aef764de08
working on moving things referenced in Feature #653 . added different param for secure backup
...
git-svn-id: file:///home/svn/framework3/trunk@13591 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 18:35:29 +00:00
fe53151324
fix tabs
...
git-svn-id: file:///home/svn/framework3/trunk@13590 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 16:58:50 +00:00
056adf7063
Add Win 7 target
...
git-svn-id: file:///home/svn/framework3/trunk@13589 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 16:57:19 +00:00
c78ba0e4d5
hehe remove debugging put call
...
git-svn-id: file:///home/svn/framework3/trunk@13586 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:59:32 +00:00
63e2b759e7
require the URI option
...
git-svn-id: file:///home/svn/framework3/trunk@13585 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:54:58 +00:00
402ca57bb4
Adds Struts2 Remote Code Execution exploit CVE-2010-1870
...
git-svn-id: file:///home/svn/framework3/trunk@13584 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 05:52:09 +00:00
2a62ac35ac
Fix bug #5267
...
git-svn-id: file:///home/svn/framework3/trunk@13573 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-17 06:14:51 +00:00
6c58dad979
ugh, why the extra spaces
...
git-svn-id: file:///home/svn/framework3/trunk@13566 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 15:34:49 +00:00
eaa5cf6b5d
Use heaplib on IE 8, allow obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13565 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 15:32:17 +00:00
55d60a1af2
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13556 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-13 02:28:49 +00:00
c29a4d5ea3
Specify UUID offset for the custom .Net binary
...
git-svn-id: file:///home/svn/framework3/trunk@13555 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-13 02:15:05 +00:00
f8bf910fbb
missing var
...
git-svn-id: file:///home/svn/framework3/trunk@13554 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-13 02:05:08 +00:00
8bf7a9990b
Improve javascript obfuscation, and allow it as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13553 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 23:03:11 +00:00
20f4280d9f
Exploit is much more reliable than before, it gets a promotion
...
git-svn-id: file:///home/svn/framework3/trunk@13549 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 19:17:23 +00:00
bfc59e4c62
Add MS10-026 exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13547 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 19:04:25 +00:00
3b04e7bd9e
Add routine to check target before exploiting it
...
git-svn-id: file:///home/svn/framework3/trunk@13535 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 23:05:45 +00:00
0d9908435a
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13533 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 22:18:25 +00:00
456aeeb90b
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13530 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 18:47:21 +00:00
4ac431948a
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13524 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 15:50:43 +00:00
a1526e86b8
Use heaplib to spray, and use obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13523 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 15:25:14 +00:00
a6a444930e
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13522 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 11:17:30 +00:00
950a4215a0
Fix a problem where resp.index() might return nil
...
git-svn-id: file:///home/svn/framework3/trunk@13521 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 09:03:19 +00:00
6a89cf5859
Add TeeChart Professional ActiveX exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13520 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 08:41:30 +00:00
dad6103944
Fix documentation to match change; will only affect windows.
...
git-svn-id: file:///home/svn/framework3/trunk@13519 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 03:05:58 +00:00
f12742a05f
Better cleanup for PXE attacks.
...
git-svn-id: file:///home/svn/framework3/trunk@13518 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 02:57:02 +00:00
58198f37ba
Fix reference link
...
git-svn-id: file:///home/svn/framework3/trunk@13513 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 18:58:20 +00:00
8dc4228ee0
Fix very minor typo
...
git-svn-id: file:///home/svn/framework3/trunk@13508 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 17:05:49 +00:00
3b1769d621
Add Mozilla Firefox 3.6.16 mChannel Use After Free exploit by Rh0
...
git-svn-id: file:///home/svn/framework3/trunk@13507 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 05:58:02 +00:00
28177fd255
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13505 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 02:54:56 +00:00
b2733c04db
More PXE dust for extra magic!
...
git-svn-id: file:///home/svn/framework3/trunk@13493 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-05 17:10:27 +00:00
f1afbacb2a
Cron'd
...
git-svn-id: file:///home/svn/framework3/trunk@13485 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-04 17:36:01 +00:00
a0168d59a8
Minor fix to comply with the 100 columns per line guideline
...
git-svn-id: file:///home/svn/framework3/trunk@13467 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 21:20:29 +00:00
bee7fba3c8
Small typo fix and some minor formatting
...
git-svn-id: file:///home/svn/framework3/trunk@13466 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 19:34:01 +00:00
118ca372b3
adding CA Arcserve D2D GWT Credential Information Disclosure module
...
git-svn-id: file:///home/svn/framework3/trunk@13465 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-01 14:40:52 +00:00
1fb64f099d
Typo
...
git-svn-id: file:///home/svn/framework3/trunk@13427 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-30 18:23:52 +00:00
d58d061735
complain if the given applet name is not formatted correctly, fixes #5082
...
git-svn-id: file:///home/svn/framework3/trunk@13389 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-28 17:46:36 +00:00
df52bfaa4f
Ensure that we check for pcaprub before doing much anything else for those modules that actually require it. In some cases, that means moving open_pcap() up to be the first method call, in others, insert check_pcaprub_loaded first. Also removes a few cases of redundant checking (the Capture mixin does all this already anyway).
...
git-svn-id: file:///home/svn/framework3/trunk@13381 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 20:21:47 +00:00
b22ca615c7
Fixes #5038 , missed a couple mentions of Racket. Excised now for sure.
...
git-svn-id: file:///home/svn/framework3/trunk@13371 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 17:44:36 +00:00
c54e18d757
Fixes #5038 . Removes all instances of Racket objects, as far as I can tell. If I missed any through my mighty grep -ril racket . statement, please reopen!
...
git-svn-id: file:///home/svn/framework3/trunk@13342 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 01:29:21 +00:00
6fc59d5287
Fill in BID reference
...
git-svn-id: file:///home/svn/framework3/trunk@13330 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 19:42:40 +00:00
6bf90f884e
Fix debug mode and some extra tabs in JS
...
git-svn-id: file:///home/svn/framework3/trunk@13325 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 00:22:29 +00:00
f47a2c7565
Format dictatorship round 2: Fix author e-mail format for all exploit modules
...
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 20:17:58 +00:00
25c89c2e7a
Put the short jmp in there
...
git-svn-id: file:///home/svn/framework3/trunk@13224 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 15:07:00 +00:00
7dbb56b38b
No longer default a target for XP systems; some obscure builds of XP Embedded SP1 have a different offset and not good way to differentiate
...
git-svn-id: file:///home/svn/framework3/trunk@13214 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-19 01:40:26 +00:00
3ca9b51984
oops, a little mistake in the description
...
git-svn-id: file:///home/svn/framework3/trunk@13212 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 20:46:08 +00:00
821e9dd68b
Updated metadata, merged code with #4923 . Thx Joff.
...
git-svn-id: file:///home/svn/framework3/trunk@13211 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 20:39:27 +00:00
764bb36f44
Wait a little longer for a session (5 seconds)
...
git-svn-id: file:///home/svn/framework3/trunk@13208 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 16:05:51 +00:00
8887fe86b8
Either the offset or the env page moves around for this exploit on some non-english systems, do not default the target for 2003 SP0
...
git-svn-id: file:///home/svn/framework3/trunk@13206 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 14:59:55 +00:00
d13654740a
Update some jboss modules' metadata associated with CVE-2010-0738
...
git-svn-id: file:///home/svn/framework3/trunk@13204 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-18 05:18:25 +00:00
2eeffc39fc
Add Iconics GENESIS32 GenBroker exploit by lincoln and corelanc0d3r
...
git-svn-id: file:///home/svn/framework3/trunk@13197 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-17 15:01:46 +00:00
681563adc9
Fix that extra tab in the description
...
git-svn-id: file:///home/svn/framework3/trunk@13194 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 05:21:20 +00:00
2e93ba06ba
Add HP NNM ToolBar.exe exploit aganist the OvOSLocale cookie parameter
...
git-svn-id: file:///home/svn/framework3/trunk@13193 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 05:14:33 +00:00
86b40e894b
Make room for another exploit against ToolBar.exe
...
git-svn-id: file:///home/svn/framework3/trunk@13192 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-16 04:45:21 +00:00
1d25a6d7d1
add an exploit for java's rmid and rmiregistry code-execution-by-design and supporting source. fixes #4378 , thanks mihi!
...
git-svn-id: file:///home/svn/framework3/trunk@13185 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 20:42:31 +00:00
1162aafa1e
p function causes problems with rpc.
...
git-svn-id: file:///home/svn/framework3/trunk@13184 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 18:45:05 +00:00
c412a836ed
add VERBOSE option to all modules and vprint_* methods to use it
...
git-svn-id: file:///home/svn/framework3/trunk@13183 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-15 15:33:35 +00:00
9278b0a5f5
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13152 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-11 06:59:00 +00:00
94aea207d3
Remove extra tabs and spaces
...
git-svn-id: file:///home/svn/framework3/trunk@13148 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 21:10:45 +00:00
9892eb39eb
Syntax fix
...
git-svn-id: file:///home/svn/framework3/trunk@13147 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 20:50:52 +00:00
32a7eb0000
svn propset
...
git-svn-id: file:///home/svn/framework3/trunk@13146 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 19:19:00 +00:00
7958516549
Adds Xeros Firefox nstreerange exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13143 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 17:12:53 +00:00
5b69b52ec4
"InitialAutoRunScript" is more like it
...
git-svn-id: file:///home/svn/framework3/trunk@13142 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 07:28:12 +00:00
6448daf571
MS10-018, y u no InitialAutoRunScript
...
git-svn-id: file:///home/svn/framework3/trunk@13141 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 07:02:38 +00:00
15f82402af
I changed my mind. The ATTEMPTS options is required.
...
git-svn-id: file:///home/svn/framework3/trunk@13137 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-09 04:10:52 +00:00
1246fd5731
Added Blue Coat Authentication Authorization Agent exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13134 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-09 01:40:29 +00:00
94640b6bc4
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@13115 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-07 11:54:54 +00:00
47e6c4a89f
Added #4870 - MicroP .mppl buffer overflow exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13114 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-07 06:29:37 +00:00
78f2525fdc
Fixes #4879 by adding a new target from bperry
...
git-svn-id: file:///home/svn/framework3/trunk@13110 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-07 03:33:04 +00:00
1058948419
Updated ROP, no more hardcoded ntdll addresses
...
git-svn-id: file:///home/svn/framework3/trunk@13106 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-06 07:22:24 +00:00
7589f8d2f1
Updated target name that works against multiple systems (thx corelanc0d3r)
...
git-svn-id: file:///home/svn/framework3/trunk@13105 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-06 01:59:24 +00:00
ab4961bfa9
Timeline
...
git-svn-id: file:///home/svn/framework3/trunk@13099 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-05 05:20:47 +00:00
e678bb0a8e
Update the description to match the latest information
...
git-svn-id: file:///home/svn/framework3/trunk@13098 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-05 05:11:00 +00:00
c82063d708
Update based on feedback from mc, indicating this backdoor was in place since February 15th 2011 and likely even earlier
...
git-svn-id: file:///home/svn/framework3/trunk@13097 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-05 01:49:05 +00:00
1e4dfaf6de
Change author name for dookie
...
git-svn-id: file:///home/svn/framework3/trunk@13096 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-04 22:33:47 +00:00
5482a59910
Exit cleanly if the shell as not valid
...
git-svn-id: file:///home/svn/framework3/trunk@13095 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-04 21:18:44 +00:00
bd12c8c6a9
Fix a couple small typos
...
git-svn-id: file:///home/svn/framework3/trunk@13094 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-04 21:10:30 +00:00
e6968c202a
A couple bug fixes to enable cmd_interact and a new module for the VSFTPD backdoor
...
git-svn-id: file:///home/svn/framework3/trunk@13093 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-04 20:09:32 +00:00
2f6b89516a
Added HP Data Protector omniinet buffer overflow with opcode 20
...
git-svn-id: file:///home/svn/framework3/trunk@13092 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-04 17:02:40 +00:00
db6b8c3545
Probably time to fess up :)
...
git-svn-id: file:///home/svn/framework3/trunk@13088 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-02 01:09:46 +00:00
dbd04d754a
Change to a better P/P/R, tested on 4 different machines. Thx fdiskyou.
...
git-svn-id: file:///home/svn/framework3/trunk@13081 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-01 22:26:12 +00:00
b6e1c6a967
add exploit module hp_omniinet_3.rb
...
git-svn-id: file:///home/svn/framework3/trunk@13080 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-01 17:07:38 +00:00
fc33b1d20e
'\x00' isn't the same as "\x00"
...
git-svn-id: file:///home/svn/framework3/trunk@13051 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-28 19:45:51 +00:00
73dc5c605b
Change ranking. Because looks like it works better than "average"
...
git-svn-id: file:///home/svn/framework3/trunk@13042 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-27 18:00:12 +00:00
e6995b4912
Added ZDI-11-023 Citrix Provisioning Services bof exploit (Feature #4798 )
...
git-svn-id: file:///home/svn/framework3/trunk@13041 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-27 17:54:18 +00:00
1b25cf3c43
Using SEH instead of egghunter. Verified again on Win2k3. thx to MC.
...
git-svn-id: file:///home/svn/framework3/trunk@13036 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 19:28:14 +00:00
bf20ace73e
totally noobd out on that one, thx
...
git-svn-id: file:///home/svn/framework3/trunk@13035 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 18:09:21 +00:00
6325515ca7
Minor name change
...
git-svn-id: file:///home/svn/framework3/trunk@13034 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 16:09:53 +00:00
07f415f4e0
Forgot to switch back to random paddings
...
git-svn-id: file:///home/svn/framework3/trunk@13033 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 16:06:39 +00:00
a29002ee2e
handle a few corner cases
...
git-svn-id: file:///home/svn/framework3/trunk@13032 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 06:03:23 +00:00
f0e6159a35
Minor name change for the exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13031 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 06:01:21 +00:00
13b2209f3d
Added Microsoft Visio DXF File Buffer Overflow Exploit by Juan
...
git-svn-id: file:///home/svn/framework3/trunk@13030 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-26 05:59:37 +00:00
0cf51f8d5a
Exploit name change. Also, this thing doesn't use seh.
...
git-svn-id: file:///home/svn/framework3/trunk@13026 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-25 14:25:45 +00:00
27eb48f650
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13025 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-25 11:27:55 +00:00
f16f850fc6
Added Siemens FactoryLink 8 csservice.exe (port 7580)
...
git-svn-id: file:///home/svn/framework3/trunk@13019 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-25 00:54:18 +00:00
37b7345fea
Adds Ranking and Fileformat version of the Lotus Notes LZH Exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13015 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 15:43:54 +00:00
59943cb367
add osvdb and cve refs
...
git-svn-id: file:///home/svn/framework3/trunk@13014 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 12:05:09 +00:00
7b5860d0ab
Fix a bug if the RHOST length is 15 or longer
...
git-svn-id: file:///home/svn/framework3/trunk@13013 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 09:58:50 +00:00
df8bf68722
Adds Lotus Notes .lzh Autonomy Keyview Exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13012 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 09:51:16 +00:00
1223275330
Change ranking for now until we have a better solution for SP3
...
git-svn-id: file:///home/svn/framework3/trunk@13009 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 01:04:29 +00:00
bd62c13fb0
Added RealWin SCADA Server DATAC Login Buffer Overflow (Feature #4787 ))
...
git-svn-id: file:///home/svn/framework3/trunk@13007 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-22 22:36:55 +00:00
57cf0b04a7
stack overflow != stack buffer overflow
...
git-svn-id: file:///home/svn/framework3/trunk@13001 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 23:27:16 +00:00
465bc8ce88
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13000 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 22:42:53 +00:00
a5a1f1587f
add another scada module. winlog_runtime.rb
...
git-svn-id: file:///home/svn/framework3/trunk@12999 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 21:48:30 +00:00
0400a72ab0
RCA, description update, and some text randomness
...
git-svn-id: file:///home/svn/framework3/trunk@12998 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 21:08:57 +00:00
69963a45ab
Fixes #4752 - Auto-detect the windows directory and use it for subsequent requests
...
git-svn-id: file:///home/svn/framework3/trunk@12997 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 18:55:28 +00:00
03464a168e
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12996 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 18:02:35 +00:00
d796f523a6
Adds FactorLink vrn.exe exploit from hal
...
git-svn-id: file:///home/svn/framework3/trunk@12995 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 13:20:18 +00:00
fdbc038bd0
Add BlackIce Cover Page ActiveX downloadimagefileurl exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12992 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 02:51:39 +00:00
8ee3bf7f54
add cve, osvdb and bugtraq id.
...
git-svn-id: file:///home/svn/framework3/trunk@12978 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 11:07:22 +00:00
3831e49455
See #4506 for Macro handling
...
git-svn-id: file:///home/svn/framework3/trunk@12977 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 07:23:16 +00:00
0b30256203
Add licensing
...
git-svn-id: file:///home/svn/framework3/trunk@12975 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 04:01:47 +00:00
eff703b3ad
Add SCADA Realwin On_FC_CONNECT_FCS_a_FILE buffer overflow
...
git-svn-id: file:///home/svn/framework3/trunk@12974 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-20 00:37:13 +00:00
650762517f
update CVE and OSVDB to match what the author said
...
git-svn-id: file:///home/svn/framework3/trunk@12964 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-17 17:35:57 +00:00
7c47b48f5b
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12962 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-17 01:56:20 +00:00
23cc89482b
CVE correction, thanks Kurt.
...
git-svn-id: file:///home/svn/framework3/trunk@12961 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-17 00:56:11 +00:00
eae350b88b
CVE-2011-1260 seems to be the right one
...
git-svn-id: file:///home/svn/framework3/trunk@12959 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 22:27:10 +00:00
8e5311cb61
File.read is not binary safe. replace it with File.open in a few places where it matters.
...
git-svn-id: file:///home/svn/framework3/trunk@12957 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 22:02:00 +00:00
0a04835138
Added MS11-050 by d0c_s4vage
...
git-svn-id: file:///home/svn/framework3/trunk@12956 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 21:19:12 +00:00
ea5dc1c85c
use the right uri for our jar when other webserver modules are running
...
git-svn-id: file:///home/svn/framework3/trunk@12944 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-14 23:57:10 +00:00
d11e1f3294
Make all keywords consistent for modules.
...
git-svn-id: file:///home/svn/framework3/trunk@12936 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-13 03:38:31 +00:00
eea05fcaaa
Correct the parent class name
...
git-svn-id: file:///home/svn/framework3/trunk@12930 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 19:31:38 +00:00
7f3e2d182d
Fix Axis2 to inherit from the correct class, prevent a stack trace when a non-Remote exploit has the cleanup method called.
...
git-svn-id: file:///home/svn/framework3/trunk@12928 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 18:32:27 +00:00
04d280fdd0
minor fixes
...
git-svn-id: file:///home/svn/framework3/trunk@12925 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-12 00:04:55 +00:00
ee7454c5e6
Added IBM Tivoli Endpoint Manager HTTP POST query buffer overflow exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12922 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-11 23:48:18 +00:00
579d823070
add osvdb and cve refs
...
git-svn-id: file:///home/svn/framework3/trunk@12893 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-09 20:44:52 +00:00
247251ac07
Remove references to OUTPUTPATH options, unless files are created using a different method
...
git-svn-id: file:///home/svn/framework3/trunk@12892 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-09 19:51:56 +00:00
85f5e5fb98
Fix the disclosure date to match when signing was made available to the masses
...
git-svn-id: file:///home/svn/framework3/trunk@12891 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-09 17:08:05 +00:00
24bb7c3d8d
7-Technologies IGSS v9.0 Rename command buffer overflow
...
git-svn-id: file:///home/svn/framework3/trunk@12886 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-09 06:04:04 +00:00
c3c061334d
Add a "disclosure date" (applets were included in the first java release) and changing the title.
...
git-svn-id: file:///home/svn/framework3/trunk@12883 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-08 03:31:49 +00:00
e2820918ad
adds Windows XP SP3 target and updates the reference link
...
git-svn-id: file:///home/svn/framework3/trunk@12873 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 20:29:02 +00:00
b9e398c706
adds support for SSL
...
git-svn-id: file:///home/svn/framework3/trunk@12872 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 20:15:51 +00:00
31a659e55a
Fixed this up to use the new JS obfuscation hotness thanks to egyp7s rkelly fu!
...
git-svn-id: file:///home/svn/framework3/trunk@12871 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 19:49:33 +00:00
377a18030a
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12869 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 19:06:18 +00:00
3d7715ce60
Added Cisco AnyConnect VPN Client ActiveX download and execute exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12868 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 18:52:26 +00:00
2e861a2fa8
Added CVE
...
git-svn-id: file:///home/svn/framework3/trunk@12865 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 02:35:40 +00:00
1c4bf118e8
add a version check
...
git-svn-id: file:///home/svn/framework3/trunk@12847 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 23:47:44 +00:00
bee19278d7
add a new javascript obfuscation engine using rkelly for parsing. use it in browser_autopwn and ms10_018_ie_behaviors. see #1003
...
git-svn-id: file:///home/svn/framework3/trunk@12839 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 00:36:26 +00:00
6890ec5610
add cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@12816 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-02 12:24:25 +00:00
bfdb3a2a36
Added GoldenFTP exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12812 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-02 01:10:22 +00:00
f43368ebe4
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@12779 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-31 14:33:19 +00:00
396e476a03
Updated description, documented packet header a bit
...
git-svn-id: file:///home/svn/framework3/trunk@12774 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-30 21:17:35 +00:00
b950219b0d
Fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@12773 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-30 21:06:56 +00:00
4d044ee592
Added 7-Technologies IGSS 9.0 Write File / EXE packet handling exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12772 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-30 21:00:49 +00:00
5b91eadb87
fix the string replacement and do it at setup time instead of for every request
...
git-svn-id: file:///home/svn/framework3/trunk@12747 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 19:36:12 +00:00
cd3f306ef2
clarify info a bit; make APPLETNAME option actually do something.
...
git-svn-id: file:///home/svn/framework3/trunk@12746 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 19:13:47 +00:00
ef7a7adc1e
escape slashes, thanks aushack
...
git-svn-id: file:///home/svn/framework3/trunk@12738 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-27 06:14:52 +00:00
5a54a408f5
stupid debugging stuff
...
git-svn-id: file:///home/svn/framework3/trunk@12736 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-26 19:10:54 +00:00
c5781ae515
add support for PKCS12 (.pfx) cert/key files and cert chains in PEM files
...
git-svn-id: file:///home/svn/framework3/trunk@12735 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-26 17:52:12 +00:00
11a1b5dcad
fix the requires for java signing.
...
git-svn-id: file:///home/svn/framework3/trunk@12719 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 18:02:02 +00:00
812bae9df9
add support for signing applets (or any other jar) with openssl. this removes the need for a dependency on RJB
...
git-svn-id: file:///home/svn/framework3/trunk@12718 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 16:45:20 +00:00
782b1c6dd6
add stratsec ref, update disclosure to match public timeline
...
git-svn-id: file:///home/svn/framework3/trunk@12716 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 13:57:12 +00:00
5617d23635
Removed erroneous awstatstotals_multisort print_status.
...
git-svn-id: file:///home/svn/framework3/trunk@12715 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 10:45:36 +00:00
51ce0dba58
Added awstatstotals_multisort exploit module.
...
git-svn-id: file:///home/svn/framework3/trunk@12714 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 10:42:37 +00:00
c1233db428
ugh! It's visiwavereport.exe, not visiwave.exe.
...
git-svn-id: file:///home/svn/framework3/trunk@12711 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 04:48:25 +00:00
0c60fe5a4b
Couldn't help but patch-diff it and updated the description again
...
git-svn-id: file:///home/svn/framework3/trunk@12710 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-25 04:45:17 +00:00
6b6c6b2f64
We're actually not using 'Ret', it is removed.
...
git-svn-id: file:///home/svn/framework3/trunk@12706 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-24 23:15:06 +00:00
af4b8bfef6
RCA done, the new description explains what really happens that causes the vulnerability.
...
git-svn-id: file:///home/svn/framework3/trunk@12705 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-24 22:58:10 +00:00
f80c66ee8f
Disclosure date is actually May 10 2011, confirmed by Mr_Me.
...
git-svn-id: file:///home/svn/framework3/trunk@12698 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 23:55:03 +00:00
fd6a3def6e
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12695 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 19:50:57 +00:00
ef48240606
Make it obvious which exploit is handling a request
...
git-svn-id: file:///home/svn/framework3/trunk@12693 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 17:05:44 +00:00
d900892da8
Disclosure date change. '2007' wouldn't make sense now, would it?
...
git-svn-id: file:///home/svn/framework3/trunk@12692 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 16:30:07 +00:00
8089d10618
Added VisiWave Site Survey Report buffer overflow exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12691 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-23 16:28:38 +00:00
28d5febfad
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12688 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-22 23:41:15 +00:00
e916a61eec
Date format fix
...
git-svn-id: file:///home/svn/framework3/trunk@12685 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-22 22:09:52 +00:00
d9c0d1c941
Added Magix Musik Maker 16 buffer overflow exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12684 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-22 22:08:09 +00:00
36983436db
play a little nicer with browser autopwn by not spraying the heap if creating the vulnerable object failed
...
git-svn-id: file:///home/svn/framework3/trunk@12667 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 19:45:14 +00:00
0b88468617
out with the new, in with the old. css_clip is pretty unreliable in my tests, go back to using ie_behaviors in browser autopwn
...
git-svn-id: file:///home/svn/framework3/trunk@12663 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 16:33:55 +00:00
f9c49ef9ce
Comment update (this is still for the egghunter fix: bug #4552 )
...
git-svn-id: file:///home/svn/framework3/trunk@12657 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-18 19:50:22 +00:00
6345fec06c
checksum support for egghunter disabled, because not enough room for it. See r4552.
...
git-svn-id: file:///home/svn/framework3/trunk@12656 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-18 19:48:06 +00:00
04efaf9281
referencing navigator.javaEnabled breaks ie6, only check navigator.javaEnabled();
...
git-svn-id: file:///home/svn/framework3/trunk@12655 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 22:44:39 +00:00
72692d27f7
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12643 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-17 11:28:25 +00:00
4f56444f2c
Fix for nops
...
git-svn-id: file:///home/svn/framework3/trunk@12639 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 19:30:17 +00:00
95700687de
Added IGSS 9 buffer overflow
...
git-svn-id: file:///home/svn/framework3/trunk@12638 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-16 19:02:05 +00:00
486c0556d0
don't leave unnecessary evil-looking logs
...
git-svn-id: file:///home/svn/framework3/trunk@12604 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-12 22:46:43 +00:00
40894c3726
Moving Iconics webhmi activeX exploit from browser to scada directory
...
git-svn-id: file:///home/svn/framework3/trunk@12584 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-11 20:45:54 +00:00
d0c93f7e49
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12582 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-11 11:33:16 +00:00
5d59d819ac
Added SPlayer Content-Type bof
...
git-svn-id: file:///home/svn/framework3/trunk@12581 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-11 00:18:11 +00:00
b84df80983
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12576 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 19:16:07 +00:00
105b5799af
Added ICONICS WebHMI ActiveX SetActiveXGuid bof
...
git-svn-id: file:///home/svn/framework3/trunk@12573 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 18:07:15 +00:00
c87ba8f026
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12557 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 19:33:01 +00:00
5b8e4707cc
Add an exploit for CVE-2011-1574 (libmodplug via VLC 1.1.8)
...
git-svn-id: file:///home/svn/framework3/trunk@12544 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-06 15:29:07 +00:00
8d78a47e45
get_resource() added to 'src' parameter
...
git-svn-id: file:///home/svn/framework3/trunk@12543 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-05 22:10:30 +00:00
c80d454dd7
fixes some logic which restricted the use of other windows targets
...
git-svn-id: file:///home/svn/framework3/trunk@12542 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-05 15:11:46 +00:00
a8b6c43636
reverting the disclosure dates for now need to clean up the patch
...
git-svn-id: file:///home/svn/framework3/trunk@12540 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 20:43:19 +00:00
3b7ea08f6a
Fixes a ton of Disclosure Date discrepencies in various modules, thanks a ton to Michael Baker for spending the time to ensure accuracy
...
git-svn-id: file:///home/svn/framework3/trunk@12539 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:17:31 +00:00
3b5cf3826a
Added TheLightCosines OpenSSL ChangeCipherSpec DoS aux module
...
git-svn-id: file:///home/svn/framework3/trunk@12538 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:08:28 +00:00
fdd9b361bb
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12532 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-03 11:40:09 +00:00
9c619c3a40
Added mjm quickplayer s3m bof
...
git-svn-id: file:///home/svn/framework3/trunk@12474 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 02:37:14 +00:00
72af607aef
Added MJM Coreplayer s3m bof
...
git-svn-id: file:///home/svn/framework3/trunk@12473 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-30 02:36:14 +00:00
be2f68afbd
this method doesnt work with a licensed install.
...
git-svn-id: file:///home/svn/framework3/trunk@12470 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-29 22:17:40 +00:00
8fa4443a68
Added Subtitle Processor 7.7.1 bof
...
git-svn-id: file:///home/svn/framework3/trunk@12461 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-28 08:12:32 +00:00
be83842dff
added exploit module emc_homebase_exec.rb
...
git-svn-id: file:///home/svn/framework3/trunk@12458 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-27 20:29:27 +00:00
f59db11f0e
Fixed typo in description. Thanks ragecyr.
...
git-svn-id: file:///home/svn/framework3/trunk@12456 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-27 16:54:49 +00:00
a31ac81b57
Added eZip Wizard 3.0 Stack Buffer Overflow
...
git-svn-id: file:///home/svn/framework3/trunk@12428 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-25 01:06:34 +00:00
2772be9125
Small offset change for Win 7 target requested by sd
...
git-svn-id: file:///home/svn/framework3/trunk@12422 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-24 03:50:55 +00:00
319b4993a4
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12397 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 19:38:42 +00:00
0f9a232025
Added Spreecommerce Remote Code Execution exploit module - thanks joernchen
...
git-svn-id: file:///home/svn/framework3/trunk@12392 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 16:57:17 +00:00
c5d51cf810
Disclosure date change
...
git-svn-id: file:///home/svn/framework3/trunk@12391 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 15:45:07 +00:00
6d71990dfc
Disclosure date change
...
git-svn-id: file:///home/svn/framework3/trunk@12390 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 15:40:59 +00:00
7ef79e3ca5
Changed disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@12389 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 15:34:01 +00:00
31f2afc033
fix date
...
git-svn-id: file:///home/svn/framework3/trunk@12388 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 11:12:34 +00:00
03ac21e5be
Updated disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@12387 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 04:34:31 +00:00
4662f88d43
Incorrect CVE reference removed
...
git-svn-id: file:///home/svn/framework3/trunk@12385 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 04:21:48 +00:00
cb491e35d2
Changed disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@12384 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 02:10:40 +00:00
458d8cccb8
Modified heap spray routine. Added IE 8 target for XP SP3.
...
git-svn-id: file:///home/svn/framework3/trunk@12383 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 21:55:33 +00:00
a08bef0a47
allow the wireshark dect dissector exploit to be used remotly
...
git-svn-id: file:///home/svn/framework3/trunk@12376 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 16:36:48 +00:00
488c6de9df
Description change again
...
git-svn-id: file:///home/svn/framework3/trunk@12371 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 16:41:58 +00:00
4b7595b8e4
Updated the size of the pcap file. Description also udpated.
...
git-svn-id: file:///home/svn/framework3/trunk@12369 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 16:34:17 +00:00
6d0bfaaa57
Updated author
...
git-svn-id: file:///home/svn/framework3/trunk@12368 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 15:23:49 +00:00
0859bb18a7
add cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@12365 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 11:32:17 +00:00
90668a9913
Date format fix
...
git-svn-id: file:///home/svn/framework3/trunk@12364 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 07:53:58 +00:00
9d40da6bbb
Title change
...
git-svn-id: file:///home/svn/framework3/trunk@12363 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 06:43:05 +00:00
9c60889f02
Added Wireshark packet-dect memcpy overflow (.pcap)
...
git-svn-id: file:///home/svn/framework3/trunk@12362 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 06:41:57 +00:00
d4dd84536d
Added Win 7 target
...
git-svn-id: file:///home/svn/framework3/trunk@12361 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-19 03:10:36 +00:00
b94d09cdf1
Try a little harder to make this module more reliable through TCP proxies
...
git-svn-id: file:///home/svn/framework3/trunk@12359 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-18 20:53:21 +00:00
c28e7259ac
Added CVE-2011-0611 Adobe Flash 0day
...
git-svn-id: file:///home/svn/framework3/trunk@12330 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-16 02:09:33 +00:00
9ac36d6e0a
Forgot to change two other hardcoded junks to random alpha bytes
...
git-svn-id: file:///home/svn/framework3/trunk@12322 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-14 23:28:58 +00:00
b81d87173f
Added mr_me's Win XP SP3 + DEP target
...
git-svn-id: file:///home/svn/framework3/trunk@12320 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-14 23:08:47 +00:00
b5e0962e3e
return the appropriate check codes instead of just printing stuff. add some error checks to avoid stack traces against samba and non-existant hosts
...
git-svn-id: file:///home/svn/framework3/trunk@12314 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-13 23:26:07 +00:00
79e84a46e9
add cve & osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@12306 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-12 11:04:29 +00:00
33249bea32
Changed 0x90 nops to make_nops() instead
...
git-svn-id: file:///home/svn/framework3/trunk@12305 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 23:32:41 +00:00
3dec79f346
Format fix again
...
git-svn-id: file:///home/svn/framework3/trunk@12304 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 23:24:12 +00:00
e5068838ff
Last format fix
...
git-svn-id: file:///home/svn/framework3/trunk@12301 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 22:31:27 +00:00
300989db5f
Format issue fix
...
git-svn-id: file:///home/svn/framework3/trunk@12299 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 22:28:38 +00:00
eea7a0e743
Added Video Spirit vlsprj buffer overflow exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12296 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 22:09:23 +00:00
39f4c0c42f
Added MS08-067 check method thanks staylor =)
...
git-svn-id: file:///home/svn/framework3/trunk@12294 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 16:32:59 +00:00
e9e8026832
Fixed author name in modules for myself.
...
git-svn-id: file:///home/svn/framework3/trunk@12292 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-11 02:25:36 +00:00
ffe6868d22
Updated vbs stager temp var
...
git-svn-id: file:///home/svn/framework3/trunk@12286 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-09 18:24:43 +00:00
d2374a435f
add .jar extension, thx for the contribution!
...
git-svn-id: file:///home/svn/framework3/trunk@12285 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-09 17:03:41 +00:00
c31603beac
Updated: Using random nops and padding
...
git-svn-id: file:///home/svn/framework3/trunk@12284 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 23:09:31 +00:00
8b0605c418
Added AOL Desktop 9.6 rtx buffer overflow
...
git-svn-id: file:///home/svn/framework3/trunk@12283 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 23:03:30 +00:00
82f5206bc7
change the filename to reflect the vendor
...
git-svn-id: file:///home/svn/framework3/trunk@12281 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 14:06:10 +00:00
a8947662db
old file hanging around
...
git-svn-id: file:///home/svn/framework3/trunk@12280 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 13:28:57 +00:00
bb26593da7
add osvdb ref. rename file to correct typo
...
git-svn-id: file:///home/svn/framework3/trunk@12279 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 12:41:18 +00:00
717fb83fc9
Added RealNetworks RealGames ActiveX exec arbitrary code execution
...
git-svn-id: file:///home/svn/framework3/trunk@12276 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 02:39:11 +00:00
53790c1afb
Change Vendor name, forgot one target uri fixup
...
git-svn-id: file:///home/svn/framework3/trunk@12275 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 23:31:12 +00:00
892e241853
Added Netflow Apps Manager Remote Code Execution exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12272 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 21:01:34 +00:00
904b02c44f
Need to track who committed what
...
git-svn-id: file:///home/svn/framework3/trunk@12271 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 21:01:20 +00:00
cacac970e1
Added privilege escalation to contentkeeperweb_mimencode exploit module.
...
git-svn-id: file:///home/svn/framework3/trunk@12265 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 11:02:48 +00:00
b90d6fc16f
Modified the heap spraying function. Each block size should be more consistent now.
...
git-svn-id: file:///home/svn/framework3/trunk@12264 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 07:27:38 +00:00
1c5f1f9d24
Fixed typo
...
git-svn-id: file:///home/svn/framework3/trunk@12263 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 06:15:47 +00:00
46d88f54f6
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12242 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-05 01:08:07 +00:00
0bea0233a0
add the slash =)
...
git-svn-id: file:///home/svn/framework3/trunk@12241 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-05 00:13:01 +00:00
ce7b72bfce
Use get_uri instead of manually building the path
...
git-svn-id: file:///home/svn/framework3/trunk@12240 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-05 00:08:36 +00:00
7816b87595
Added Zend Java Bridge exploit module java meterpreter ftw
...
git-svn-id: file:///home/svn/framework3/trunk@12239 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-04 23:39:27 +00:00
97a9056a1a
Added CVE-2010-3407 (IBM Lotus Domino iCalendar SMTP)
...
git-svn-id: file:///home/svn/framework3/trunk@12236 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-04 17:43:34 +00:00
8e61c108d3
typo fix
...
git-svn-id: file:///home/svn/framework3/trunk@12229 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-03 23:11:02 +00:00
8a627758f3
update description to remove blurb about ATSVC pipe, since it is no longer used
...
git-svn-id: file:///home/svn/framework3/trunk@12226 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-03 20:53:54 +00:00
f0673cb1ac
Tweak to work with FreeBSD, thx for the patch!
...
git-svn-id: file:///home/svn/framework3/trunk@12224 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-03 17:40:45 +00:00
cd9b742960
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@12202 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-01 14:00:49 +00:00
6dd44fa516
massive keywords cleanup
...
git-svn-id: file:///home/svn/framework3/trunk@12196 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-01 00:51:33 +00:00
045e75c0b6
Added ret addr for win server 2003 sp2 donated by Polar Bear
...
git-svn-id: file:///home/svn/framework3/trunk@12183 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-30 16:24:52 +00:00
9594829357
Remove the no longer needed require
...
git-svn-id: file:///home/svn/framework3/trunk@12181 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-29 18:11:39 +00:00
e0e8d986e7
Fix up psexec by adding a reqwuire for the wbemexec mixin
...
git-svn-id: file:///home/svn/framework3/trunk@12180 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-29 16:35:26 +00:00
904dd863d1
Remove the WBEM mixin until its actually checked in
...
git-svn-id: file:///home/svn/framework3/trunk@12179 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-29 15:26:08 +00:00
3a6a02e43c
add wbem exec method for psexec as optional, fix #3972 , thanks to pbk-df3 for patch
...
git-svn-id: file:///home/svn/framework3/trunk@12171 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-29 01:07:32 +00:00
ca21393c4b
remove debug print.
...
git-svn-id: file:///home/svn/framework3/trunk@12168 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-28 17:30:02 +00:00
0882f18ec0
add fix commit diff and fix broken cve reference
...
git-svn-id: file:///home/svn/framework3/trunk@12166 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-28 03:04:54 +00:00
24fd896bfb
add OSVDB reference back, conflict handling fail!
...
git-svn-id: file:///home/svn/framework3/trunk@12165 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-28 03:02:46 +00:00
1096d1c076
add a combined module for exploiting DRb. thanks joernchen!
...
git-svn-id: file:///home/svn/framework3/trunk@12161 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-27 20:00:06 +00:00
214751379f
Updated: using get_resource() instead of datastore['URIPATH']
...
git-svn-id: file:///home/svn/framework3/trunk@12156 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-27 03:56:45 +00:00
25ca59b56f
Added Win Vista and debug target
...
git-svn-id: file:///home/svn/framework3/trunk@12153 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 23:22:51 +00:00
349512f48d
Updated exploit ranking and description to reflect the new ranking
...
git-svn-id: file:///home/svn/framework3/trunk@12151 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 19:33:38 +00:00
81fae13258
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12147 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 12:05:48 +00:00
ff3659aa37
Lots of work to make this a lot more reliable =)
...
git-svn-id: file:///home/svn/framework3/trunk@12146 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 06:35:28 +00:00
eb7df0be8e
Updated how the trigger file should be loaded... the proper way.
...
git-svn-id: file:///home/svn/framework3/trunk@12140 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 00:07:36 +00:00
77ceadc6ad
Updated description and how the trigger file loads
...
git-svn-id: file:///home/svn/framework3/trunk@12139 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 22:49:11 +00:00
08f210ac52
Added CVE-2010-3275 (VLC AMV vulnerability)
...
git-svn-id: file:///home/svn/framework3/trunk@12137 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 21:03:12 +00:00
fa062b8f32
Sets the cmd stager's temp directory to "." which makes all the writes go to the local data directory for postgresql. This avoids the slashes issue reported by troulouliou and keeps all the uploaded files in one place for somewhat easier cleanup.
...
git-svn-id: file:///home/svn/framework3/trunk@12135 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 19:42:36 +00:00
5b79e6b4ec
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12132 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 11:28:57 +00:00
c162c0f429
added exploit module hp_nnm_getnnmdata_hostname.rb. now 49 on the list.
...
git-svn-id: file:///home/svn/framework3/trunk@12131 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 00:46:59 +00:00
e5ff1b030a
fixed Platform and Arch to be compatible with command payloads
...
git-svn-id: file:///home/svn/framework3/trunk@12125 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 15:53:20 +00:00
aa24f29a03
Fixed nops
...
git-svn-id: file:///home/svn/framework3/trunk@12124 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 13:51:13 +00:00
c9eef9ffe5
Fixed typo
...
git-svn-id: file:///home/svn/framework3/trunk@12123 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 13:31:58 +00:00
a05866385f
Added target 7.50, provided by MC
...
git-svn-id: file:///home/svn/framework3/trunk@12122 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 02:48:04 +00:00
d9dd2a3058
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12121 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 00:49:33 +00:00
342d55ac00
heh, a couple for the hp_nnm party. add exploit modules hp_nnm_getnnmdata_icount.rb hp_nnm_getnnmdata_maxage.rb
...
git-svn-id: file:///home/svn/framework3/trunk@12117 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 21:57:16 +00:00
1a42a87a65
Added 2011-0267 (exploiting "schdParams" of HP NNM's nnmRptConfig.exe)
...
git-svn-id: file:///home/svn/framework3/trunk@12116 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 21:35:13 +00:00
a3f68b97a6
Fix for 1.8.7 compatability, where regexes need escaped plusses.
...
git-svn-id: file:///home/svn/framework3/trunk@12115 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 21:24:09 +00:00
46cf938475
fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@12112 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 20:47:49 +00:00
b1178686cf
Fixes #3988 . Adds a command execution module for PostgreSQL by uploading a UDF library and adding sys_exec() as a temporary function. Requires the target to be Windows, uses Bernardo Damele A. G.'s binaries.
...
Also fixes a typo in the arguments to handler which clears up a heretofore mysterious exception (see exploit.rb).
git-svn-id: file:///home/svn/framework3/trunk@12111 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 19:36:07 +00:00
c0a0e3f217
small fix
...
git-svn-id: file:///home/svn/framework3/trunk@12110 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 19:02:38 +00:00
e706051bda
psexec : allow exploit to succeed on any r/w share
...
git-svn-id: file:///home/svn/framework3/trunk@12109 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 18:53:32 +00:00
e866eafb06
add keywords
...
git-svn-id: file:///home/svn/framework3/trunk@12106 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 16:59:19 +00:00
6fa39eb32c
merge my work on cve-2010-2703
...
git-svn-id: file:///home/svn/framework3/trunk@12101 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 16:04:45 +00:00
efd7b84cc5
change rank / add http fingerprint
...
git-svn-id: file:///home/svn/framework3/trunk@12100 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 16:02:53 +00:00
dd5e7f9286
merge in my wacky cve-2010-2709 work
...
git-svn-id: file:///home/svn/framework3/trunk@12099 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:55:52 +00:00
1460d161da
add exploit for cve-2010-1552
...
git-svn-id: file:///home/svn/framework3/trunk@12098 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:47:20 +00:00
11e442ed47
add exploit for cve-2010-1964
...
git-svn-id: file:///home/svn/framework3/trunk@12097 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:45:48 +00:00
6920376237
add exploit for cve-2010-1961
...
git-svn-id: file:///home/svn/framework3/trunk@12096 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:44:55 +00:00
46cd08e1aa
add exploit for cve-2010-1960
...
git-svn-id: file:///home/svn/framework3/trunk@12095 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 15:43:25 +00:00
ea47253814
Changed title for consistency
...
git-svn-id: file:///home/svn/framework3/trunk@12093 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 14:24:48 +00:00
89ec6ab5da
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12092 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 11:19:45 +00:00
8233030184
opps removed mixin require as well
...
git-svn-id: file:///home/svn/framework3/trunk@12091 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 04:41:48 +00:00
f8534f06dd
opps removed mixin reference =)
...
git-svn-id: file:///home/svn/framework3/trunk@12090 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 04:40:38 +00:00
d7266b6551
Add CVE-2011-0609 exploit for Adobe Flash
...
git-svn-id: file:///home/svn/framework3/trunk@12089 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 04:31:48 +00:00
422e5ae7b1
gone.
...
git-svn-id: file:///home/svn/framework3/trunk@12088 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 03:45:01 +00:00
c8ca48388d
filenamed fix
...
git-svn-id: file:///home/svn/framework3/trunk@12085 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 03:37:18 +00:00
1a34d81aab
Added CVE-2010-2703
...
git-svn-id: file:///home/svn/framework3/trunk@12083 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 03:23:06 +00:00
92d52daea8
Added NNM webappmon.exe OvJavaLocale overflow
...
git-svn-id: file:///home/svn/framework3/trunk@12082 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 03:21:56 +00:00
Mario Ceballos
Wei Chen
David Rude
Steve Tornio
Matt Weeks
HD Moore
James Lee
Tod Beardsley
Joshua Drake
Jonathan Cran
Patrick Webster
amaloteaux