Commit Graph

144 Commits (f691652594e3ca9e6c035303755ace4f254d2aeb)

Author SHA1 Message Date
jvazquez-r7 51f3f59d2f cve and references available 2013-01-11 00:54:53 +01:00
jvazquez-r7 876d889d82 added exploit for j7u10 0day 2013-01-10 20:30:43 +01:00
jvazquez-r7 133ad04452 Cleanup of #1062 2012-12-07 11:55:48 +01:00
jvazquez-r7 b7f304f0db added build exec_payload.msi 2012-11-28 21:51:01 +01:00
jvazquez-r7 5076198ba2 fixing bperry comments 2012-11-11 20:18:19 +01:00
jvazquez-r7 8619c5291b Added module for CVE-2012-5076 2012-11-11 17:05:51 +01:00
David Maloney c30ada5eac Adds temp vbs mod and tweaked decoder stub 2012-11-04 12:49:15 -06:00
jvazquez-r7 b4485fdb2b added chm templates 2012-10-10 19:21:47 +02:00
h0ng10 2b6aa6bbdb Added Exploit for deployfilerepository via JMX 2012-09-03 13:50:16 -04:00
jvazquez-r7 363c0913ae changed dir names according to CVE 2012-08-28 16:33:01 +02:00
jvazquez-r7 52ca1083c2 Added java_jre17_exec 2012-08-27 11:25:04 +02:00
sinn3r f715527423 Improve CVE-2012-1535 2012-08-21 19:58:21 -05:00
sinn3r 13df1480c8 Add exploit for CVE-2012-1535 2012-08-17 12:16:54 -05:00
HD Moore 430351fe79 Better handle of module cache when db_connect is run manually 2012-07-10 23:56:48 -05:00
LittleLightLittleFire e9ac90f7b0 added CVE-2012-1723 2012-07-10 12:20:37 +10:00
Tod Beardsley 414214eb9d Permissions. 2012-06-28 11:42:37 -05:00
jvazquez-r7 6ec990ed85 Merge branch 'Openfire-auth-bypass' of https://github.com/h0ng10/metasploit-framework into h0ng10-Openfire-auth-bypass 2012-06-27 23:09:26 +02:00
h0ng10 428ae21928 Changed readme.html file (was from the statistics plugin) 2012-06-26 12:03:52 -04:00
h0ng10 6cc8390da9 Module rewrite, included Java support, direct upload, plugin deletion 2012-06-26 11:56:44 -04:00
HD Moore 6a91626d94 Permissions 2012-06-25 00:36:39 -05:00
h0ng10 65197e79e2 added Exploit for CVE-2008-6508 (Openfire Auth bypass) 2012-06-24 07:35:38 -04:00
jvazquez-r7 b891e868f5 Added actionscript and swf needed 2012-06-23 08:36:35 +02:00
sinn3r d7d314862f Need the trigger to actually make it work, duh! 2012-06-22 23:16:12 -05:00
Tod Beardsley 572fb4cb0c Permissions fix 2012-06-21 15:39:17 -05:00
Steven Seeley fcf42d3e7b added adobe flashplayer array indexing exploit (CVE-2011-2110) 2012-06-20 12:52:37 +10:00
HD Moore 5922ec1f7a Permissions 2012-06-12 15:20:25 -05:00
sinn3r 4743c9fb33 Add MS12-005 (CVE-2012-0013) exploit 2012-06-10 01:08:28 -05:00
HD Moore e8af6882eb Permissions 2012-06-06 20:05:29 -05:00
jvazquez-r7 93741770e2 Added module for CVE-2011-3400 2012-06-05 18:21:55 +02:00
jvazquez-r7 287d68f304 added module for CVE-2008-0320 2012-05-23 17:14:11 +02:00
jvazquez-r7 14d8ba00af Added batik svg java module 2012-05-17 16:48:38 +02:00
James Lee 7a05f3eab4 Mark failed logins as inactive 2012-05-08 16:51:22 -06:00
James Lee 318b14af4c Fix improper reporting and stack traces when we missed a banner
Also makes sure we delete the session if we got a 221 response, even if
we haven't seen a login yet.
2012-05-08 16:40:56 -06:00
James Lee 1eec1cebb5 Fix improper reporting
:proto is always tcp, udp, etc., name is the higher layer name
2012-05-08 16:39:32 -06:00
James Lee 536fa39ae8 Keep the client and the server on tracked tcp sessions 2012-05-08 16:38:12 -06:00
Alexandre Maloteaux 452cead1e9 Merge psnuffle ntlmv2 support from Alex Malateaux
Testing this with smbclient requires setting "client ntlmv2 auth = yes"
in /etc/samba/smb.conf

Squashed commit of the following:

commit 7acc32f5f00914fed355a080ca237543448f80ca
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date:   Thu Apr 12 01:52:49 2012 +0100

    psnuffle : move protocol filtering in load function

commit 9c9ae9711c760b4f072271b7e5993f9bf8366671
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date:   Thu Apr 12 01:50:48 2012 +0100

    psnuffle : add hash exctratiopn from smbv2 session

[Closes #327]
2012-05-08 13:41:42 -06:00
HD Moore f6005ba06e Permission change, ignore 2012-04-23 13:42:18 -05:00
sinn3r 9a00823828 Merge branch '0a2940-CVE-2008-5499_adobe_flashplayer_aslaunch' 2012-04-19 18:08:22 -05:00
Tod Beardsley 18d83ee6c1 Permissions fix for modicon_ladder.apx 2012-04-12 14:26:27 -05:00
0a2940 654701f1b2 new file: data/exploits/CVE-2008-5499.swf
new file:   external/source/exploits/CVE-2008-5499/Exploit.as
	new file:   modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 20:58:22 +01:00
Tod Beardsley 14d9953634 Adding DigitalBond SCADA modules 2012-04-05 12:35:48 -05:00
Tod Beardsley ab269ac4ec Permissions fix for exploit jar file 2012-04-02 09:27:35 -05:00
James Lee 025d905c01 Compiled jar with -target 1.2 so it works on older JVMs 2012-03-30 17:05:20 -06:00
sinn3r e018c6604f Modify CVE-2012-0507 2012-03-30 02:06:56 -05:00
Tod Beardsley bec8d40a6c File permissions fix 2012-03-29 16:24:31 -05:00
sinn3r 791ebdb679 Add CVE-2012-0507 (Java) 2012-03-29 10:31:14 -05:00
HD Moore c8c73b076d Permisssions (ignore) 2012-03-08 16:16:13 -06:00
HD Moore 3e6cbe9486 Add source code to the player 2012-03-08 15:23:10 -06:00
HD Moore b0db18674c Test out new player code 2012-03-08 15:05:12 -06:00
sinn3r f2eab70c3f Add swf file for CVE-2012-0754 2012-03-07 19:23:11 -06:00