014-02-07 20:15:32 +00:00
103780c3da
Merge remote-tracking branch 'upstream/master' into mediawiki
2014-02-07 20:07:04 +00:00
0a3cb3377f
AppendEncoder
2014-02-04 15:41:10 +00:00
26c506da42
Naming of follow method
2014-02-04 15:25:51 +00:00
f5fa3fb5ce
Windows compat, fixed PHP-CLI
2014-02-04 14:27:10 +00:00
64d11e58c2
Use semicolon for win compat
2014-02-04 13:53:33 +00:00
2fd8257c7e
Use bperry's trigger
2014-02-04 00:51:34 +00:00
a8ff6eb429
Refactor send_request_cgi_follow_redirect
2014-02-03 21:49:49 +00:00
83925da2f1
Refactor form_data code
2014-02-03 21:16:58 +00:00
d34020115a
Fix up on apache descs and print_* methods
2014-02-03 13:13:57 -06:00
67c18d8d2d
I had a problem, then I used regex.
2014-02-02 22:19:54 +00:00
57f4998568
Better failures and handle unconfigured server
2014-02-02 16:26:22 +00:00
9fa9402eb2
Better check and better follow redirect
2014-02-02 16:07:46 +00:00
0d3a40613e
Add auto 30x redirect to send_request_cgi
2014-02-02 15:03:44 +00:00
8b33ef1874
Not html its form-data...
2014-02-02 13:57:29 +00:00
7ddc6bcfa5
Final tidyup
2014-02-01 01:05:02 +00:00
486a9d5e19
Use msf branded djvu
2014-02-01 00:37:28 +00:00
fd1a507fda
Rename file
2014-02-01 00:27:32 +00:00
700c6545f0
Polished
2014-02-01 00:26:55 +00:00
5a883a4477
updated
2014-01-31 21:59:26 +01:00
7fa1522299
Initial commit
2014-01-31 18:51:18 +00:00
b67ac39a33
Land #2921 - Apache Struts Developer Mode OGNL Execution
2014-01-31 12:06:58 -06:00
60ead5de43
Explain why we flag the vuln as "Appears" instead of vulnerable
2014-01-31 12:05:58 -06:00
2fca2da9f7
Add an vprint message on check
2014-01-31 11:57:20 -06:00
356692f2f5
Land #2923 , @rangercha tomcat deploy module compatible with tomcat8
2014-01-31 10:53:53 -06:00
f6291eb9a8
updated
2014-01-31 14:33:18 +01:00
93db1c59af
Do small fixes
2014-01-30 17:16:43 -06:00
9daacf8fb1
Clean exploit method
2014-01-30 16:58:17 -06:00
4458dc80a5
Clean the find_csrf mehtod
2014-01-30 16:39:19 -06:00
697a86aad7
Organize a little bit the code
2014-01-30 16:29:45 -06:00
50317d44d3
Do more easy clean
2014-01-30 16:23:17 -06:00
1a9e6dfb2a
Allow check to detect platform and arch
2014-01-30 15:17:20 -06:00
b2273dce2e
Delete Automatic target
...
It isn't usefull at all, when auto targeting is done, the payload (java platform and arch)
has been already selected.
2014-01-30 15:04:08 -06:00
cebbe71dba
Do easy cleanup of exploit
2014-01-30 14:42:02 -06:00
c336133a8e
Do a first clean related to auto_target
2014-01-30 14:27:20 -06:00
57b8b49744
Clean query_manager
2014-01-30 14:20:02 -06:00
148e51a28b
Clean metadata and use TARGETURI
2014-01-30 14:03:52 -06:00
56287e308d
Clean up unused variables
2014-01-30 11:20:21 -06:00
e7ab77c736
added module for Oracle Forms and Reports
2014-01-30 14:45:17 +01:00
a49473181c
Added new module. Abuses tomcat manager upload page. Tested on tomcat 5.5.36, 6.0.37, 7.0.50, 8.0.0rc10
2014-01-27 09:04:59 -05:00
8fe74629fe
Allow send_request_cgi to take care of the uri encoding
2014-01-26 00:06:41 -06:00
37adf1251c
Delete privileged flag because is configuration dependant
2014-01-25 18:25:31 -06:00
038cb7a981
Add module for CVE-2012-0394
2014-01-25 18:17:01 -06:00
7c5229e2eb
Use opts hash for glassfish_deployer
...
https://dev.metasploit.com/redmine/issues/8498
2014-01-24 20:17:02 -06:00
cdc425e4eb
Update some checks
2014-01-24 12:08:23 -06:00
7f560a4b41
Oops, I broke this module
2014-01-22 11:23:18 -06:00
646f7835a3
Saving progress
2014-01-21 17:14:55 -06:00
85396b7af2
Saving progress
...
Progress group 4: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
2014-01-21 14:10:35 -06:00
689999c8b8
Saving progress
...
Progress group 3: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
2014-01-21 13:03:36 -06:00
e2fa581b8c
Delete empty line
2014-01-17 22:05:14 -06:00
57318ef009
Fix nil bug in jboss_invoke_deploy.rb
...
If there is a connection timeout, the module shouldn't access the
"code" method because that does not exist.
2014-01-17 11:47:18 -06:00
95a5d12345
Merge #2835 , #2836 , #2837 , #2838 , #2839 , #2840 , #2841 , #2842 into one branch
2014-01-13 10:57:09 -06:00
e79ccb08cb
Update rails_secret_deserialization.rb
...
When using aws-sdk with Ruby 2.1.0-rc1, many "Digest::Digest is deprecated; use Digest" warnings are printed.
Even in Ruby 1.8.7-p374, OpenSSL::Digest::Digest is only provided for backward compatibility.
2014-01-07 21:41:15 +01:00
1057cbafee
Remove deprecated linksys module.
2014-01-07 10:22:35 -06:00
c0a82ec091
Avoid specific versions in module names
...
They tend to be a lie and give people the idea that only that version is
vulnerable.
2014-01-06 13:47:24 -06:00
1cb671b02e
Merge branch 'adjust_getenv_api' into stop_abusing_expand_path
2014-01-03 08:14:02 +10:00
1b893a5c26
Add module for CVE-2013-3214, CVE-2013-3215
2014-01-02 11:25:52 -06:00
7f9f4ba4db
Make gsubs compliant with the new indentation standard
2013-12-31 11:06:53 -06:00
5b647ba6f8
Change description
...
Pre-auth is implied.
2013-12-23 02:33:17 -06:00
4816abe63b
Add module for ZDI-13-263
2013-12-19 17:48:52 -06:00
9fb081cb2d
Add getenvs, update getenv, change extract_path use
...
Stacks of modules were using `extract_path` where it wasn't really semantically correct
because this was the only way to expand environment variables. This commit fixes that
up a bit.
Also, I changed the existing `getenv` function in `stdapi` to `getenvs`, and had it
support the splat operator. I added a `getenv` function which is used just for a
single variable and uses `getenvs` behind the scenes.
The meterpreter console `getenv` command now uses `getenvs`
2013-12-19 11:54:34 +10:00
040619c373
Minor description changes
...
No code changes (one comment made on play_youtube to suggest xdg-open
rather than firefox for linux targets).
2013-12-16 14:57:33 -06:00
Tod Beardsley
sinn3r
dummys
William Vu
OJ
jvazquez-r7
Mekanismen
Jovany Leandro G.C
bwall
Meatballs
RangerCha
Niel Nielsen
Joe Vennix