Joe Vennix
ee8a97419c
Add some debug print calls to investigate Auto platform selection.
2013-05-21 14:01:13 -05:00
Joe Vennix
60fdf48535
Use renegerate_payload(cli, ...).
2013-05-21 14:01:13 -05:00
Joe Vennix
1a5c747bb9
Update description.
2013-05-15 23:52:51 -05:00
Joe Vennix
178a43a772
Whitespace tweaks and minor bug fix. Wrong payloads still run.
2013-05-15 23:47:04 -05:00
Joe Vennix
f4b6db8c49
Tweak whitespace.
2013-05-15 23:35:59 -05:00
Joe Vennix
a7d79e2a51
Oops, don't cache payload_filename.
2013-05-15 23:34:14 -05:00
Joe Vennix
4d5c4f68cb
Initial commit, works on three OSes, but automatic mode fails.
2013-05-15 23:32:02 -05:00
kernelsmith
0b130e49e7
Squashed commit of the following:
...
commit 1beebe758c32a277e0a77f7d1011a56fda707732
Author: kernelsmith <kernelsmith@kernelsmith>
Date: Fri Jan 11 17:55:27 2013 -0600
fixes missing word in descript. of rails exploit
simple omission fix in description
[Closes #1295 ]
2013-01-11 19:02:06 -06:00
sinn3r
4adf429c31
Adds one more ref
2013-01-11 01:33:26 -06:00
sinn3r
23ef8280be
Merge branch 'java_0day_refs' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-java_0day_refs
...
Conflicts:
modules/exploits/multi/browser/java_jre17_jmxbean.rb
2013-01-11 01:33:11 -06:00
HD Moore
6471a70053
Pass the X-HTTP-Method-Override parameter for compat
2013-01-10 20:27:13 -06:00
sinn3r
e709811c5a
CVE update
2013-01-10 19:51:04 -06:00
jvazquez-r7
2c05af721c
module also updated with refs
2013-01-11 00:57:05 +01:00
HD Moore
9c652d1d55
Add a note about ruby 1.9 requirements
2013-01-10 17:10:03 -06:00
jvazquez-r7
ea000d6ee0
updated authors
2013-01-10 20:48:54 +01:00
jvazquez-r7
876d889d82
added exploit for j7u10 0day
2013-01-10 20:30:43 +01:00
Bouke van der Bijl
3b491ab998
Change charlisome in the list of authors to charliesome
2013-01-10 16:12:07 +01:00
HD Moore
42ea64c21b
Merge in Rails2 support now that its in master
2013-01-10 02:14:08 -06:00
HD Moore
0b74f98946
Rescue errors and update credits
2013-01-10 01:06:46 -06:00
HD Moore
1e94b090e7
The __END__ trick is no longer needed
2013-01-10 00:29:11 -06:00
HD Moore
acabc14ec3
This restores functionality across all rails 3.x
2013-01-10 00:28:12 -06:00
HD Moore
0e92de8f61
This works against a wider range of RoR 3.x targets
2013-01-10 00:10:26 -06:00
HD Moore
5e7a4f154e
Fix platform/arch
2013-01-09 23:24:37 -06:00
HD Moore
e15c731651
Clarify credit
2013-01-09 23:22:40 -06:00
HD Moore
4c1e501ed0
Exploit for CVE-2013-0156 and new ruby-platform modules
2013-01-09 23:10:13 -06:00
jvazquez-r7
ad3ca3a6bb
regex to check version fixed
2013-01-09 23:48:55 +01:00
jvazquez-r7
5901058a61
Merge branch 'ms11_081' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms11_081
2013-01-09 23:24:14 +01:00
sinn3r
fe8b9c24cf
Merge branch 'jvazquez-r7-honeywell_tema_exec'
2013-01-09 16:08:19 -06:00
sinn3r
f3b88d34c1
Add MS11-081
2013-01-09 15:52:33 -06:00
jvazquez-r7
52157b9124
extplorer_upload_exec cleanup
2013-01-09 19:45:17 +01:00
jvazquez-r7
8f91352c4a
Merge branch 'extplorer_upload_exec' of https://github.com/bcoles/metasploit-framework into bcoles-extplorer_upload_exec
2013-01-09 19:44:43 +01:00
jvazquez-r7
7a1a9985d5
Merge branch 'mysql_login_exceptions' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-mysql_login_exceptions
2013-01-09 18:21:03 +01:00
jvazquez-r7
736f8db6c0
Deleting from browser autopwn
2013-01-09 09:58:20 +01:00
jvazquez-r7
377905be7f
Avoid FileDropper in this case
2013-01-09 09:15:38 +01:00
jvazquez-r7
52982c0785
Added BrowserAutopwn info
2013-01-08 19:53:34 +01:00
jvazquez-r7
0e475dfce1
improvements and testing
2013-01-08 19:43:58 +01:00
jvazquez-r7
b2575f0526
Added module for OSVDB 76681
2013-01-08 17:46:31 +01:00
sinn3r
2a1ab2c99a
Improve the module
2013-01-07 19:03:58 -06:00
sinn3r
1d3c1ec7fc
Merge branch 'master' of github.com:CharlieEriksen/metasploit-framework into CharlieEriksen-master
2013-01-07 19:03:35 -06:00
Charlie Eriksen
4e0fca6d0f
Adding DB error handling
...
As per sinn3r's suggestion, adding handling for the most common MySQL
errors.
Also adding HostNotPrivileged, which I encountered during my testing.
2013-01-07 23:52:13 +00:00
sinn3r
5bc1066c69
Change how modules use the mysql login functions
2013-01-07 16:12:10 -06:00
sinn3r
a59c474e3e
Merge branch 'jvazquez-r7-ibm_cognos_tm1admsd_bof'
2013-01-07 13:34:52 -06:00
Tod Beardsley
36adf86184
Various and sundry fixes for normalize_uri
2013-01-07 12:02:08 -06:00
Tod Beardsley
33751c7ce4
Merges and resolves CJR's normalize_uri fixes
...
Merge remote-tracking branch 'ChrisJohnRiley/set_normalize_uri_on_modules'
into set_normalize_uri_on_modules
Note that this trips all kinds of msftidy warnings, but that's for another
day.
Conflicts:
modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb
modules/exploits/windows/http/xampp_webdav_upload_php.rb
2013-01-07 11:16:58 -06:00
Charlie Eriksen
a8df3d71ff
Changes based on Sinn3r's feedback
...
A bucket-load of changes!
- Added a fallback for if there is no Set-Cookie header
- Added a check if the cookie we produce is simply empty, meaning we
failed something :(
- Removed use of flatten. Though I may look into making that extraction
better
- Changed cgi requests to use vars_(post|get)
- Clarified a few status prints
- A few EOL space fixes
2013-01-06 12:34:27 +00:00
Charlie Eriksen
a5113f0da4
Adding a check function
...
Because it makes sense. The non-vulnerable versions doesn't have
/libs/pdf.php.
So pretty simple.
2013-01-05 18:37:29 +00:00
Charlie Eriksen
ae72022777
Improvement for CVE 2012-4915
...
Made two tiny improvements based on Meatballs' points
- Added handling for 127.0.0.1 as DB_HOST
- Added a note in the description about it changing the pasword
2013-01-05 18:23:00 +00:00
Charlie Eriksen
25cadf8b87
Adding exploit for CVE 2012-4915
...
Initial commit.
Major functionality working. A bit of polish is still needed in a few
spots to handle exceptions and such.
2013-01-05 14:21:02 +00:00
jvazquez-r7
883b3446f3
license text
2013-01-05 08:03:25 +01:00
jvazquez-r7
0a13f01f23
Added module for ZDI-12-101
2013-01-05 07:40:32 +01:00