8dce80fd30
Added Big Endianess, improved check()-Function
...
Some Fritz!Box devices also run in Big Endianess mode. However, since
"uname -a" always returns "mips" and the "file"-command is not
available, autodetection is not an easy task.
The check()-function now checks, whether the device is really
vulnerable.
Furthemore, it's possible to send 92 bytes.
2014-04-08 21:32:36 +02:00
21b220321f
Fix typo.
...
This isn't a Linksys exploit. Left over wording from a previous exploit?
2014-04-07 18:06:59 -05:00
fb1318b91c
Land #3193 , @m-1-k-3's exploit for the Fritzbox RCE vuln
2014-04-07 16:13:31 -05:00
ceaa99e64e
Minor final cleanup
2014-04-07 16:12:54 -05:00
b1a6b28af9
fixed disclosure date
2014-04-07 19:29:37 +02:00
003310f18a
feedback included
2014-04-07 19:25:26 +02:00
7572d6612e
Spelling and grammar on new release modules
2014-04-07 12:18:13 -05:00
85de6ed0c9
feedback included
2014-04-07 18:20:15 +02:00
0c883723ba
Land #3149 - Oracle Demantra Arbitrary File Retrieval with auth bypass
2014-04-07 11:11:55 -05:00
31dfae3a01
Follow the 100 columns per line guideline
2014-04-07 11:10:20 -05:00
de242ecc00
Correct date format
...
Hmm weird, msftidy didn't pick this up
2014-04-07 11:09:27 -05:00
56bd35c8ce
Add module for WinRAR spoofing vulnerability
2014-04-07 09:21:49 -05:00
11bbb7f429
fritzbox echo exploit
2014-04-07 09:12:22 +02:00
6d72860d58
Land #3004 , @m-1-k-3's linksys moon exploit
2014-04-04 14:04:48 -05:00
0ae75860ea
Code clean up
2014-04-04 14:02:12 -05:00
ea1c6fe8a4
Land #3177 - JIRA Issues Collector Directory Traversal
2014-04-04 10:41:51 -05:00
395f5beef8
Land #3178 , http header scan module
2014-04-04 11:36:35 -04:00
2b6ae68cbf
Minor modifications for http_header
2014-04-04 10:46:03 -04:00
e2cbcf3c5d
Land #3179 , @brandonprry AlienVault sqli aux module
2014-04-04 09:17:11 -05:00
ff6105e55d
Add check codes
2014-04-04 09:13:43 -05:00
44db611845
defaultoptions, not option
2014-04-04 05:55:35 -07:00
6f14cd225d
Do minor clean up
2014-04-03 23:22:44 -05:00
48ef061c3c
Land #3046 , AIX ibtstat privesc exploit
2014-04-03 17:07:00 -05:00
6c67f1881f
Normalize syntax and whitespace
2014-04-03 16:54:33 -05:00
253a1c1f87
Land #3180 , EMC Cloud Tiering Appliance Unauthed XXE with root perms
2014-04-03 22:02:13 +02:00
a57da00932
fix refs line
2014-04-03 14:07:00 -07:00
51f83fccde
add some checks in vase the file wasn't retrievable
2014-04-03 14:04:05 -07:00
03559dedcd
Land #3187 - Changed OptString to OptRegexp
2014-04-03 14:52:59 -05:00
d69a9d3c45
Land #3186 , OptString should be OptRegexp
2014-04-03 13:07:23 -05:00
d995d84e91
Changed OptString to OptRegexp
2014-04-03 19:40:07 +02:00
b4aa08251f
changed option from string to regex
2014-04-03 19:34:40 +02:00
e2ded663a6
make more robust
2014-04-03 06:15:09 -07:00
53b8148438
make more random
2014-04-03 05:52:35 -07:00
77b64ee77d
make more random
2014-04-03 05:41:00 -07:00
a4adfac312
Added feedback for http_header module
2014-04-02 23:01:23 +02:00
75dc4c459b
msftidy
2014-04-02 13:22:21 -07:00
bb82277a41
msftidy
2014-04-02 13:20:13 -07:00
abc0b31f26
exploithub wat
2014-04-02 13:18:48 -07:00
577bd7c855
Land #3146 , @wchen-r7's flash version detection code
2014-04-02 15:13:41 -05:00
765657d55a
alienvault module
2014-04-02 13:09:46 -07:00
d3f353118a
edb update
2014-04-02 13:06:54 -07:00
32cd846fe4
emc cta xxe module
2014-04-02 13:05:53 -07:00
69192edd4b
Added new http_header module
2014-04-02 22:04:54 +02:00
a85d451904
Add module for CVE-2014-2314
2014-04-02 14:49:31 -05:00
4a575d57ab
Try to fix Meatballs1 suggestions : optional service_description change call
2014-04-02 20:33:09 +01:00
b636a679ae
Erf, sorry, fixed now
2014-04-02 20:33:08 +01:00
631a7b9c48
Adapt to new psexec mixin (first try :D)
2014-04-02 20:33:08 +01:00
978bdbb676
Custom Service Description
2014-04-02 20:33:07 +01:00
e3dda2e862
Land #3172 - CVE-2014-1510 to firefox_xpi_bootstrapped_addon
2014-04-02 14:07:37 -05:00
ebcf972c08
Add initial firefox xpi prompt bypass.
2014-04-01 23:48:35 -05:00
Fabian Bräunlein