jvazquez-r7
8ed13b1d1b
Add linux support for CVE-2014-0515
2015-06-11 16:18:50 -05:00
wchen-r7
ae21b0c260
Land #5523 , adobe_flash_domain_memory_uaf in the flash renderer
2015-06-10 16:59:19 -05:00
wchen-r7
4c5b1fbcef
Land #5522 , adobe_flash_worker_byte_array_uaf in the flash renderer
2015-06-10 14:49:41 -05:00
jvazquez-r7
6c7ee10520
Update to use the new flash Exploiter
2015-06-10 13:52:43 -05:00
wchen-r7
d622c782ef
Land #5519 , adobe_flash_uncompress_zlib_uninitialized in the flash renderer
2015-06-10 11:52:47 -05:00
wchen-r7
667db8bc30
Land #5517 , adobe_flash_casi32_int_overflow (exec from the flash renderer)
2015-06-10 11:39:13 -05:00
William Vu
b23647d5ae
Land #5521 , @todb-r7's module cleanup
2015-06-10 11:29:41 -05:00
Tod Beardsley
0d979f61ae
Minor fixups on newish modules
2015-06-10 11:09:42 -05:00
jvazquez-r7
fb531d0069
Update version coverage
2015-06-10 09:38:00 -05:00
jvazquez-r7
a6fe383852
Use AS Exploiter
2015-06-10 09:32:52 -05:00
jvazquez-r7
e5d6c9a3cb
Make last code cleanup
2015-06-09 16:01:57 -05:00
jvazquez-r7
cf8c6b510b
Debug version working
2015-06-09 15:46:21 -05:00
William Vu
9fa423464c
Fix #5224 , comma fixes
...
My fault for missing these.
2015-06-09 14:28:01 -05:00
William Vu
8a69704d3e
Fix up commas
2015-06-09 14:27:35 -05:00
William Vu
d31a59cd22
Fix #5224 , altered option description
2015-06-09 14:15:58 -05:00
William Vu
cc8650f98a
Fix TMPPATH description
2015-06-09 14:15:18 -05:00
William Vu
9c97da3b7c
Land #5224 , ProFTPD mod_copy exploit
2015-06-09 14:11:27 -05:00
William Vu
5ab882a8d4
Clean up module
2015-06-09 14:10:46 -05:00
jvazquez-r7
b7f0fad72f
Modify CVE-2014-0569 to use the flash exploitation code
2015-06-09 11:31:39 -05:00
wchen-r7
ea33d7060e
Correct ranking
2015-06-05 21:07:27 -05:00
wchen-r7
ff39e32cc6
Single quote
2015-06-05 21:06:57 -05:00
wchen-r7
ee13a215e9
Merge branch 'upstream-master' into bapv2
2015-06-05 14:09:07 -05:00
jvazquez-r7
318f67fcda
update descriptions
2015-06-05 09:01:20 -05:00
wchen-r7
71a8487091
Correct Flash version in the module description
...
There is no 11.2.202.404, mang.
2015-06-04 23:46:41 -05:00
wchen-r7
5f4b2ed22a
Newline
2015-06-04 23:36:36 -05:00
wchen-r7
69968fc9f1
Merge branch 'upstream-master' into bapv2
2015-06-04 23:36:24 -05:00
jvazquez-r7
02181addc5
Update CVE-2014-0556
2015-06-04 18:23:50 -05:00
wchen-r7
23df66bf3a
Land #5481 , no powershell. exec shellcode from the renderer process.
2015-06-04 15:45:09 -05:00
jvazquez-r7
ab68d8429b
Add more targets
2015-06-04 12:11:53 -05:00
wchen-r7
be709ba370
Merge branch 'upstream-master' into bapv2
2015-06-04 10:33:07 -05:00
wchen-r7
744baf2d44
Update kloxo_sqli to use the new cred API
2015-06-03 23:28:35 -05:00
jvazquez-r7
80cb70cacf
Add support for Windows 8.1/Firefox
2015-06-03 22:46:04 -05:00
wchen-r7
78e4677bb1
Oops it blew up
2015-06-03 20:10:01 -05:00
wchen-r7
a0aa6135c5
Update ca_arcserve_rpc_authbypass to use the new cred API
2015-06-03 20:02:07 -05:00
jvazquez-r7
74117a7a52
Allow to execute payload from the flash renderer
2015-06-03 16:33:41 -05:00
Pedro Ribeiro
d5b33a0074
Update sysaid_rdslogs_fle_upload.rb
2015-06-03 22:01:13 +01:00
Pedro Ribeiro
37827be10f
Update sysaid_auth_file_upload.rb
2015-06-03 22:00:44 +01:00
Pedro Ribeiro
62993c35d3
Create sysaid_rdslogs_fle_upload.rb
2015-06-03 21:45:14 +01:00
Pedro Ribeiro
193b7bcd2e
Create sysaid_auth_file_upload.rb
2015-06-03 21:44:02 +01:00
OJ
a6467f49ec
Update description
2015-06-03 22:17:25 +10:00
OJ
455a3b6b9d
Add butchered version of CVE-2015-1701
2015-06-03 21:48:23 +10:00
James Lee
d03ee5667b
Remove assigned but unused local vars
2015-06-01 16:45:36 -05:00
James Lee
7133f0a68e
Fix typo in author's name
2015-06-01 16:45:09 -05:00
wchen-r7
e83677d29d
rm deprecated mod
2015-05-29 17:43:26 -05:00
wchen-r7
13779adab4
Merge branch 'upstream-master' into bapv2
2015-05-29 14:59:04 -05:00
wchen-r7
6be363d82a
Merge branch 'upstream-master' into bapv2
2015-05-29 14:58:38 -05:00
jvazquez-r7
1be04a9e7e
Land #5182 , @m-1-k-3's exploit for Dlink UPnP SOAP-Header Injection
2015-05-29 14:49:09 -05:00
jvazquez-r7
8b2e49eabc
Do code cleanup
2015-05-29 14:45:47 -05:00
jvazquez-r7
8c7d41c50c
Land #5426 , @wchen-r7's adds more restriction on Windows 7 target for MS14-064
2015-05-29 14:35:44 -05:00
wchen-r7
c3fa52f443
Update description
2015-05-29 13:47:20 -05:00
wchen-r7
dab9a66ea3
Use current ruby hash syntax
2015-05-29 13:43:20 -05:00
jvazquez-r7
9ccf04a63b
Land #5420 , @m-1-k-3's miniigd command injection module (ZDI-15-155)
2015-05-29 13:29:03 -05:00
jvazquez-r7
9ebd6e5d6e
Use REXML
2015-05-29 13:27:19 -05:00
jvazquez-r7
294fa78c1f
Land #5430 , @m-1-k-3's adding specific endianess Arch to some exploits
2015-05-29 11:43:25 -05:00
jvazquez-r7
dd39d196f5
Land #5226 , @m-1-k-3's Airties login Buffer Overflow exploit
2015-05-29 10:51:32 -05:00
jvazquez-r7
952f391fb4
Do minor code cleanup
2015-05-29 10:49:51 -05:00
wchen-r7
2a260f0689
Update description
2015-05-28 15:18:05 -05:00
Michael Messner
666b0bc34a
MIPSBE vs MIPS
2015-05-28 18:50:48 +02:00
jvazquez-r7
e9714bfc82
Solve conflics
2015-05-27 23:22:00 -05:00
Spencer McIntyre
24b4dacec5
Land #5408 , @g0tmi1k fixes verbiage and whitespace
2015-05-27 21:02:02 -04:00
wchen-r7
bcdae5fa1a
Forgot to add the datastore option
2015-05-27 18:12:38 -05:00
wchen-r7
4f0e908c8b
Never mind, Vista doesn't have powershell.
2015-05-27 18:08:58 -05:00
wchen-r7
d43706b65e
It doesn't look like Vista shows the powershell prompt
2015-05-27 18:04:35 -05:00
wchen-r7
53774fed56
Be more strict with Win 7 for MS14-064
...
The Powershell prompt can cause BAP to hang so we need to be more
strict about that.
2015-05-27 18:01:40 -05:00
jvazquez-r7
e5d42850c1
Add support for Linux to CVE-2015-0336
2015-05-27 17:05:10 -05:00
Tod Beardsley
95b5ff6bea
Minor fixups on recent modules.
...
Edited modules/auxiliary/admin/http/netgear_soap_password_extractor.rb
first landed in #5301 , @m-1-k-3's aux module to extract passwords from
Netgear soap interfaces
Edited modules/auxiliary/scanner/http/influxdb_enum.rb first landed in
Edited modules/auxiliary/scanner/http/title.rb first landed in #5333 ,
HTML Title Grabber
Edited modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
first landed in #5401 , multi-platform CVE-2015-0311 - Flash uncompress()
UAF
Edited modules/exploits/unix/webapp/wp_revslider_upload_execute.rb first
landed in #5290 , Wordpress RevSlider Module
2015-05-26 17:00:10 -05:00
wchen-r7
60cdf71e6c
Merge branch 'upstream-master' into bapv2
2015-05-26 15:56:48 -05:00
wchen-r7
a0e0e3d360
Description
2015-05-25 17:24:41 -05:00
Michael Messner
43f505b462
fix contact details
2015-05-25 19:31:50 +02:00
jvazquez-r7
f953dc08d9
Land #5280 , @m-1-k-3's support for Airties devices to miniupnpd_soap_bof
2015-05-24 15:17:38 -05:00
Michael Messner
10baf1ebb6
echo stager
2015-05-23 15:50:35 +02:00
wchen-r7
60b0be8e3f
Fix a lot of bugs
2015-05-23 01:59:29 -05:00
jvazquez-r7
5bceeb4f27
Land #5349 , @h0ng10's module for CVE-2015-2219 Lenovo System Update Local Privilege Escalation
2015-05-22 17:14:20 -05:00
wchen-r7
9600f6a30a
rm deprecated exploit
2015-05-22 17:14:08 -05:00
wchen-r7
6de75ffd9f
Merge branch 'upstream-master' into bapv2
2015-05-22 17:11:03 -05:00
wchen-r7
eb5aadfb4e
Land #5401 , multi-platform CVE-2015-0311 - Flash uncompress() UAF
2015-05-22 16:50:13 -05:00
jvazquez-r7
3aa1ffb4f5
Do minor code cleanup
2015-05-22 16:20:36 -05:00
wchen-r7
2bb6f390c0
Add session limiter and fix a race bug in notes removal
2015-05-22 12:22:41 -05:00
jvazquez-r7
03b70e3714
Land #5388 , @wchen-r7's fixes #5373 by add info to BrowserRequiements
2015-05-22 10:21:59 -05:00
jvazquez-r7
6da94b1dd5
Deprecate windows module
2015-05-21 15:01:41 -05:00
jvazquez-r7
b9f9647ab1
Use all the BES power
2015-05-21 14:06:41 -05:00
wchen-r7
6e8ee2f3ba
Add whitelist feature
2015-05-21 00:05:14 -05:00
jvazquez-r7
aa919da84d
Add the multiplatform exploit
2015-05-20 18:57:59 -05:00
wchen-r7
2cadd5e658
Resolve #5373 , Add ActiveX info in BrowserRequirements
...
Resolve #5373
2015-05-20 16:34:09 -05:00
OJ
44f8cf4124
Add more size to stagers, adjust psexec payloads
...
This psexec payload size should be evaluated to make sure I'm not doing
anything stupid. i can't see a reason why increasing these sizes would
be bad. They seem to work fine.
2015-05-20 17:07:56 +10:00
OJ
a93565b5d1
Add 'Payload' section with 'Size' to psexec_psh
...
This missing parameter was causing the payload 'Size' to come through to
the encoders as `nil`. This meant that all the stagers that were
looking at the payload sizes were being told there was no size. In the
case of the meterpreter payloads, this was causing issues with the proxy
settings because the proxy configuration detail isn't added to the
payload unless there's enough space.
This fix adds a default size of 2048 (the same as the plain psexec
module). This makes the proxy settings work as expected.
2015-05-19 22:11:29 +10:00
wchen-r7
89be3fc1f2
Do global requirement comparison in BAP
2015-05-18 16:27:18 -05:00
Hans-Martin Münch (h0ng10)
d99eedb1e4
Adding begin...ensure block
2015-05-17 20:48:11 +02:00
Hans-Martin Münch (h0ng10)
acb053a2a7
CloseHandle cleanup
2015-05-17 20:39:10 +02:00
jvazquez-r7
2882374582
Land #5276 , @lanjelot fixes #4243 and improves java_jdwp_debugger
2015-05-15 11:12:10 -05:00
jvazquez-r7
a46975f1f0
Fix read_reply to use get_once correctly
2015-05-15 11:11:25 -05:00
Hans-Martin Münch (h0ng10)
e075495a5b
string concatenation, clear \ handling
2015-05-15 06:51:42 +02:00
Hans-Martin Münch (h0ng10)
94d39c5c75
remove hard coded pipe name
2015-05-15 06:35:55 +02:00
Hans-Martin Münch (h0ng10)
bb4f5da6d9
replace client.sys.config.getenv with get_env
2015-05-15 06:33:57 +02:00
wchen-r7
8bcdd08f34
Some basic code in place for real-time exploit list generation
2015-05-14 19:09:38 -05:00
Hans-Martin Münch (h0ng10)
bba261a1cf
Initial version
2015-05-15 00:36:03 +02:00
wchen-r7
1a8ab91ce3
Configurable max exploits
2015-05-13 16:23:22 -05:00
wchen-r7
7617217eff
Add ability to exclude
2015-05-13 15:55:19 -05:00
jvazquez-r7
0fb21af247
Verify deletion at on_new_session moment
2015-05-11 18:56:18 -05:00
wchen-r7
30b1c508f1
javascript portion
2015-05-10 16:50:32 -05:00
William Vu
eeb87a3489
Polish up module
2015-05-09 14:33:41 -05:00
HD Moore
fe907dfe98
Fix the disclosure date
2015-05-09 10:44:28 -05:00
jvazquez-r7
cb51bcc776
Land #5147 , @lightsey's exploit for CVE-2015-1592 MovableType deserialization
2015-05-09 01:56:38 -05:00
jvazquez-r7
89bc405c54
Do minor code cleanup
2015-05-09 01:54:05 -05:00
wchen-r7
8e86a92210
Update
2015-05-08 00:25:34 -05:00
William Vu
71518ef613
Land #5303 , metasploit-payloads Java binaries
2015-05-07 22:39:54 -05:00
William Vu
2f2169af90
Use single quotes consistently
2015-05-07 22:39:36 -05:00
wchen-r7
95f087ffd3
Some progress
2015-05-07 19:26:38 -05:00
jvazquez-r7
51bb4b5a9b
Add module for CVE-2015-0359
2015-05-07 17:00:00 -05:00
Brent Cook
a066105a86
prefer reading directly with MetasploitPayloads where possible
2015-05-07 16:59:02 -05:00
William Vu
134a674ef3
Land #5312 , @todb-r7's release fixes
2015-05-07 15:34:31 -05:00
Christian Mehlmauer
1469a151ad
Land #5290 , Wordpress RevSlider Module
2015-05-07 22:15:56 +02:00
Tod Beardsley
f423306b6f
Various post-commit fixups
...
Edited modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb first landed
in #5150 , @wchen-r7's DOS module for CVE-2015-1635 HTTP.sys
Edited modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
first landed in #5192 , @joevennix's module for Safari CVE-2015-1126
Edited modules/auxiliary/gather/java_rmi_registry.rb first landed in
Edited modules/auxiliary/gather/ssllabs_scan.rb first landed in #5016 ,
add SSL Labs scanner
Edited modules/auxiliary/scanner/http/goahead_traversal.rb first landed
in #5101 , Add Directory Traversal for GoAhead Web Server
Edited modules/auxiliary/scanner/http/owa_iis_internal_ip.rb first
landed in #5158 , OWA internal IP disclosure scanner
Edited modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
first landed in #5159 , WordPress Mobile Edition Plugin File Read Vuln
Edited modules/exploits/linux/http/multi_ncc_ping_exec.rb first landed
in #4924 , @m-1-k-3's DLink CVE-2015-1187 exploit
Edited modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb first
landed in #5131 , WordPress Slideshow Upload
Edited modules/exploits/windows/local/run_as.rb first landed in #4649 ,
improve post/windows/manage/run_as and as an exploit
(These results courtesy of a delightful git alias, here:
```
cleanup-prs = !"for i in `git status | grep modules | sed
s/#.*modules/modules/`; do echo -n \"Edited $i first landed in \" && git
log --oneline --first-parent $i | tail -1 | sed 's/.*Land //' && echo
''; done"
```
So that's kind of fun.
2015-05-06 11:39:15 -05:00
William Vu
b8c7161819
Fix up NameError'd payload_exe
2015-05-06 11:34:05 -05:00
William Vu
59ffe5d98f
Land #5306 , payload_exe NameError fix
2015-05-06 11:29:29 -05:00
wchen-r7
4b0f54f0aa
Land #5305 , CVE-2015-0336 Flash NetConnection Type Confusion
2015-05-06 11:26:22 -05:00
wchen-r7
97807e09ca
Lad #5125 , Group Policy startup exploit
2015-05-06 11:17:01 -05:00
wchen-r7
5b57e4e9ca
Add info about the waiting time
2015-05-06 11:15:11 -05:00
Tom Sellers
94d1905fd6
Added WPVDB reference
...
Added a link to the new WPVDB article 7540 that @FireFart provided.
2015-05-06 05:41:02 -05:00
Tom Sellers
c293066198
Leverage check_version_from_custom_file in PR #5292
...
Change the 'check' code to leverage check_version_from_custom_file added to wordpress/version.rb by @FireFart in PR #5292
2015-05-06 05:41:02 -05:00
Tom Sellers
18697d8d02
Fixed the following based on feedback from @FireFart ( Thanks! )
...
- Adjusted references section
- Corrected call to normalize_uri
- Removed unnecessary require for rex/zip
2015-05-06 05:41:02 -05:00
Tom Sellers
8cb18f8afe
Initial commit of code
2015-05-06 05:41:02 -05:00
Sam Roth
5cb8b9a20a
Fix #5304
2015-05-05 22:25:06 -04:00
jvazquez-r7
582919acac
Add module for CVE-2015-0336
2015-05-05 17:25:19 -05:00
Brent Cook
a0c806c213
Update java meterpreter and payload references to use metasploit-payloads
2015-05-05 15:01:00 -05:00
Darius Freamon
c988447c18
title enhancement, OSVDB ref
...
touch up title and add OSVDB reference
2015-05-05 13:21:36 -06:00
m-1-k-3
c8123c147f
upnp vs hnap
2015-05-05 20:57:05 +02:00
Christian Mehlmauer
73f7885eea
add comment
2015-05-29 23:08:55 +02:00
jvazquez-r7
b95be1b25f
Support information to include logon scripts
2015-05-04 15:49:19 -05:00
Darius Freamon
dc42a3ee1a
add OSVDB ref
...
add OSVDB ref
2015-05-04 14:27:44 -06:00
m-1-k-3
c7e05448e7
various MIPS vs MIPSBE fixes
2015-05-04 12:55:21 +02:00
William Vu
67a23f2c74
Land #5296 , info hash product name fix
2015-05-03 14:36:25 -05:00
John Lightsey
4bfb9262e6
Add exploit module for MovableType CVE-2015-1592
...
This module targets the deserialization of untrusted Storable data in
MovableType before 5.2.12 and 6.0.7. The destructive attack will
function on most installations, but will leave the webapp corrupted.
The non-destructive attack will only function on servers that have the
Object::MultiType (uncommon) and DateTime (common) Perl modules
installed in addition to MovableType.
2015-05-03 14:18:01 -05:00
Darius Freamon
a5c10b7f10
Fix product name
...
Product name missing a letter in two locations
2015-05-03 13:11:22 -06:00
m-1-k-3
53043dcbbc
make msftidy happy
2015-05-03 18:14:51 +02:00
m-1-k-3
6fbce56a52
realtek upnp command injection
2015-05-03 18:09:22 +02:00
joev
db999d2c62
Remove ff 31-34 exploit from autopwn, requires interaction.
2015-05-03 10:42:21 -05:00
jvazquez-r7
1bc6822811
Delete Airties module
2015-05-22 11:57:45 -05:00
jvazquez-r7
70d0bb1b1a
Merge Airties target inside miniupnpd_soap_bof
2015-05-22 11:57:19 -05:00
jvazquez-r7
a531ad9ec2
Land #5096 , @pedrib's exploit for Novell ZCM CVE-2015-0779
2015-05-01 14:35:28 -05:00
jvazquez-r7
0ff33572a7
Fix waiting loop
2015-05-01 14:34:43 -05:00
jvazquez-r7
645f239d94
Change module filename
2015-05-01 14:18:34 -05:00
jvazquez-r7
11a3f59b0b
Return false if there isn't a positive answer
2015-05-01 14:06:57 -05:00
jvazquez-r7
093c2e3ace
Do minor style cleanup
2015-05-01 13:56:48 -05:00
jvazquez-r7
d38adef5cc
Make TOMCAT_PATH optional
2015-05-01 13:54:39 -05:00
jvazquez-r7
d2a7d83f71
Avoid long sleep times
2015-05-01 13:51:52 -05:00
jvazquez-r7
8fcf0c558d
Use single quotes
2015-05-01 13:20:27 -05:00
wchen-r7
08b5f71f99
More options
2015-04-30 19:09:08 -05:00
wchen-r7
5ae06310b6
Do some option handling
2015-04-30 18:59:44 -05:00
Darius Freamon
aa59b3acc6
title enhancement, description touch-up
...
Expanded title to be more precise and standardized use of vendor name
2015-04-30 17:23:15 -06:00
wchen-r7
89d026c900
Fix merge conflict
2015-04-30 12:33:45 -05:00
lanjelot
5ab9f01eee
Use byte[] so it works even if Base64 unavailable
2015-04-30 12:46:14 +10:00
lanjelot
15bb4d1ea4
Fix #4243 , regression introduced by commit 6e80481384
2015-04-30 12:42:39 +10:00
wchen-r7
ca32db3e23
Merge branch 'upstream-master' into BAPv2
2015-04-29 18:53:37 -05:00
jvazquez-r7
d773f85dca
Add reference to malware
2015-04-29 17:53:29 -05:00
jvazquez-r7
dbba466b5b
Add module for CVE-2014-8440
2015-04-29 17:52:04 -05:00
William Vu
5defb50252
Fix #5267 , references fixes
2015-04-29 14:21:23 -05:00
William Vu
a4531e62a0
Clean up references
2015-04-29 14:21:08 -05:00
William Vu
b2d08251e4
Move reference
2015-04-29 14:18:45 -05:00
William Vu
fd567195e3
Fix punctuation and missing comma
2015-04-29 14:12:44 -05:00
Darius Freamon
5f0736fa4c
enhance title and description, add OSVDB reference, standardized JBoss
2015-04-29 11:39:40 -06:00
wchen-r7
65b7659d27
Some progress
2015-04-29 01:01:36 -05:00
wchen-r7
43492b7c67
Some progress
2015-04-28 18:17:32 -05:00
Darius Freamon
c01fc829ab
Title enhancement, OSVDB refs
2015-04-28 15:56:34 -06:00
m-1-k-3
d8b8017e0b
remove debugging
2015-04-27 06:36:34 +02:00
m-1-k-3
8db88994ac
fingerprint, title
2015-04-27 06:34:46 +02:00
m-1-k-3
285d767e20
initial commit of UPnP exploit for Airties devices
2015-04-27 05:34:30 +02:00
Roberto Soares
b537c8ae2c
Changed fail_with output.
2015-04-26 01:28:55 -03:00
Roberto Soares
a4b4d7cf6a
Add WordPress Front-end Editor File Upload Vuln
2015-04-25 22:00:05 -03:00
Brent Cook
ff96101dba
Land #5218 , fix #3816 , remove print_debug / DEBUG
2015-04-24 13:41:07 -05:00
jvazquez-r7
7167dc1147
Land #5243 , @espreto's WordPress WPshop eCommerce File Upload exploit
2015-04-24 11:30:28 -05:00
jvazquez-r7
558103b25d
Do code cleanup
2015-04-24 11:30:08 -05:00
jvazquez-r7
8a8d9a26f4
Do code cleanup
2015-04-24 10:47:46 -05:00
jvazquez-r7
b5223912cb
Fix check method
2015-04-24 10:41:41 -05:00
Roberto Soares
c9b4a272e3
Changed fail_with output.
2015-04-24 12:16:23 -03:00
Roberto Soares
e14c6af194
Removed double 'Calling payload'.
2015-04-24 06:26:04 -03:00
Roberto Soares
01efc97c4a
Add WordPress WPshop eCommerce File Upload.
2015-04-24 06:21:49 -03:00
Roberto Soares
5bf4c9187a
Removed double "Calling payload..."
2015-04-23 03:41:34 -03:00
Roberto Soares
844f768eee
Add WordPress InBoundio Marketing File Upload
2015-04-23 03:32:17 -03:00
m-1-k-3
f5b0a7e082
include rop gadget description
2015-04-23 00:11:02 +02:00
m-1-k-3
1ec0e09a43
msftidy
2015-04-22 10:32:47 +02:00
m-1-k-3
58099d0469
airties login bof module
2015-04-22 10:21:58 +02:00
xistence
92c91c76f7
Proftpd 1.3.5 Mod_Copy Command Execution
2015-04-22 01:41:16 -04:00
jvazquez-r7
3f40342ac5
Fix sock_sendpage
2015-04-21 14:17:19 -05:00
jvazquez-r7
ab94f15a60
Take care of modules using the 'DEBUG' option
2015-04-21 12:13:40 -05:00
jvazquez-r7
4224008709
Delete print_debug/vprint_debug
2015-04-21 11:14:03 -05:00
jvazquez-r7
4f59abe842
Land #5203 , @Meatballs1 fixes #5199 by using the correct namespace
...
* Fixes web_delivery
2015-04-20 11:20:48 -05:00
Meatballs
eb1c01417a
Bogus :
2015-04-20 11:00:26 +01:00
Meatballs
aa4f913800
Resolves #5199
...
Fix Powershell namespace in web_delivery module
2015-04-20 09:37:42 +01:00
Christian Mehlmauer
a60fe4af8e
Land #5201 , Change module wording to conform with other WP modules
2015-04-20 10:07:05 +02:00
aushack
1a32cf7fc0
Change module wording to conform with other WP modules.
2015-04-20 16:48:35 +10:00
Christian Mehlmauer
a5583debdc
Land #5131 , WordPress Slideshow Upload
2015-04-19 23:12:26 +02:00
Roberto Soares
c1a1143377
Remove line in description and output line in fail_with
2015-04-18 15:38:42 -03:00
Michael Messner
b991dec0f9
Dlink UPnP SOAP-Header Injection
2015-04-17 22:54:32 +02:00
wchen-r7
4f903a604c
Fix #5103 , Revert unwanted URI encoding
...
Fix #5103 . By default, Httpclient will encode the URI but
we don't necessarily want that. These modules originally
didn't use URI encoding when they were written so we should
just keep them that way.
2015-04-17 13:59:49 -05:00
Christian Mehlmauer
bba0927c7e
Land #5163 , WordPress Reflex Gallery Plugin File Upload
2015-04-17 11:26:34 +02:00
wchen-r7
3927024f79
Land #5154 , CVE-2015-0556 (Flash copyPixelsToByteArray int overflow)
...
sage aborts
2015-04-16 21:21:09 -05:00
Christian Mehlmauer
153344a1dd
fix Unkown typo
2015-04-16 23:59:28 +02:00
Roberto Soares
33cf2f1578
Added Faliure:: symbol to fail_with
2015-04-16 17:40:25 -03:00
Roberto Soares
2138325129
Add Failure:: symbol to fail_with
2015-04-16 17:15:24 -03:00