metasploit-framework/modules/exploits/windows/http
David Maloney 9cf2af6a94 Adds exploit/windows/htt/xampp_webdav_upload_php
This exploit abuses weak default passwords on XAMPP
for windows to uplaod a php payload and execute it.

Fixes #2170
2012-01-06 12:00:14 -08:00
..
adobe_robohelper_authbypass.rb fix some more titles with periods 2010-11-24 19:35:38 +00:00
altn_securitygateway.rb http fingerprint checking update 2010-07-07 17:38:59 +00:00
altn_webadmin.rb Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types 2011-10-16 09:53:53 +00:00
amlibweb_webquerydll_app.rb Added BID ref for amlibweb module. 2011-11-11 12:04:40 +11:00
apache_chunked.rb http fingerprint checking update 2010-07-07 17:38:59 +00:00
apache_mod_rewrite_ldap.rb Various module cleanups 2010-02-15 00:48:03 +00:00
apache_modjk_overflow.rb change some print_status to print_error, rename a few msft modules using msb convention 2010-07-25 21:37:54 +00:00
badblue_ext_overflow.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
badblue_passthru.rb don't use the pattern creator 2011-10-24 19:43:54 +00:00
bea_weblogic_jsessionid.rb don't bother escaping a tick 2011-10-12 01:45:10 +00:00
bea_weblogic_transfer_encoding.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
belkin_bulldog.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
ca_arcserve_rpc_authbypass.rb Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
ca_igateway_debug.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
ca_totaldefense_regeneratereports.rb Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
coldfusion_fckeditor.rb fix some more titles with periods 2010-11-24 19:35:38 +00:00
easyftp_list.rb add ws2ord payload compat 2010-08-17 01:35:03 +00:00
edirectory_host.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
edirectory_imonitor.rb Format dictatorship round 2: Fix author e-mail format for all exploit modules 2011-07-22 20:17:58 +00:00
efs_easychatserver_username.rb This module still works against 2.5 (most current as of Sept 2 2011) 2011-09-03 04:52:04 +00:00
fdm_auth_header.rb add more http fingerprints 2010-07-13 22:11:40 +00:00
hp_nnm_getnnmdata_hostname.rb Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
hp_nnm_getnnmdata_icount.rb Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
hp_nnm_getnnmdata_maxage.rb Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
hp_nnm_nnmrptconfig_nameparams.rb "InitialAutoRunScript" is more like it 2011-07-10 07:28:12 +00:00
hp_nnm_nnmrptconfig_schdparams.rb "InitialAutoRunScript" is more like it 2011-07-10 07:28:12 +00:00
hp_nnm_openview5.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
hp_nnm_ovalarm_lang.rb Mass RE-update: fix all framework URL references 2010-11-11 22:43:22 +00:00
hp_nnm_ovas.rb big msftidy pass, ping me if there are issues 2011-10-23 11:56:13 +00:00
hp_nnm_ovwebhelp.rb Mass RE-update: fix all framework URL references 2010-11-11 22:43:22 +00:00
hp_nnm_ovwebsnmpsrv_main.rb add exploit for cve-2010-1964 2011-03-23 15:45:48 +00:00
hp_nnm_ovwebsnmpsrv_ovutil.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
hp_nnm_ovwebsnmpsrv_uro.rb add exploit for cve-2010-1960 2011-03-23 15:43:25 +00:00
hp_nnm_snmp.rb Mass RE-update: fix all framework URL references 2010-11-11 22:43:22 +00:00
hp_nnm_snmpviewer_actapp.rb add exploit for cve-2010-1552 2011-03-23 15:47:20 +00:00
hp_nnm_toolbar_01.rb Make room for another exploit against ToolBar.exe 2011-07-16 04:45:21 +00:00
hp_nnm_toolbar_02.rb Fix that extra tab in the description 2011-07-16 05:21:20 +00:00
hp_nnm_webappmon_execvp.rb "InitialAutoRunScript" is more like it 2011-07-10 07:28:12 +00:00
hp_nnm_webappmon_ovjavalocale.rb "InitialAutoRunScript" is more like it 2011-07-10 07:28:12 +00:00
hp_openview_insight_backdoor.rb Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
hp_power_manager_filename.rb big msftidy pass, ping me if there are issues 2011-10-23 11:56:13 +00:00
hp_power_manager_login.rb much needed patch worked like a champ in my enviroment. 2011-10-31 20:37:30 +00:00
httpdx_handlepeer.rb fix statement order, lol 2010-07-26 23:22:42 +00:00
httpdx_tolog_format.rb see #684, adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues 2010-08-25 20:55:37 +00:00
ia_webmail.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
ibm_tivoli_endpoint_bof.rb Fix: whitespaces, svn propset, author e-mail format 2011-11-06 22:02:26 +00:00
ibm_tpmfosd_overflow.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
ibm_tsm_cad_header.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
icecast_header.rb Format dictatorship round 2: Fix author e-mail format for all exploit modules 2011-07-22 20:17:58 +00:00
integard_password_bof.rb fix nil access 2010-12-15 19:49:40 +00:00
intersystems_cache.rb add more http fingerprints -- thx mc 2010-07-12 23:25:31 +00:00
ipswitch_wug_maincfgret.rb add another httpfingerprint, thx again mc 2010-07-14 13:59:38 +00:00
kolibri_http.rb Fix: whitespaces, svn propset, author e-mail format 2011-11-06 22:02:26 +00:00
mailenable_auth_header.rb Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types 2011-10-16 09:53:53 +00:00
manageengine_apps_mngr.rb Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
maxdb_webdbm_database.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
maxdb_webdbm_get_overflow.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
mcafee_epolicy_source.rb Fixes #5414 by applying Joshua Taylor's patch that corrects bad reference types 2011-10-16 09:53:53 +00:00
mdaemon_worldclient_form2raw.rb ensure binary mode when opening files, whitespace fixes 2010-07-01 23:33:07 +00:00
minishare_get_overflow.rb Format dictatorship round 2: Fix author e-mail format for all exploit modules 2011-07-22 20:17:58 +00:00
navicopa_get_overflow.rb add more http fingerprints -- thx mc 2010-07-12 23:25:31 +00:00
novell_imanager_upload.rb style compliance fixes 2010-10-19 22:54:19 +00:00
novell_messenger_acceptlang.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
nowsms.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
oracle9i_xdb_pass.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
osb_uname_jlist.rb Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
peercast_url.rb tons of indentation fixes, some other style tweaks 2010-09-20 08:06:27 +00:00
privatewire_gateway.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
psoproxy91_overflow.rb Fixed author name in modules for myself. 2011-04-11 02:25:36 +00:00
sambar6_search_results.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
sap_mgmt_con_osexec_payload.rb Damn comma 2011-10-24 16:42:07 +00:00
sapdb_webtools.rb style compliance fixes 2010-07-16 02:33:25 +00:00
savant_31_overflow.rb fix fingerprint bug 2010-10-04 20:53:51 +00:00
servu_session_cookie.rb finished periodic missing CVE reference check (hint vulns w/o CVEs here!) 2010-03-10 05:58:01 +00:00
shoutcast_format.rb big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00
shttpd_post.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
steamcast_useragent.rb Fix: whitespaces, svn propset, author e-mail format 2011-11-06 22:02:26 +00:00
sybase_easerver.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
trackercam_phparg_overflow.rb stop perpetuating the ambiguity! 2010-05-09 17:45:00 +00:00
trendmicro_officescan.rb reverting the disclosure dates for now need to clean up the patch 2011-05-04 20:43:19 +00:00
webster_http.rb Added webster_http exploit module. 2010-11-03 12:19:19 +00:00
xampp_webdav_upload_php.rb Adds exploit/windows/htt/xampp_webdav_upload_php 2012-01-06 12:00:14 -08:00
xitami_if_mod_since.rb see #684, adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues 2010-08-25 20:55:37 +00:00
zenworks_uploadservlet.rb clarify targets 2010-11-22 17:53:49 +00:00