3da1152743
Add better logging. Split out git support in prep for mercurial
2014-12-20 19:34:55 -08:00
58d5b15141
Add another useful URL. Use a more git-like URIPATH
2014-12-20 19:11:56 -08:00
f41d0fe3ac
Randomize most everything about the malicious commit
2014-12-19 19:31:00 -08:00
805241064a
Create a partially capitalized .git directory
2014-12-19 19:07:45 -08:00
f7630c05f8
Use payload.encoded
2014-12-19 18:52:34 -08:00
7f2247f86d
Add description and URL
2014-12-19 15:50:16 -08:00
9b815ea0df
Some style cleanup
2014-12-19 15:35:09 -08:00
4d0b5d1a50
Add some vprints and use a sane URIPATH
2014-12-19 15:33:26 -08:00
d3050de862
Remove references to Redmine in code
...
See #4400 . This should be all of them, except for, of course, the module
that targets Redmine itself.
Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00
48444a27af
Remove debugging pp
2014-12-19 15:27:06 -08:00
1c7fb7cc7d
Mostly working exploit for CVE-2014-9390
2014-12-19 15:24:27 -08:00
4888ebe68d
Initial commit of POC module for CVE-2013-9390 ( #4435 )
2014-12-19 12:58:02 -08:00
223d6b7923
Merged with Fr330wn4g3's changes
2014-12-14 13:08:19 +08:00
544f75e7be
fix invalid URI scheme, closes #4362
2014-12-11 23:34:10 +01:00
21742b6469
Test #3729
2014-12-06 21:20:52 -06:00
28135bcb09
Land #4159 , MantisBT PHP code execution by @itseco
2014-11-15 07:49:54 +01:00
3faa48d810
small bugfix
2014-11-13 22:51:41 +01:00
7d6b6cba43
some changes
2014-11-13 22:46:53 +01:00
dd1920edd6
Minor typos and grammar fixes
2014-11-13 14:48:23 -06:00
17032b1eed
Fix issue reported by FireFart
2014-11-13 04:48:45 -05:00
ac17780f6d
Fix by @FireFart to recover communication with the application after a meterpreter session
2014-11-11 05:49:18 -05:00
6bf1f613b6
Fix issues reported by FireFart
2014-11-11 00:41:58 -05:00
d4bbf0fe39
Fix issues reported by wchen-r7 and mmetince
2014-11-10 15:27:10 -05:00
cd0dbc0e24
Missed another
2014-11-09 14:06:39 -06:00
9cce7643ab
update description and fix typos
2014-11-09 09:10:01 -05:00
5d17637038
Add CVE-2014-7146 PHP Code Execution for MantisBT
2014-11-09 08:00:44 -05:00
7510fb40aa
touch up visual_mining_netcharts_upload
2014-11-06 22:50:20 -06:00
79cabc6d68
Fix clean up
2014-11-05 15:46:33 -06:00
c08993a9c0
Add module for ZDI-14-372
2014-11-05 15:31:20 -06:00
400ef51897
Land #4076 , exploit for x7chat PHP application
2014-11-03 18:22:04 -06:00
3bf7473ac2
Add github pull request as reference
2014-11-03 18:18:42 -06:00
44a2f366cf
Switch ranking
2014-11-03 18:06:09 -06:00
039d3cf9ae
Do minor cleanup
2014-11-03 18:04:30 -06:00
7e4248b601
Added compatibility with older versions, Updated descriptions and fixed issue with Ubuntu 12.04
2014-11-03 16:42:50 -05:00
51b96cb85b
Cosmetic title/desc updates
2014-11-03 13:37:45 -06:00
1a37a6638c
Fix splunk_upload_app_exec to work on new installs. Style
2014-10-30 18:28:56 -07:00
55f245f20f
Merge #3507 into local, recently updated branch of master for landing
2014-10-30 17:28:20 -07:00
2e53027bb6
Fix value of X7C2P cookie and typo
2014-10-29 08:32:36 -05:00
9f21ac8ba2
Fix issues reported by wchen-r7
2014-10-28 21:31:33 -05:00
71a6ec8b12
Land #4093 , cups_bash_env_exec CVE-2014-6278
2014-10-28 12:47:51 -05:00
57baf0f393
Add support for CVE-2014-6278
2014-10-28 17:10:19 +00:00
3de5c43cf4
Land #4050 , CUPS Shellshock
...
Bashbleeded!!!!!!!!!!!
2014-10-28 11:59:31 -05:00
78b199fe72
Remove CVE-2014-6278
2014-10-28 16:18:24 +00:00
a060fec760
Detect version in check()
2014-10-28 12:28:18 +00:00
2ba2388889
Fix issues reported by jvasquez
2014-10-27 19:15:39 -05:00
848f24a68c
update module description
2014-10-27 02:07:16 -05:00
d66dc88924
Add PHP Code Execution for X7 Chat 2.0.5
2014-10-27 01:01:31 -05:00
554935e60b
Add check() and support CVE-2014-6278
2014-10-26 18:11:36 +00:00
f886ab6f97
Land #4020 , Jenkins-CI CSRF token support
2014-10-20 19:03:24 -04:00
005baa7f7e
Retry the script page request to get the token
...
After logging in to Jenkins the script console page
needs to be requested again to get the CSRF token.
2014-10-19 14:04:16 -04:00
Jon Hart