9c95c7992b
Require's for all the include's
2012-10-23 13:24:05 -05:00
f9ac55c221
Infohash key cleanups
...
Replace obvious typos in infohash keys. Note that this *does*
affect the behaviour as those keys have been ignored before.
2012-10-22 21:24:36 +02:00
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
768d2c5921
Go back to old behavior for unknown versions
...
May not be correct, but it's what we used to do, so probably better than
just raising.
Also documents things a bit better.
2012-10-18 16:57:40 -05:00
1eccb24bf8
Raise if the version isn't what we expect
...
Also adds some clarifying commentation and adds todb to the list of
authors since he wrote the original module for windows upon which this
one is based.
2012-10-18 15:55:55 -05:00
3c5c1cd86e
Remove unnecessary version restrictions
...
Since the payload is now run in the .so constructor, there's no need to
be compatible with a particular Postgres API.
Also:
- report the service
- delete the payload in the payload itself to reduce forensics
footprint
- randomize the created function name instead of abusing
postgres_create_sys_exec
2012-10-18 15:40:27 -05:00
0221f75f39
Merge branch 'rapid7' into midnitesnake-postgres_payload
2012-10-18 13:57:25 -05:00
52feae2dcd
Add missing require
...
[FixRM #7345 ]
2012-10-15 17:18:04 -05:00
529f88c66d
Some msftidy fixes
2012-10-14 19:16:54 -05:00
9c6fdbe9d7
Compile a .so instead of being version-specific
...
This makes it possible to use payloads for the appropriate architecture
NOTE: need to test windows and make sure I didn't break it
2012-10-13 15:18:25 -05:00
ad1870d819
Merge branch 'rapid7' into midnitesnake-postgres_payload
2012-10-12 14:18:34 -05:00
db12413b09
Convert vcms_upload to use PhpEXE
...
Incidentally adds a Linux x86 target
2012-10-12 04:29:57 -05:00
aba69d8438
fix indentation
2012-10-05 20:18:40 +02:00
4c646762a5
Added target debian squeeze
2012-10-05 20:12:09 +02:00
6679ff765a
remove extra commas
2012-09-28 12:21:59 +02:00
4087790cf7
Oops, forgot to update the check() function
2012-09-27 18:22:57 -05:00
9d3a1871a6
Added module for Samba CVE-2012-1182
2012-09-28 01:18:52 +02:00
25e6990dc7
added osvdb reference
2012-09-24 21:49:32 +02:00
ed24154915
minor fixes
2012-09-21 11:36:58 +02:00
6ee2c32f08
add ZEN Load Balancer module
2012-09-21 17:25:20 +09:30
11f82de098
Update author information
2012-09-19 14:00:51 -03:00
8b251b053e
initializing msghdr a little better
2012-09-18 12:12:27 +02:00
16c5df46fc
fix while testing ubuntu intrepid
2012-09-18 11:52:50 +02:00
0708ec72fc
module moved to a more correct location
2012-09-15 15:31:21 +02:00
0f67f8d08a
target modified
2012-09-15 15:14:33 +02:00
0061d23b37
Added module for CVE-2012-2982
2012-09-15 15:09:19 +02:00
1f58458073
Merge branch 'udev_netlink' of https://github.com/jlee-r7/metasploit-framework into jlee-r7-udev_netlink
2012-09-13 10:37:52 -05:00
12f3ef9c7c
added osvdb numbers
2012-09-13 14:00:12 +02:00
fba219532c
Updating BID for openfiler
2012-09-12 14:13:21 -05:00
f5a0f74d27
Merge branch 'wanem_exec_improve' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-wanem_exec_improve
2012-09-10 13:35:48 -05:00
bbeb6cc97a
Add a privilege escalation exploit for udev < 1.4.1
...
Also includes a new ```rm_f``` method for Post::File for deleting remote
files in a platform-independent way.
2012-09-10 12:32:14 -05:00
64b8696e3c
Extra condition that's not actually needed
...
Don't actually need to check nil res, because no code will
actually try to access res when it's nil anyway. And the 'return'
at the of the function will catch it when the response times out.
2012-09-09 04:06:48 -05:00
cb95a7b520
Add openfiler_networkcard_exec exploit
2012-09-09 17:28:09 +09:30
37c7f366f2
check function test vulnerability + minor improvements
2012-09-09 00:42:02 +02:00
f02659184a
Add WANem v2.3 command execution
2012-09-08 16:01:45 +09:30
bbab206eac
Add CVE-2012-3579 - Symantec Messaging Gateway 9 Default SSH Pass
...
This module exploits a default misconfig flaw on Symantec Messaging
Gateway 9.5 (or older). The "support" user has a known default
password, which can be used to login to the SSH service, and then
gain privileged access from remote.
2012-09-05 13:21:10 -05:00
9d97dc8327
Add Metasploit blogs as references, because they're useful.
2012-09-03 15:57:27 -05:00
25ee8fd357
Run postgres.rb & postgres_payload through msftidy, and cleaned up the files
2012-08-25 01:44:49 +01:00
ea7d7b847a
Merge branch 'master' of github.com:rapid7/metasploit-framework
2012-08-24 11:17:14 -05:00
8f748d833a
Added BID reference
2012-08-24 17:30:52 +02:00
261a17d28a
Added module for CVE-2009-4498
2012-08-23 18:29:39 +02:00
d0b1fa33af
swapped out OptString for OptEnum
2012-08-22 02:20:13 +01:00
8218a60b32
other corrections
2012-08-22 00:08:59 +01:00
5cf7f22a13
corrections following on from jlee-r7 comments
2012-08-21 23:57:07 +01:00
3106f87687
badchars fixed
2012-08-21 13:30:15 +02:00
e21ea6999c
added module for ESVA Command Injection Vulnerability
2012-08-21 13:25:03 +02:00
a228e42630
Add new target thanks for cabetux
2012-08-15 16:06:09 -05:00
ad2b457fda
Added linux port for postgres payload
2012-08-14 17:46:35 +01:00
f72f334124
Fix an odd issue with search due to use of the builtin Proxies option
2012-08-12 23:22:38 -05:00
3711297719
dd Opt::Proxies and opthash[:proxies] to exploits
2012-08-12 16:29:39 -04:00
James Lee