Commit Graph

6670 Commits (fbbed2262b8ab1beae0effc363cdef2844f1437b)

Author SHA1 Message Date
HD Moore fbbed2262b Updated iOS modules 2012-09-10 17:42:17 -05:00
sinn3r f5a0f74d27 Merge branch 'wanem_exec_improve' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-wanem_exec_improve 2012-09-10 13:35:48 -05:00
sinn3r 64b8696e3c Extra condition that's not actually needed
Don't actually need to check nil res, because no code will
actually try to access res when it's nil anyway. And the 'return'
at the of the function will catch it when the response times out.
2012-09-09 04:06:48 -05:00
bcoles cb95a7b520 Add openfiler_networkcard_exec exploit 2012-09-09 17:28:09 +09:30
jvazquez-r7 37c7f366f2 check function test vulnerability + minor improvements 2012-09-09 00:42:02 +02:00
bcoles f02659184a Add WANem v2.3 command execution 2012-09-08 16:01:45 +09:30
jvazquez-r7 caae54a7ca added osvdb reference 2012-09-07 16:56:37 +02:00
Tod Beardsley aaf7fcd5e9 Closing bracket doh 2012-09-07 08:57:27 -05:00
Tod Beardsley 53e4818c2e Humble-desser, not humble-dresser 2012-09-07 08:49:27 -05:00
jvazquez-r7 c572c20831 Description updated to explain conditions 2012-09-07 11:18:54 +02:00
sinn3r bd596a3f39 Merge branch 'sflog_upload_exec' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-sflog_upload_exec 2012-09-06 18:40:19 -05:00
sinn3r 86036737ca Apparently this app has two different names
People may either call the app "ActiveFax", or "ActFax". Include
both names in there to allow the module to be more searchable.
2012-09-06 18:38:03 -05:00
sinn3r 6a484cdbc5 Merge branch 'actfax_local_exploit' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-actfax_local_exploit 2012-09-06 18:35:08 -05:00
sinn3r b4270bb480 Add OSVDB-83767: SFlog Upload Exec Module
This module exploits multiiple flaws in SFlog!. By default, the
CMS has a default admin cred of "admin:secret", which can be
abused to access admin features such as blog management.  Through
the management interface, we can upload a backdoor that's accessible
by any remote user, and then we gain code execution.
2012-09-06 18:30:45 -05:00
jvazquez-r7 fc1c1c93ba ZDI references fixed 2012-09-07 00:50:07 +02:00
jvazquez-r7 4985cb0982 Added module for ActFac SYSTEM Local bof 2012-09-07 00:45:08 +02:00
jvazquez-r7 65681dc3b6 added osvdb reference 2012-09-06 13:56:52 +02:00
jvazquez-r7 b4113a2a38 hp_site_scope_uploadfileshandler is now multiplatform 2012-09-06 12:54:51 +02:00
jvazquez-r7 270fa1b87b updated descriptions for hp sitescope modules tested over linux 2012-09-05 23:25:08 +02:00
Tod Beardsley 9531c95627 Adding BID 2012-09-05 15:04:05 -05:00
Tod Beardsley ff97b1da00 Whitespace EOL 2012-09-05 14:04:20 -05:00
sinn3r 43041e3a0a Merge branch 'hp_sitescope_uploadfileshandler' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_uploadfileshandler 2012-09-05 14:03:24 -05:00
sinn3r 6705f5405e Merge branch 'symantec_smg_ssh_pass' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-symantec_smg_ssh_pass 2012-09-05 14:00:55 -05:00
sinn3r bed3c7bbac Merge branch 'hp_sitescope_loadfilecontent_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_loadfilecontent_fileaccess 2012-09-05 13:59:49 -05:00
jvazquez-r7 2f87af1c3a add some checks while parsing the java serialization config file 2012-09-05 20:58:55 +02:00
sinn3r 598fdb5c50 Merge branch 'hp_sitescope_getsitescopeconfiguration' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_getsitescopeconfiguration 2012-09-05 13:58:39 -05:00
sinn3r 41904891c9 Merge branch 'hp_sitescope_getfileinternal_fileaccess' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-hp_sitescope_getfileinternal_fileaccess 2012-09-05 13:57:39 -05:00
jvazquez-r7 b2116e2394 cleanup, test, add on_new_session handler and osvdb references 2012-09-05 20:54:25 +02:00
sinn3r bbab206eac Add CVE-2012-3579 - Symantec Messaging Gateway 9 Default SSH Pass
This module exploits a default misconfig flaw on Symantec Messaging
Gateway 9.5 (or older).  The "support" user has a known default
password, which can be used to login to the SSH service, and then
gain privileged access from remote.
2012-09-05 13:21:10 -05:00
jvazquez-r7 20655232d7 cleanup, tested and added osvdb reference 2012-09-05 20:03:46 +02:00
jvazquez-r7 c6f5b1f072 cleanup, test, osvdb reference 2012-09-05 19:56:04 +02:00
jvazquez-r7 ea2eb046c3 cleanup, final test, osvdb reference 2012-09-05 19:45:50 +02:00
jvazquez-r7 406202fc81 Added module for ZDI-12-174 2012-09-05 12:56:09 +02:00
jvazquez-r7 166f68b194 added module for ZDI-12-177 2012-09-05 12:54:30 +02:00
jvazquez-r7 534ab55e5c Added module for ZDI-12-173 2012-09-05 12:53:03 +02:00
jvazquez-r7 8a50ca2f47 Added module for ZDI-12-176 2012-09-05 12:51:25 +02:00
Cristiano Maruti 8fce975593 Aux module raise an error because Report module is not included in the source 2012-09-05 10:38:36 +02:00
Tod Beardsley c7de73e7bf Clean up SVN metadata 2012-09-04 19:36:10 -05:00
Tod Beardsley 7b8ab53661 Use :unique_data option for dns.enum reporting
Otherwise, you will only report the last thing that comes through on
that host for the dns.enum note type.
2012-09-04 19:32:29 -05:00
Tod Beardsley 2edf4a676a Merge remote branch 'bonsaiviking/axfr' into bonsai-afxr 2012-09-04 16:16:41 -05:00
Tod Beardsley b8132cae5c Add the redistribution comment splat 2012-09-04 15:58:43 -05:00
Tod Beardsley 15f1dd8525 Moving greetz to Author fields 2012-09-04 15:58:43 -05:00
Tod Beardsley 6e7cbe793c Spamguard e-mail addresses, make auth name consistent 2012-09-04 15:58:43 -05:00
Tod Beardsley a925eef070 Removed meterpreter reference from desc
This post module relies on meterpreter as a SessionType, but the
description shouldn't call this out specifically.
2012-09-04 15:58:42 -05:00
Tod Beardsley ba0de5acd9 Retitled for consistency and accuracy 2012-09-04 15:58:42 -05:00
Tod Beardsley f80abaf0d1 Dropping trailing whitespace 2012-09-04 15:58:42 -05:00
nullbind 69b2f95a6f small update 2012-09-04 15:58:42 -05:00
nullbind cac1e0a585 small update 2012-09-04 15:58:42 -05:00
nullbind e1da14f786 access database with local os admin privs 2012-09-04 15:58:42 -05:00
nullbind a08d2359d7 access database with local os admin privs 2012-09-04 15:58:42 -05:00