sinn3r
|
2f9d563067
|
Update reference
|
2012-01-09 02:14:29 -06:00 |
David Maloney
|
9cf2af6a94
|
Adds exploit/windows/htt/xampp_webdav_upload_php
This exploit abuses weak default passwords on XAMPP
for windows to uplaod a php payload and execute it.
Fixes #2170
|
2012-01-06 12:00:14 -08:00 |
sinn3r
|
8cced0a91e
|
Add CVE-2011-2462 Adobe Reader U3D exploit
|
2012-01-04 03:49:49 -06:00 |
Joshua J. Drake
|
958ffe6e1d
|
Fix stack trace from unknown agents
|
2012-01-02 03:41:49 -06:00 |
Steve Tornio
|
7bfdc9eff4
|
add osvdb ref
|
2012-01-01 09:10:10 -06:00 |
sinn3r
|
d9db03dba6
|
Add CoCSoft StreamDown buffer overflow (Feature #6168; no CVE or OSVDB ref)
|
2011-12-30 10:16:29 -06:00 |
sinn3r
|
b202c29153
|
Correct e-mail format
|
2011-12-29 11:27:10 -06:00 |
sinn3r
|
d484e18300
|
Add e-mail for tecr0c
|
2011-12-29 11:14:15 -06:00 |
sinn3r
|
9972f42953
|
Add e-mail for mr_me for consistency
|
2011-12-29 11:01:38 -06:00 |
Tod Beardsley
|
0e3370f1fe
|
Grammar and spelling on splunk and oracle exploits
|
2011-12-28 13:42:56 -06:00 |
Steve Tornio
|
4215ef3ae1
|
add osvdb ref
|
2011-12-24 06:54:39 -06:00 |
steponequit
|
69570dada6
|
Add CVE-2008-2161 OpenTFTP SP 1.4 Buffer Overflow by steponequit
|
2011-12-23 16:28:36 -06:00 |
steponequit
|
84c6739921
|
added initial opentftp 1.4 windows exploit
|
2011-12-23 11:27:11 -06:00 |
sinn3r
|
41697440c7
|
Add Oracle Job Scheduler Command Execution (CreateProcessA) - Feature #6079
|
2011-12-23 01:22:39 -06:00 |
sinn3r
|
baaa1f6c82
|
Add US-Cert references to all these SCADA modules. The refers are based on this list:
http://www.scadahacker.com/resources/msf-scada.html
|
2011-12-20 14:07:29 -06:00 |
sinn3r
|
b58097a2a7
|
Remove junk() because it's never used
|
2011-12-17 01:28:07 -06:00 |
sinn3r
|
fae80f8d49
|
typo
|
2011-12-16 11:10:46 -06:00 |
Steve Tornio
|
1712f2aa22
|
add osvdb ref
|
2011-12-14 07:23:11 -06:00 |
sinn3r
|
fea4bfb85c
|
Repair dead milw0rm link to exploit-db
|
2011-12-13 16:13:53 -06:00 |
sinn3r
|
c1a4c4e584
|
Repair dead milw0rm link to exploit-db
|
2011-12-13 16:13:34 -06:00 |
sinn3r
|
acef9de711
|
Repair dead milw0rm link to exploit-db
|
2011-12-13 16:13:15 -06:00 |
sinn3r
|
d246bfa4da
|
Credit Luigi Auriemma for the original discovery/poc, not Celil
|
2011-12-13 15:20:26 -06:00 |
Tod Beardsley
|
a8fad72fce
|
Merge branch 'msftidy_fixup'
Merging a local msftidy cleanup branch, adding a new optional msftidy
test to check for 1.8 compat and cleaning up some whitespace /
file.open()'s.
|
2011-12-12 17:55:21 -06:00 |
Tod Beardsley
|
f402b8598b
|
Whitespace and File.open binary mode cleanups.
Fixes some recent modules: dns_fuzzer, shodan_search,
avidphoneticindexer, and win_privs.
|
2011-12-12 17:31:28 -06:00 |
sinn3r
|
bacdbb90d7
|
ugh, stack overflow != stack buffer overflow. Also, metadata format fix.
|
2011-12-12 15:23:32 -06:00 |
sinn3r
|
5af5137241
|
Add CoDeSys SCADA bof module (#6083)
|
2011-12-12 15:21:15 -06:00 |
HD Moore
|
4736cb1cbe
|
Merge pull request #48 from swtornio/master
add osvdb ref
|
2011-12-11 20:37:43 -08:00 |
HD Moore
|
1ae12e3a23
|
Remove the default target, since module doesn't fingerprint the service
pack, this can only end in tears.
|
2011-12-10 13:31:05 -06:00 |
Steve Tornio
|
b521602d82
|
add osvdb ref
|
2011-12-10 07:49:50 -06:00 |
sinn3r
|
0e2101e4c1
|
Correct author name
|
2011-12-07 00:24:16 -06:00 |
sinn3r
|
92c1065508
|
Add CVE-2004-1626 (Ability FTP Server). OSCP l337-fu :-)
|
2011-12-06 18:52:42 -06:00 |
sinn3r
|
e524215b55
|
WTH, the date format is wrong
|
2011-12-04 15:23:31 -06:00 |
Steve Tornio
|
b75799d18d
|
=add osvdb ref
|
2011-12-02 16:50:42 -06:00 |
Steve Tornio
|
83f12c6fe0
|
=add osvdb ref
|
2011-12-02 16:46:01 -06:00 |
sinn3r
|
c8634390b7
|
Add CCMPlayer m3u exploit (Feature #6029)
|
2011-12-02 16:27:59 -06:00 |
sinn3r
|
f4b755c319
|
Add License comment (author already put 'MSF_LICENSE' in there). Also drop rank, because it doesn't cover so many targets
|
2011-12-02 15:00:39 -06:00 |
sinn3r
|
cd2bb027bf
|
Merge branch 'master' of github.com:rapid7/metasploit-framework
|
2011-12-02 14:54:53 -06:00 |
sinn3r
|
895a509bd3
|
Add Avid Media Composer 5.5 (Feature #6035)
|
2011-12-02 14:53:26 -06:00 |
Steve Tornio
|
2bb97791f7
|
Update OSVDF refs for servu module.
* Added osvdb ref to servu module.
* Fixed rhino entry in osvdb, removed comment from module.
Squashed commit of the following:
commit 80ce65253f51e07a0bcb8900402a1b3d59eaeaa1
Author: Steve Tornio <swtornio@gmail.com>
Date: Fri Dec 2 07:44:28 2011 -0600
add osvdb ref
commit 558f20d84dd705b57b7f807a5ea3815e17b6f9f5
Author: Steve Tornio <swtornio@gmail.com>
Date: Wed Nov 30 08:15:20 2011 -0600
fixed in osvdb
[Closes #39]
|
2011-12-02 13:21:41 -05:00 |
David Maloney
|
2858cae296
|
Some quick corrections to tidy things up
|
2011-11-29 19:57:08 -08:00 |
David Maloney
|
be88f483a3
|
More Accurate Vulnerability Check
|
2011-11-29 18:38:00 -08:00 |
David Maloney
|
0dda948265
|
New Exploit for the Serv-U FTP Buffer overflow
from CVE 2004-2111
|
2011-11-29 17:34:01 -08:00 |
Tod Beardsley
|
f503bd9488
|
Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append.
|
2011-11-28 17:52:34 -06:00 |
Rob Fuller
|
c411c216c0
|
Solved most of msftidy issues with the /modules directory
|
2011-11-28 17:10:29 -06:00 |
sinn3r
|
e11ca43c37
|
Add feature #5680
|
2011-11-21 12:39:45 -06:00 |
sinn3r
|
76846aa578
|
Add MS10-038 (CVE-2010-0822) exploit
|
2011-11-21 11:36:47 -06:00 |
sinn3r
|
28a079f308
|
Add credit to the appropriate researcher
|
2011-11-20 02:32:45 -06:00 |
sinn3r
|
95d639ccf7
|
Change target index and names. Also retested on XP all the way to Win 7, IE 6 to IE8.
|
2011-11-20 01:44:52 -06:00 |
sinn3r
|
9c2fab0921
|
Add CVE-2010-0356 (Viscom Movie Player Pro) by tecr0c
|
2011-11-19 20:40:04 -06:00 |
sinn3r
|
30f13984ea
|
Add wireshark console.lua exploit (CVE-2011-3360)
|
2011-11-18 21:24:48 -06:00 |