5775fa9e67
add osvdb ref
2012-06-12 14:53:55 -05:00
cc0f3632a8
Merge pull request #477 from jlee-r7/f5-priv
...
CVE-2012-1493 F5 known private key exploit module
2012-06-12 12:20:48 -07:00
a91085d6cd
Add a disclosure date and more detailed desc
2012-06-12 13:07:53 -06:00
11df90c98e
Call update_info
...
Not sure why all modules don't do this. Or none of them.
2012-06-12 13:01:36 -06:00
c564e9dcc4
Fix 1.8 compat error
...
Net::SSH expects +key_data+ to be an array of strings. Giving it just a
string works in 1.9 but not 1.8, presumably due to some errant use of
+each+.
2012-06-12 12:50:46 -06:00
539deabef5
Clean up title, options
2012-06-12 12:08:58 -06:00
85e1555e13
Payload compat to work with unix/interact
2012-06-12 11:46:21 -06:00
3d5417e574
Initial commit of F5 exploit
2012-06-12 11:37:22 -06:00
4ae786590a
php_wordpress_foxypress from patrick updated. Related to Pull Request #475
2012-06-12 17:39:05 +02:00
efbaff8b37
add osvdb ref
2012-06-11 22:47:30 -05:00
34ecc7fd18
Adding @schierlm 's AES encryption for Java
...
Tested with and without AES, works as advertised. Set an AESPassword,
get encryptification. Score.
Squashed commit of the following:
commit cca6c5c36cschierlm@gmx.de >
Date: Wed Apr 4 00:45:24 2012 +0200
Do not break other architectures
even when using `setg AESPassword`
commit 422d1e341bschierlm@gmx.de >
Date: Tue Apr 3 21:50:42 2012 +0200
binaries
commit 27368b5675schierlm@gmx.de >
Date: Tue Apr 3 21:49:10 2012 +0200
Add AES support to Java stager
This is compatible to the AES mode of the JavaPayload project.
I'm pretty sure the way I did it in the handlers (Rex::Socket::tcp_socket_pair())
is not the supposed way, but it works :-)
2012-06-11 16:13:25 -05:00
02a5dff51f
struts_code_exec_exception_delegator_on_new_session: on_new_session modified
2012-06-11 12:07:38 +02:00
a43cf76591
Merge pull request #463 from schierlm/struts_arch_java
...
Add ARCH_JAVA support to struts_code_exec_exception_delegator
2012-06-11 03:05:37 -07:00
59f591ac46
Adds jcran's MySQL bruteforce and dump module for CVE-2012-2122
2012-06-11 01:42:06 -05:00
93a2e29ed7
Merge branch 'darkoperator-skype_enum'
2012-06-11 01:41:01 -05:00
d226d80919
Make msftidy happy
2012-06-11 01:34:18 -05:00
2847ed9c43
Merge branch 'skype_enum' of https://github.com/darkoperator/metasploit-framework into darkoperator-skype_enum
2012-06-11 01:28:13 -05:00
bb80124d63
Added support for shell and tested on OSX 10.6 and 10.7. Added additional session type checks.
2012-06-10 21:59:14 -04:00
b908ccff0f
Added module for CVE-2012-0297
2012-06-10 22:38:58 +02:00
74c6eb6f78
Change the title and add a Microsoft reference.
...
This is a MS bug, therefore it's important to point out which
bulletin it belongs to.
2012-06-10 14:45:15 -05:00
efcb206cdf
Correct a typo
2012-06-10 14:38:14 -05:00
881ec8d920
Make the description clear that it only reads 4k, default datastore['FD'] to 1
2012-06-10 13:20:02 -05:00
15fa178a66
Add the MSF license text (since MSF_LICENSE is already set)
2012-06-10 02:07:27 -05:00
c7546638f2
Merge branch 'master' of https://github.com/linuxgeek247/metasploit-framework into linuxgeek247-master
2012-06-10 01:58:00 -05:00
498f3323f3
Merge branch 'ms12_005' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms12_005
2012-06-10 01:53:46 -05:00
8f6457661d
Change description
2012-06-10 01:52:26 -05:00
4743c9fb33
Add MS12-005 (CVE-2012-0013) exploit
2012-06-10 01:08:28 -05:00
2b67c5132c
Adding read_file linux shellcode
2012-06-09 20:36:47 -04:00
f0082ba38f
Added module for CVE-2012-0299
2012-06-09 22:27:27 +02:00
b4d33fb85a
Add ARCH_JAVA support to struts_code_exec_exception_delegator
2012-06-09 21:53:43 +02:00
a9ee2b3480
Use of make_nops
2012-06-08 19:20:58 +02:00
91f5f304cb
Added module for CVE-2011-2217
2012-06-08 18:10:20 +02:00
3726ddddac
Software name correction thanks to modpr0be
2012-06-08 07:07:19 -05:00
41d49ed553
Another badchar analysis. Allow shorter delay (5sec to 1)
2012-06-08 01:59:09 -05:00
e5b451c000
Too many tabs for the beginning of the description
2012-06-07 23:08:11 -05:00
520c0ca660
Make msftidy happy
2012-06-07 23:07:39 -05:00
61f5eddf47
Move winlog file
2012-06-07 23:03:30 -05:00
9adec7e7e7
Merge branch 'winlog-2.07.14' of https://github.com/m-1-k-3/metasploit-framework into m-1-k-3-winlog-2.07.14
2012-06-07 23:02:23 -05:00
83d21df9f6
Merge branch 'master' of https://github.com/darkoperator/metasploit-framework into darkoperator-master
2012-06-07 22:58:50 -05:00
a709fe1fe3
Fix regex escaping thanks to w3bd3vil
2012-06-07 16:00:59 -05:00
1eb73dec38
Merge branch 'aushack-master'
2012-06-07 12:17:49 -05:00
42795fec00
Get rid of some whitespace
2012-06-07 12:17:25 -05:00
bd714017bb
samsung_neti_wiewer: add Space property for Payload
2012-06-07 16:00:36 +02:00
0e20d324b8
Added ms02_065_msadc exploit module.
2012-06-07 21:02:13 +10:00
2f3b1effb9
Added module for OSVDB 81453
2012-06-07 12:47:09 +02:00
b004f35354
Change failure of loading gem message to be in par with other gem error messages in the framework, also date is better represented in the CSV with UTC value
2012-06-06 16:28:42 -04:00
28fe4c0be5
What's this break stuff?
...
"break" should be "return"
2012-06-06 11:21:35 -05:00
a54b14b192
Remove whitespace
2012-06-06 11:21:34 -05:00
c36ab97d41
Updated msadc exploit with fixes.
2012-06-06 11:21:34 -05:00
f25b828d31
Added exploit module msadc.rb
2012-06-06 11:21:34 -05:00
Steve Tornio