9fa9402eb2
Better check and better follow redirect
2014-02-02 16:07:46 +00:00
0d3a40613e
Add auto 30x redirect to send_request_cgi
2014-02-02 15:03:44 +00:00
8b33ef1874
Not html its form-data...
2014-02-02 13:57:29 +00:00
7ddc6bcfa5
Final tidyup
2014-02-01 01:05:02 +00:00
486a9d5e19
Use msf branded djvu
2014-02-01 00:37:28 +00:00
fd1a507fda
Rename file
2014-02-01 00:27:32 +00:00
700c6545f0
Polished
2014-02-01 00:26:55 +00:00
5a883a4477
updated
2014-01-31 21:59:26 +01:00
7fa1522299
Initial commit
2014-01-31 18:51:18 +00:00
b67ac39a33
Land #2921 - Apache Struts Developer Mode OGNL Execution
2014-01-31 12:06:58 -06:00
60ead5de43
Explain why we flag the vuln as "Appears" instead of vulnerable
2014-01-31 12:05:58 -06:00
2fca2da9f7
Add an vprint message on check
2014-01-31 11:57:20 -06:00
356692f2f5
Land #2923 , @rangercha tomcat deploy module compatible with tomcat8
2014-01-31 10:53:53 -06:00
f6291eb9a8
updated
2014-01-31 14:33:18 +01:00
93db1c59af
Do small fixes
2014-01-30 17:16:43 -06:00
9daacf8fb1
Clean exploit method
2014-01-30 16:58:17 -06:00
4458dc80a5
Clean the find_csrf mehtod
2014-01-30 16:39:19 -06:00
697a86aad7
Organize a little bit the code
2014-01-30 16:29:45 -06:00
50317d44d3
Do more easy clean
2014-01-30 16:23:17 -06:00
1a9e6dfb2a
Allow check to detect platform and arch
2014-01-30 15:17:20 -06:00
b2273dce2e
Delete Automatic target
...
It isn't usefull at all, when auto targeting is done, the payload (java platform and arch)
has been already selected.
2014-01-30 15:04:08 -06:00
cebbe71dba
Do easy cleanup of exploit
2014-01-30 14:42:02 -06:00
c336133a8e
Do a first clean related to auto_target
2014-01-30 14:27:20 -06:00
57b8b49744
Clean query_manager
2014-01-30 14:20:02 -06:00
148e51a28b
Clean metadata and use TARGETURI
2014-01-30 14:03:52 -06:00
56287e308d
Clean up unused variables
2014-01-30 11:20:21 -06:00
e7ab77c736
added module for Oracle Forms and Reports
2014-01-30 14:45:17 +01:00
a49473181c
Added new module. Abuses tomcat manager upload page. Tested on tomcat 5.5.36, 6.0.37, 7.0.50, 8.0.0rc10
2014-01-27 09:04:59 -05:00
8fe74629fe
Allow send_request_cgi to take care of the uri encoding
2014-01-26 00:06:41 -06:00
37adf1251c
Delete privileged flag because is configuration dependant
2014-01-25 18:25:31 -06:00
038cb7a981
Add module for CVE-2012-0394
2014-01-25 18:17:01 -06:00
7c5229e2eb
Use opts hash for glassfish_deployer
...
https://dev.metasploit.com/redmine/issues/8498
2014-01-24 20:17:02 -06:00
cdc425e4eb
Update some checks
2014-01-24 12:08:23 -06:00
7f560a4b41
Oops, I broke this module
2014-01-22 11:23:18 -06:00
646f7835a3
Saving progress
2014-01-21 17:14:55 -06:00
85396b7af2
Saving progress
...
Progress group 4: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
2014-01-21 14:10:35 -06:00
689999c8b8
Saving progress
...
Progress group 3: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
2014-01-21 13:03:36 -06:00
e2fa581b8c
Delete empty line
2014-01-17 22:05:14 -06:00
57318ef009
Fix nil bug in jboss_invoke_deploy.rb
...
If there is a connection timeout, the module shouldn't access the
"code" method because that does not exist.
2014-01-17 11:47:18 -06:00
95a5d12345
Merge #2835 , #2836 , #2837 , #2838 , #2839 , #2840 , #2841 , #2842 into one branch
2014-01-13 10:57:09 -06:00
e79ccb08cb
Update rails_secret_deserialization.rb
...
When using aws-sdk with Ruby 2.1.0-rc1, many "Digest::Digest is deprecated; use Digest" warnings are printed.
Even in Ruby 1.8.7-p374, OpenSSL::Digest::Digest is only provided for backward compatibility.
2014-01-07 21:41:15 +01:00
1057cbafee
Remove deprecated linksys module.
2014-01-07 10:22:35 -06:00
c0a82ec091
Avoid specific versions in module names
...
They tend to be a lie and give people the idea that only that version is
vulnerable.
2014-01-06 13:47:24 -06:00
1cb671b02e
Merge branch 'adjust_getenv_api' into stop_abusing_expand_path
2014-01-03 08:14:02 +10:00
1b893a5c26
Add module for CVE-2013-3214, CVE-2013-3215
2014-01-02 11:25:52 -06:00
7f9f4ba4db
Make gsubs compliant with the new indentation standard
2013-12-31 11:06:53 -06:00
5b647ba6f8
Change description
...
Pre-auth is implied.
2013-12-23 02:33:17 -06:00
4816abe63b
Add module for ZDI-13-263
2013-12-19 17:48:52 -06:00
9fb081cb2d
Add getenvs, update getenv, change extract_path use
...
Stacks of modules were using `extract_path` where it wasn't really semantically correct
because this was the only way to expand environment variables. This commit fixes that
up a bit.
Also, I changed the existing `getenv` function in `stdapi` to `getenvs`, and had it
support the splat operator. I added a `getenv` function which is used just for a
single variable and uses `getenvs` behind the scenes.
The meterpreter console `getenv` command now uses `getenvs`
2013-12-19 11:54:34 +10:00
040619c373
Minor description changes
...
No code changes (one comment made on play_youtube to suggest xdg-open
rather than firefox for linux targets).
2013-12-16 14:57:33 -06:00
3d5501326b
Land #2743 , @Mekanismen's exploit for CVE-2013-0632
2013-12-10 10:00:30 -06:00
30960e973f
Do minor cleanup on coldfusion_rds
2013-12-10 09:59:36 -06:00
9a6e504bfe
fixed path error and description
2013-12-10 09:05:34 +01:00
313a98b084
moved coldfusion_rds to multi directory and fixed a bug
2013-12-10 08:45:27 +01:00
f77784cd0d
Land #2723 , @denandz's module for OSVDB-100423
2013-12-06 17:32:07 -06:00
3729c53690
Move uptime_file_upload to the correct location
2013-12-06 15:57:52 -06:00
230db6451b
Remove @peer for modules that use HttpClient
...
The HttpClient mixin has a peer() method, therefore these modules
should not have to make their own. Also new module writers won't
repeat the same old code again.
2013-12-03 12:58:16 -06:00
55847ce074
Fixup for release
...
Notably, adds a description for the module landed in #2709 .
2013-12-02 16:19:05 -06:00
41f8a34683
Use attempts
2013-12-02 08:43:22 -06:00
433d21730e
Add ATTEMPTS option
2013-12-02 08:42:25 -06:00
b9192c64aa
Fix @wchen-r7's feedback
2013-12-01 19:55:53 -06:00
3417c4442a
Make check really better
2013-11-30 09:47:34 -06:00
749e6bd65b
Do better check method
2013-11-30 09:46:22 -06:00
0a7c0eea78
Fix references
2013-11-29 23:13:07 -06:00
691d47f3a3
Add module for ZDI-13-255
2013-11-29 23:11:44 -06:00
57f4f68559
Land #2652 - Apache Roller OGNL Injection
2013-11-25 15:14:35 -06:00
cec4166766
Fix description
2013-11-20 12:49:22 -06:00
18e69bee8c
Make OGNL expressions compatible with struts 2.0.11.2
2013-11-20 12:42:10 -06:00
14c6ab4ca5
Add module for CVE-2013-4212
2013-11-19 10:25:52 -06:00
2c485c509e
Fix caps on module titles (first pass)
2013-11-15 00:03:42 -06:00
2035983d3c
Fix a handful of msftidy warnings, and XXX SSL
...
Marked the SSL stuff as something that needs to be resolved in order to
fix a future bug in datastore manipulation. Also, fixed some whitespace
and exec complaints
[SeeRM #8498 ]
2013-11-11 21:23:35 -06:00
84572c58a8
Minor fixup for release
...
* Adds some new refs.
* Fixes a typo in a module desc.
* Fixes a weird slash continuation for string building (See #2589 )
2013-11-04 12:10:38 -06:00
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
98224ee89f
CVE update for vtiger issue
2013-10-30 13:48:35 -05:00
344413b74d
Reorder refs for some reason.
2013-10-30 12:25:55 -05:00
32794f9d37
Move OpenBravo to aux module land
2013-10-30 12:20:04 -05:00
17d796296c
Un-dupe References for ispconfig
2013-10-30 12:03:35 -05:00
0d480f3a7d
Typo fix
2013-10-30 11:38:04 -05:00
97a4ca0752
Update references for FOSS modules
2013-10-30 11:36:16 -05:00
78381316a2
Add @brandonprry's seven new modules
...
Already reviewed privately, no associated PR.
2013-10-30 11:04:21 -05:00
5b76947767
Add a few more modules.
2013-10-30 10:25:48 -05:00
c4c171d63f
Clean processmaker_exec
2013-10-29 09:53:39 -05:00
3eed800b85
Add ProcessMaker Open Source Authenticated PHP Code Execution
2013-10-29 23:27:29 +10:30
2e8c369c69
Land #2559 - remove content-length
2013-10-22 16:03:42 -05:00
71fab72e06
Delete duplicate content-length from axis2_deployer
2013-10-21 15:35:51 -05:00
2aed8a3aea
Update modules to use new ZDI reference
2013-10-21 15:13:46 -05:00
10a4ff41de
Delete Content-Length duplicate header
2013-10-21 15:11:37 -05:00
032da9be10
Land #2426 - make use of Msf::Config.data_directory
2013-10-21 13:07:33 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
eab90e1a2e
Land #2491 , missing platform info update
2013-10-14 10:38:25 -05:00
0b93996b05
Clean and add Automatic target
2013-10-11 13:19:10 -05:00
9ca9b4ab29
Merge branch 'master' into data_dir
...
Conflicts:
lib/msf/core/auxiliary/jtr.rb
2013-10-10 19:55:26 +01:00
276ea22db3
Add VMware Hyperic HQ Groovy Script-Console Java Execution
2013-10-11 05:07:23 +10:30
0acb170ee8
Bug #8419 - Added platform info missing on exploits
2013-10-08 22:41:50 -04:00
4ba001d6dd
Put my short name to prevent conflicts.
2013-10-07 14:10:47 -05:00
ec6516d87c
Deprecate misnamed module.
...
* Renames to a linux linksys module.
2013-10-07 14:06:13 -05:00
113f89e40f
First set of fixes for gestioip_exec
2013-10-04 13:29:27 -05:00
9b79bb99e0
Add references, correct disclosure date
2013-10-04 09:59:26 -05:00
ab786d1466
Imply authentication when a password is set
2013-10-04 09:54:04 -05:00
Meatballs
Mekanismen
sinn3r
jvazquez-r7
William Vu
RangerCha
Niel Nielsen
Joe Vennix
Tod Beardsley
OJ
jvazquez-r7
bcoles
Winterspite