infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,102 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

1832 Commits (f68fc02f9c13afca6e6c618c96e3797da01cdc7c)

Author SHA1 Message Date
Joshua Drake 2d145aef6a add exploit for Integard from the Corelan Team 
git-svn-id: file:///home/svn/framework3/trunk@10281 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-09 23:33:28 +00:00
Joshua Drake 5250ff20bb add svn:keywords, increase ranking, add browser version 
git-svn-id: file:///home/svn/framework3/trunk@10280 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-09 23:23:40 +00:00
Joshua Drake 66c428988f support exploit vista/7, still only 9.x tho 
git-svn-id: file:///home/svn/framework3/trunk@10279 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-09 22:49:31 +00:00
Joshua Drake 5de3146533 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10273 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-09 15:47:35 +00:00
Joshua Drake 2769087435 redacted 
git-svn-id: file:///home/svn/framework3/trunk@10270 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-09 03:39:29 +00:00
Steve Tornio f61827b0bb add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@10264 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-08 23:37:41 +00:00
Joshua Drake eaf8ef00d0 add initial version of cve-2010-2883 exploit 
git-svn-id: file:///home/svn/framework3/trunk@10263 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-08 23:05:18 +00:00
James Lee a9a312fa66 typo 
git-svn-id: file:///home/svn/framework3/trunk@10257 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-08 15:23:04 +00:00
James Lee 85126af521 add an exploit module for cve-2010-0094, thanks Matthias Kaiser. 
git-svn-id: file:///home/svn/framework3/trunk@10255 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-08 08:20:55 +00:00
Joshua Drake cef87782d7 fix some typos 
git-svn-id: file:///home/svn/framework3/trunk@10238 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-04 02:10:22 +00:00
Joshua Drake 471ae29269 remove extra copy of the payload 
git-svn-id: file:///home/svn/framework3/trunk@10227 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-03 00:43:44 +00:00
Joshua Drake ace873a37a update test notes 
git-svn-id: file:///home/svn/framework3/trunk@10204 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-31 17:55:43 +00:00
Steve Tornio 3c704ec753 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@10201 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-31 11:44:11 +00:00
Joshua Drake 3ab9a9b8d7 add Win7 IE8 target 
git-svn-id: file:///home/svn/framework3/trunk@10199 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 23:31:01 +00:00
Joshua Drake 561c861a3a add CVE reference 
git-svn-id: file:///home/svn/framework3/trunk@10196 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 21:52:45 +00:00
Joshua Drake 2d6a956763 update description 
git-svn-id: file:///home/svn/framework3/trunk@10194 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 20:50:52 +00:00
Joshua Drake f68fd01772 nudge reliability up 
git-svn-id: file:///home/svn/framework3/trunk@10193 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 20:44:43 +00:00
Joshua Drake a39639c56f add exploit for quicktime backdoor 
git-svn-id: file:///home/svn/framework3/trunk@10192 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 20:42:51 +00:00
Joshua Drake 467861ceb7 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10190 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-30 20:40:05 +00:00
Joshua Drake 430878e3e9 improve reliability, add automatic cleanup functionality (if using meterpreter paylad) 
git-svn-id: file:///home/svn/framework3/trunk@10170 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-27 17:24:19 +00:00
Joshua Drake 330281eadd see #684, adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues 
git-svn-id: file:///home/svn/framework3/trunk@10150 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-25 20:55:37 +00:00
James Lee 34eb75af73 overhaul smtp to add support for authentication and STARTTLS. can now send email through a gmail account 
git-svn-id: file:///home/svn/framework3/trunk@10148 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-25 20:31:46 +00:00
Joshua Drake bc56ae73a1 correct typo, thx jcran 
git-svn-id: file:///home/svn/framework3/trunk@10142 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-25 16:18:02 +00:00
Joshua Drake aac956db50 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10128 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-24 18:22:48 +00:00
Joshua Drake 52ebce48e9 add svn keywords 
git-svn-id: file:///home/svn/framework3/trunk@10127 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-24 18:22:34 +00:00
Joshua Drake 2e4757f4ae add no-js version of adobe_pdf_embedded_exe from Jeremy Conway 
git-svn-id: file:///home/svn/framework3/trunk@10126 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-24 18:20:16 +00:00
James Lee 2e13a330fa typo'd Matthias' name. i suck 
git-svn-id: file:///home/svn/framework3/trunk@10113 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-23 18:49:35 +00:00
Joshua Drake bf60098257 add exploit from dookie, thx! 
git-svn-id: file:///home/svn/framework3/trunk@10107 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-23 16:58:42 +00:00
HD Moore 65af96745f Set manual ranking until we have a vulnerable extension list added by default 
git-svn-id: file:///home/svn/framework3/trunk@10101 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-23 13:41:59 +00:00
HD Moore cc3554601f Tools for testing DLL hijack flaws 
git-svn-id: file:///home/svn/framework3/trunk@10100 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-23 05:43:47 +00:00
James Lee 90e89622c6 make it a little easier to distinguish these two from their output 
git-svn-id: file:///home/svn/framework3/trunk@10096 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-21 07:53:25 +00:00
James Lee 7381ab8b6d duh, dont actually need this 
git-svn-id: file:///home/svn/framework3/trunk@10093 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-21 07:19:49 +00:00
James Lee 6b08dfed61 Add exploit module for cve-2010-08040. This is an awesome bug and my description field doesn't do it justice 
git-svn-id: file:///home/svn/framework3/trunk@10092 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-21 06:38:29 +00:00
James Lee 56396a6d8b add java support to browser_autopwn 
git-svn-id: file:///home/svn/framework3/trunk@10089 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-20 20:49:33 +00:00
Joshua Drake a40c683754 set ranking to manual, since there is no default target 
git-svn-id: file:///home/svn/framework3/trunk@10082 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-20 18:13:07 +00:00
Steve Tornio 0e1ed07e73 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@10078 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-20 11:36:50 +00:00
James Lee d6af8743e9 add a simple test exploit for using java payloads 
git-svn-id: file:///home/svn/framework3/trunk@10072 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-20 06:57:57 +00:00
Joshua Drake 1cc13485ae bring ranking down 
git-svn-id: file:///home/svn/framework3/trunk@10070 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-19 23:55:59 +00:00
Joshua Drake 791af4b6c5 add exploit for sonicwall aventail activex format string 
git-svn-id: file:///home/svn/framework3/trunk@10069 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-19 23:52:11 +00:00
Joshua Drake 2545410bc7 make exe template names more consistent 
git-svn-id: file:///home/svn/framework3/trunk@10065 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-19 21:08:51 +00:00
Joshua Drake dc3e099f5b remove custom function in favor of new NO RECV flags to smb client methods 
git-svn-id: file:///home/svn/framework3/trunk@10040 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-18 17:24:46 +00:00
Joshua Drake 9cc66b39dd indicate not to attempt to read a resposne 
git-svn-id: file:///home/svn/framework3/trunk@10039 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-18 17:21:56 +00:00
Joshua Drake c551f8d2ee add note about authentication to module description, see #2405 
git-svn-id: file:///home/svn/framework3/trunk@10035 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-18 03:26:35 +00:00
Tod Beardsley 6d6a547b34 Fixes #2412. Adds a creds table, modifies the db_report_auth API, adds the db_creds and db_add_cred commands. 
git-svn-id: file:///home/svn/framework3/trunk@10034 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-18 00:58:20 +00:00
Joshua Drake 2aad6188d7 add ws2ord payload compat 
git-svn-id: file:///home/svn/framework3/trunk@10024 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-17 01:35:03 +00:00
Joshua Drake 4f9ed0e4e9 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10022 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-16 17:12:16 +00:00
James Lee 73081e319f allow multi/handler to work with java 
git-svn-id: file:///home/svn/framework3/trunk@10020 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-16 16:34:55 +00:00
Joshua Drake 6243d8fe2a change existing to_win*pe_service uses to pass a hash instead of a string, r10016+this fixes #2398 
git-svn-id: file:///home/svn/framework3/trunk@10017 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-14 20:43:43 +00:00
Joshua Drake 5f0d68d883 add exploit for cve-2010-1799 
git-svn-id: file:///home/svn/framework3/trunk@10011 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-13 23:11:23 +00:00
Joshua Drake acb82fa857 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@10010 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-13 23:11:14 +00:00
Joshua Drake 1b31a44b57 move riff support from ani_loadimage browser sploit to mixin 
git-svn-id: file:///home/svn/framework3/trunk@9984 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-12 16:56:41 +00:00
HD Moore 040a292181 Create a new mixin that changes SMBUser/SMBPass to normal options, include this mixin within SMB modules that more often than not require authentication 
git-svn-id: file:///home/svn/framework3/trunk@9981 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-12 15:00:58 +00:00
Joshua Drake d540818f01 split http exploit mixin into http/server and http/client 
git-svn-id: file:///home/svn/framework3/trunk@9971 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-07 06:59:16 +00:00
Steve Tornio cc81905c11 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9968 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-07 00:51:52 +00:00
Mario Ceballos b50f5fd0fe update from dookie. 
git-svn-id: file:///home/svn/framework3/trunk@9967 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-06 23:16:20 +00:00
Mario Ceballos 18f8624a47 fix from Brennon Thomas. 
git-svn-id: file:///home/svn/framework3/trunk@9966 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-06 20:12:51 +00:00
Joshua Drake 92e9eb93f3 add wm downloader exploit from dookie 
git-svn-id: file:///home/svn/framework3/trunk@9965 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-06 20:09:04 +00:00
Joshua Drake b93462a27f add msb and rename module 
git-svn-id: file:///home/svn/framework3/trunk@9956 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-04 02:21:33 +00:00
Joshua Drake 459c046ac2 add msb and rename module 
git-svn-id: file:///home/svn/framework3/trunk@9955 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-04 02:21:20 +00:00
Joshua Drake b473cda7d9 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9953 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-03 16:17:43 +00:00
Joshua Drake 2f384cde82 add alias for calling Msf::Exploit regenerate_payload explicitly -- fixes #2312 
git-svn-id: file:///home/svn/framework3/trunk@9950 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-03 15:14:34 +00:00
Steve Tornio 8ccc8a290e add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9949 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-03 12:04:42 +00:00
Patrick Webster 6f5040412b Added exploit module amlibweb_webquerydll_app. 
git-svn-id: file:///home/svn/framework3/trunk@9948 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-03 09:07:09 +00:00
James Lee e1ed341136 remove debug prints 
git-svn-id: file:///home/svn/framework3/trunk@9938 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-27 21:05:41 +00:00
Steve Tornio 580eb5aaac add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9936 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-27 03:14:46 +00:00
Joshua Drake a31e133e80 add 3 easy ftp server exploits, 1 chemview activex 
git-svn-id: file:///home/svn/framework3/trunk@9935 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-27 02:25:15 +00:00
Joshua Drake 73ef3db468 fix statement order, lol 
git-svn-id: file:///home/svn/framework3/trunk@9934 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-26 23:22:42 +00:00
Joshua Drake f4103fd7f5 increase ranking 
git-svn-id: file:///home/svn/framework3/trunk@9933 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-26 19:30:02 +00:00
Joshua Drake 2448f6b1a8 fix lnk file generation, tested OK on win7 x86 
git-svn-id: file:///home/svn/framework3/trunk@9930 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-26 01:51:17 +00:00
Joshua Drake f6033b9bd6 change some print_status to print_error, rename a few msft modules using msb convention 
git-svn-id: file:///home/svn/framework3/trunk@9929 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-25 21:37:54 +00:00
Joshua Drake 2482a83526 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9927 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-25 19:14:00 +00:00
HD Moore 12d8aad562 Fix the filename to bypass outlook filters (patch from Yorick). 
git-svn-id: file:///home/svn/framework3/trunk@9926 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-25 17:31:04 +00:00
HD Moore 92ad463657 Make the title consistent 
git-svn-id: file:///home/svn/framework3/trunk@9925 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-25 16:04:22 +00:00
HD Moore 3a8bbbd295 Match the browser module 
git-svn-id: file:///home/svn/framework3/trunk@9924 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-25 16:02:51 +00:00
HD Moore 3c505a7b10 Rename ani to match msb 
git-svn-id: file:///home/svn/framework3/trunk@9923 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-25 16:02:26 +00:00
HD Moore 8eab8d79e0 Adds two exploit modules for ms10-045 from Yorick Koster 
git-svn-id: file:///home/svn/framework3/trunk@9922 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-25 16:00:52 +00:00
Joshua Drake 136c8d2ecc change print_status to print_error 
git-svn-id: file:///home/svn/framework3/trunk@9919 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-24 21:38:57 +00:00
Joshua Drake 84e3a95d2b yield the session faster by not waiting for a response 
git-svn-id: file:///home/svn/framework3/trunk@9911 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-21 23:40:34 +00:00
Steve Tornio 018af7f690 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9906 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-21 21:09:54 +00:00
Joshua Drake 719ce5d551 use ntlm explicitly, fixes #2158 
git-svn-id: file:///home/svn/framework3/trunk@9900 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-21 06:04:20 +00:00
Joshua Drake 2ccf0a0c81 add UNCHOST var, remove \r chars 
git-svn-id: file:///home/svn/framework3/trunk@9897 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-21 00:02:47 +00:00
Joshua Drake dd7a8178d7 actually use Msf::Exploit::EXE 
git-svn-id: file:///home/svn/framework3/trunk@9896 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-21 00:02:04 +00:00
Joshua Drake 1ca054ba53 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9893 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 23:28:47 +00:00
HD Moore 99e2c9aa72 Looks like my initial testing was wrong - you can trigger this entirely through HTTP with a meta refresh, just not with a 301 (IE only). 
git-svn-id: file:///home/svn/framework3/trunk@9888 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 19:54:56 +00:00
Joshua Drake 786ccb3d5f add support for OWC11 (from DSR!) 
git-svn-id: file:///home/svn/framework3/trunk@9883 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 06:24:19 +00:00
HD Moore d388c1bc4f Handle unknown requests in a cleaner way 
git-svn-id: file:///home/svn/framework3/trunk@9879 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 03:08:43 +00:00
James Lee 08d705c1db add java meterpreter and update java_calendar_deserialize to be able to use it, see #406 
git-svn-id: file:///home/svn/framework3/trunk@9874 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 00:53:24 +00:00
Joshua Drake e30164e09e possibly fix a bug 
git-svn-id: file:///home/svn/framework3/trunk@9873 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-20 00:23:18 +00:00
Steve Tornio 3674a11fa5 add osvdb refs 
git-svn-id: file:///home/svn/framework3/trunk@9870 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-19 23:02:22 +00:00
HD Moore fcd23fbdce Adds coverage for the Windows Shell LNK code execution flaw (CVE-2010-2568) 
git-svn-id: file:///home/svn/framework3/trunk@9869 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-19 22:36:26 +00:00
Joshua Drake 45303646d4 switch to using jmp ecx :-/ 
git-svn-id: file:///home/svn/framework3/trunk@9854 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-17 04:34:39 +00:00
Joshua Drake 899ecc2604 use a more indirect method, more reliable 
git-svn-id: file:///home/svn/framework3/trunk@9852 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-17 01:28:27 +00:00
Joshua Drake 3b4c732ec0 typos 
git-svn-id: file:///home/svn/framework3/trunk@9843 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-16 03:34:22 +00:00
Joshua Drake d07e613504 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9842 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-16 02:33:25 +00:00
Joshua Drake f4f1c1105d add exploit for cve-2010-2063 
git-svn-id: file:///home/svn/framework3/trunk@9841 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-16 02:31:37 +00:00
Joshua Drake 9e360f19e0 ignore timeout errors, see #2260 
git-svn-id: file:///home/svn/framework3/trunk@9839 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-15 20:54:03 +00:00
Joshua Drake b73e13bd62 add xpsp1-jp target from Masashi, fixes #2255 
git-svn-id: file:///home/svn/framework3/trunk@9838 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-15 20:18:34 +00:00
HD Moore fb57dde60c Do not spew HTML to the screen 
git-svn-id: file:///home/svn/framework3/trunk@9829 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-14 18:23:47 +00:00
HD Moore bb67f56ee8 Clean up two samba modules to prevent them from brute forcing invalid targets 
git-svn-id: file:///home/svn/framework3/trunk@9828 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-14 17:27:23 +00:00
Joshua Drake ccd4416b5f add another httpfingerprint, thx again mc 
git-svn-id: file:///home/svn/framework3/trunk@9820 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-14 13:59:38 +00:00
Joshua Drake edb593987a add more http fingerprints, thx mc 
git-svn-id: file:///home/svn/framework3/trunk@9818 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-14 00:02:21 +00:00
Mario Ceballos 21babc2bfa updated due to reliability. all payloads work now. 
git-svn-id: file:///home/svn/framework3/trunk@9814 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 22:38:44 +00:00
Joshua Drake 6d23204c6f add more http fingerprints 
git-svn-id: file:///home/svn/framework3/trunk@9812 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 22:11:40 +00:00
HD Moore 24800ca1ec Add reference for the help center bug 
git-svn-id: file:///home/svn/framework3/trunk@9810 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 19:31:40 +00:00
HD Moore 19f1583ba5 Change to match MSB 
git-svn-id: file:///home/svn/framework3/trunk@9809 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 19:30:47 +00:00
HD Moore edae6e2d02 Change to match MSB 
git-svn-id: file:///home/svn/framework3/trunk@9808 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 19:30:36 +00:00
James Lee 9891ea5374 Typo which caused this exploit never to get run in browser_autopwn 
git-svn-id: file:///home/svn/framework3/trunk@9802 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 09:03:56 +00:00
Joshua Drake 4b5f4b896a add a note about why this module is not an HttpClient module 
git-svn-id: file:///home/svn/framework3/trunk@9798 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-12 23:25:49 +00:00
Joshua Drake 16ff17c9d1 add more http fingerprints -- thx mc 
git-svn-id: file:///home/svn/framework3/trunk@9797 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-12 23:25:31 +00:00
James Lee a5786cdc64 stop using some older exploits in browser_autopwn in favor of ie_behaviors which works on more versions 
git-svn-id: file:///home/svn/framework3/trunk@9787 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-12 02:51:50 +00:00
James Lee 9f37d46f7b minimize autopwn settings 
git-svn-id: file:///home/svn/framework3/trunk@9784 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-11 23:21:04 +00:00
James Lee 28e40bdc9f add java_calendar_deserialize to browser_autopwn 
git-svn-id: file:///home/svn/framework3/trunk@9783 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-11 23:16:51 +00:00
Joshua Drake c1f74794eb style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9744 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-08 23:34:50 +00:00
Joshua Drake 663b863b6d http fingerprint checking update 
git-svn-id: file:///home/svn/framework3/trunk@9719 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 17:38:59 +00:00
Joshua Drake 389259c5d4 reworked module significantly, updated for latest installer from badblue.com, added http_fingerprint 
git-svn-id: file:///home/svn/framework3/trunk@9705 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 06:54:20 +00:00
Joshua Drake 163d273dff convert module to HttpClient, check fingerprint -- untested 
git-svn-id: file:///home/svn/framework3/trunk@9704 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 01:43:12 +00:00
Joshua Drake dfce4901fe change error message 
git-svn-id: file:///home/svn/framework3/trunk@9703 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 01:34:11 +00:00
Joshua Drake d84c519678 switch to HttpClient, check fingerprint first 
git-svn-id: file:///home/svn/framework3/trunk@9702 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 01:33:38 +00:00
Joshua Drake a018149278 check fingerprint first 
git-svn-id: file:///home/svn/framework3/trunk@9701 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 01:33:03 +00:00
Joshua Drake 81cce81969 convert modules to HttpClient, use http_fingerprint 
git-svn-id: file:///home/svn/framework3/trunk@9700 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 01:22:26 +00:00
Joshua Drake ac267c5856 minor tweaks 
git-svn-id: file:///home/svn/framework3/trunk@9697 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-06 22:15:16 +00:00
Joshua Drake 8c0e5fdf73 fix references, whitespace 
git-svn-id: file:///home/svn/framework3/trunk@9696 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-06 21:59:16 +00:00
Joshua Drake e5bf3301fb note ORD recommendation 
git-svn-id: file:///home/svn/framework3/trunk@9695 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-06 21:58:57 +00:00
Joshua Drake 11bb8dee28 convert to httpclient module, use fingerprint 
git-svn-id: file:///home/svn/framework3/trunk@9694 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-06 21:54:58 +00:00
Joshua Drake a3d901a6b9 various minor fixes, some added fingerprinting 
git-svn-id: file:///home/svn/framework3/trunk@9671 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 06:21:31 +00:00
Joshua Drake c7f5ba801c add lots of disclosure dates from OSVDB (missed a few) 
git-svn-id: file:///home/svn/framework3/trunk@9670 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 03:19:07 +00:00
Joshua Drake 7d945ed9dc add lots of disclosure dates from OSVDB 
git-svn-id: file:///home/svn/framework3/trunk@9669 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 03:13:45 +00:00
Joshua Drake 56ea22716e oops, broke the tree 
git-svn-id: file:///home/svn/framework3/trunk@9668 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 01:38:15 +00:00
Joshua Drake 9984b662e0 switch some URL references to US-CERT-VU type 
git-svn-id: file:///home/svn/framework3/trunk@9666 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-03 01:09:32 +00:00
Joshua Drake f6f954a18c add missing CVE/OSVDB references, plenty still missing *wink wink* 
git-svn-id: file:///home/svn/framework3/trunk@9659 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-02 00:10:51 +00:00
Joshua Drake 0882838491 ensure binary mode when opening files, whitespace fixes 
git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 23:33:07 +00:00
Joshua Drake b9a4105786 see #1000, remove encoder in favor of auto-selection 
git-svn-id: file:///home/svn/framework3/trunk@9648 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 21:35:10 +00:00
Joshua Drake bfaa9a9a6f modify badchars, minor cleanups, fixes #1000 
git-svn-id: file:///home/svn/framework3/trunk@9647 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 21:31:51 +00:00
Joshua Drake 8676a88ce3 fix typo, thx chad 
git-svn-id: file:///home/svn/framework3/trunk@9646 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 20:35:56 +00:00
Joshua Drake c1c64e5bc0 add exploits from dookie for ufo alian invasion on osx/windows 
git-svn-id: file:///home/svn/framework3/trunk@9643 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 19:54:48 +00:00
Joshua Drake 93b09648c7 add additional CVE reference, cleanup references 
git-svn-id: file:///home/svn/framework3/trunk@9642 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-01 19:42:11 +00:00
James Lee 571aeb119c make this much less verbose. 
git-svn-id: file:///home/svn/framework3/trunk@9634 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-28 23:42:50 +00:00
Joshua Drake b5aac2860c add DEP bypass targets for XPSP2 and 2k3SP1, add 2k3 SP0 target 
git-svn-id: file:///home/svn/framework3/trunk@9632 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-28 16:01:23 +00:00
Joshua Drake 12fbdcd878 add http_fingerprint calls to modules that use various headers 
git-svn-id: file:///home/svn/framework3/trunk@9627 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-25 20:53:12 +00:00
HD Moore 816b769b3f Add a 10 second timeout, remove Wfs 
git-svn-id: file:///home/svn/framework3/trunk@9624 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-25 16:09:33 +00:00
HD Moore 453c9fc3c4 Increases the WfsDelay 
git-svn-id: file:///home/svn/framework3/trunk@9623 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-25 15:03:09 +00:00
James Lee 73c680eeff reduce the timeout. it's annoying to have to wait 25 seconds for my shell 
git-svn-id: file:///home/svn/framework3/trunk@9621 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-25 05:45:15 +00:00
Joshua Drake 3cb116db99 clarify limitations, update to use PrintfUtil encoder 
git-svn-id: file:///home/svn/framework3/trunk@9614 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-24 22:39:54 +00:00
James Lee e47f38365d make the description a little more descriptive. 
git-svn-id: file:///home/svn/framework3/trunk@9611 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-24 18:34:37 +00:00
Joshua Drake 48994d234a oops, remove java from platform list 
git-svn-id: file:///home/svn/framework3/trunk@9609 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-24 16:38:24 +00:00
James Lee 43799f505b not a command execution anymore. 
git-svn-id: file:///home/svn/framework3/trunk@9601 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-23 23:12:59 +00:00
James Lee 1f957891fb ARCH_CMD -> ARCH_PHP. tested with php/reverse_php and php/meterpreter[/_]reverse_tcp. see #2105 
git-svn-id: file:///home/svn/framework3/trunk@9598 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-23 22:51:50 +00:00
Joshua Drake 099b90b0d6 another update for jboss stuff, thanks Patrick! 
git-svn-id: file:///home/svn/framework3/trunk@9596 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-23 22:25:03 +00:00
Joshua Drake 9d86466285 clean up whitespace 
git-svn-id: file:///home/svn/framework3/trunk@9587 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-22 23:57:05 +00:00
Joshua Drake 58cbf5d6ad oops, fixed app_base mistake 
git-svn-id: file:///home/svn/framework3/trunk@9586 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-22 23:10:30 +00:00
Tod Beardsley 9d46383040 Fixes #2134. Subs select for sleep in exploit modules. 
git-svn-id: file:///home/svn/framework3/trunk@9583 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-22 19:11:05 +00:00
Mario Ceballos 9780efabdd missed Version 
git-svn-id: file:///home/svn/framework3/trunk@9578 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-22 01:24:52 +00:00
Mario Ceballos ccece11b9b changed from the orignal method, thanks patrick. 
git-svn-id: file:///home/svn/framework3/trunk@9577 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-22 01:08:02 +00:00
Joshua Drake 752905a777 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9571 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-21 16:53:52 +00:00
Joshua Drake 19742afb38 use pack instead of Base64 
git-svn-id: file:///home/svn/framework3/trunk@9569 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-21 16:45:26 +00:00
Joshua Drake 4ceb936533 some jboss updates, much thanks to Patrick Hof 
git-svn-id: file:///home/svn/framework3/trunk@9568 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-21 16:26:14 +00:00
Joshua Drake f951dca1b2 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9566 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-21 05:59:53 +00:00
Joshua Drake 2c91164494 allow x64 payloads to be used with psexec 
git-svn-id: file:///home/svn/framework3/trunk@9565 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-21 03:49:39 +00:00
Joshua Drake 121fe70e65 oops, fix error when printing error message 
git-svn-id: file:///home/svn/framework3/trunk@9552 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-17 22:11:43 +00:00
Joshua Drake a040b3708a add some MSB numbers that were missing, rename ms08-070 msmask32 module 
git-svn-id: file:///home/svn/framework3/trunk@9532 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 23:49:17 +00:00
Joshua Drake 79190edba3 throw an error when ExitOnSession is false with no job_id 
git-svn-id: file:///home/svn/framework3/trunk@9526 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 17:25:14 +00:00
Joshua Drake fa505a4069 various fixes, mostly consistency changes to disclosure dates 
git-svn-id: file:///home/svn/framework3/trunk@9525 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 07:18:08 +00:00
Joshua Drake 30f3e8fda2 silly minor fix 
git-svn-id: file:///home/svn/framework3/trunk@9524 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 07:16:51 +00:00
Joshua Drake 4ce87baa27 fix name string 
git-svn-id: file:///home/svn/framework3/trunk@9523 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 07:16:18 +00:00
Joshua Drake c65ed27857 convert osx/solaris versions to use brute mixin, see #2 
git-svn-id: file:///home/svn/framework3/trunk@9522 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 07:16:04 +00:00
Joshua Drake afddb802ea add freebsd version, see #2 
git-svn-id: file:///home/svn/framework3/trunk@9519 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 05:45:43 +00:00
Joshua Drake 09f4c42aee fix whitespace 
git-svn-id: file:///home/svn/framework3/trunk@9518 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-15 05:44:29 +00:00
Joshua Drake 0bc6d38294 tested succesfully on rh9 w/samba, see #2 
git-svn-id: file:///home/svn/framework3/trunk@9515 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-14 22:54:03 +00:00
Steve Tornio fcb05df3d8 add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9510 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-13 12:41:48 +00:00
HD Moore 843d632d55 Change the advisory link 
git-svn-id: file:///home/svn/framework3/trunk@9504 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-12 19:33:42 +00:00
HD Moore cb9a3211ee Exploit for the UnrealIRCD backdoor 
git-svn-id: file:///home/svn/framework3/trunk@9503 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-12 19:25:48 +00:00
Joshua Drake 698da3bdea add CVE for cognos express 
git-svn-id: file:///home/svn/framework3/trunk@9502 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-12 09:37:21 +00:00
Joshua Drake b8c8880e44 re-enable exploitation of cve-2003-0201 on linux, see #2 
git-svn-id: file:///home/svn/framework3/trunk@9500 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-12 04:28:01 +00:00
Joshua Drake 1961ee2a7e minor whitespace fixes 
git-svn-id: file:///home/svn/framework3/trunk@9499 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-12 04:27:25 +00:00
natron 7cbc566c7b Bug fixes for WMP11 and IE8, new configurable setting for exploit trigger, and output cleanup. 
git-svn-id: file:///home/svn/framework3/trunk@9495 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 20:54:35 +00:00
Joshua Drake 85973b68dd comment out EXETEMPLATE setting until #2046 is resolved 
git-svn-id: file:///home/svn/framework3/trunk@9492 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 17:56:37 +00:00
Joshua Drake 75b906ac4c switch to %uFFFF per secunia analysis, fix regexp handling 
git-svn-id: file:///home/svn/framework3/trunk@9491 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 17:40:42 +00:00
Joshua Drake cb69258fb2 fix regexp handling 
git-svn-id: file:///home/svn/framework3/trunk@9490 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 17:40:12 +00:00
Joshua Drake e32abab8dc a HTTP -> an HTTP (http://www.english-zone.com/grammar/a-anlessn.html) 
git-svn-id: file:///home/svn/framework3/trunk@9488 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 16:12:05 +00:00
Joshua Drake 565397e989 fix CVE reference -- shakes stick 
git-svn-id: file:///home/svn/framework3/trunk@9487 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 16:10:12 +00:00
Joshua Drake c62b62d35d style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9486 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 15:17:23 +00:00
Steve Tornio e2f4a6ad0d add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9485 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 10:39:41 +00:00
HD Moore 7c87a96e65 Add CVE from Kurt S. 
git-svn-id: file:///home/svn/framework3/trunk@9484 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 06:49:54 +00:00
natron f4394bf0e0 Initial commit for Tavis Ormandy's Help Ctr bug. Needs improvement on stealthiness, but works for now. 
-n


git-svn-id: file:///home/svn/framework3/trunk@9483 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-11 06:10:08 +00:00
Joshua Drake 619d088ada updated test results 
git-svn-id: file:///home/svn/framework3/trunk@9477 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-10 20:55:17 +00:00
Joshua Drake d26ebfa365 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9476 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-10 20:31:21 +00:00
Joshua Drake 07ed2d636c add browser version of cve-2010-1297 
git-svn-id: file:///home/svn/framework3/trunk@9475 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-10 20:28:05 +00:00
Joshua Drake 1434aa8f23 add fileformat exploit for cve-2010-1297 
git-svn-id: file:///home/svn/framework3/trunk@9473 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-10 19:52:43 +00:00
Joshua Drake d8609b85e3 style compliance fixes 
git-svn-id: file:///home/svn/framework3/trunk@9460 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-09 18:41:58 +00:00
Steve Tornio 816a149e2d add osvdb ref 
git-svn-id: file:///home/svn/framework3/trunk@9459 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-09 18:25:32 +00:00
HD Moore f64604e968 Merge in the evocam module 
git-svn-id: file:///home/svn/framework3/trunk@9456 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-09 16:40:48 +00:00
Joshua Drake f0c82d8646 add svn keywords 
git-svn-id: file:///home/svn/framework3/trunk@9430 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 16:34:37 +00:00
Mario Ceballos 167e4289c4 put it back. will not play with svn for a month. 
git-svn-id: file:///home/svn/framework3/trunk@9425 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 14:55:51 +00:00
Mario Ceballos c5925ca37e oops, not yet. 
git-svn-id: file:///home/svn/framework3/trunk@9424 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 14:48:15 +00:00
Mario Ceballos 2444978286 remove it 
git-svn-id: file:///home/svn/framework3/trunk@9423 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 14:46:22 +00:00
Mario Ceballos 2f8c342b54 added initial coverage for BID-39114 
git-svn-id: file:///home/svn/framework3/trunk@9419 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 13:36:29 +00:00
Joshua Drake b143172fff bump ranking up 
git-svn-id: file:///home/svn/framework3/trunk@9416 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 01:14:59 +00:00
Joshua Drake 26480092e0 add exploit for sompl m3u parsing - from dookie 
git-svn-id: file:///home/svn/framework3/trunk@9415 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 01:11:31 +00:00
Joshua Drake d7f2324b7b update the set_ecx method to work on both win7 and xpsp3 
git-svn-id: file:///home/svn/framework3/trunk@9414 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-04 00:47:14 +00:00
Joshua Drake 0a907a2e6f add exploit for cve-2009-0546 
git-svn-id: file:///home/svn/framework3/trunk@9405 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-03 05:10:45 +00:00