adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

27999 Commits

Author SHA1 Message Date
sinn3r 243dbe50f0 Correct author name. Unfortunately not all editors can print unicode correctly. 2012-01-07 15:18:25 -06:00
sinn3r 181fe2d925 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-01-07 15:14:30 -06:00
sinn3r 4e858aba89 Add CVE-2012-0262 Op5 welcome.php Remote Code Execution 2012-01-07 15:13:45 -06:00
sinn3r 4645c1c2b9 Add CVE-2012-0261 Op5 license.php Remote Code Execution 2012-01-07 15:12:49 -06:00
HD Moore b12baccc49 Quick update, added a research option 2012-01-07 01:13:23 -06:00
sinn3r 6d401b48d1 Fix typo 2012-01-07 00:02:51 -06:00
sinn3r b7e29191f5 Add Drupal 'Views' module username enumeration (Feature #6194) 2012-01-06 23:51:32 -06:00
David Maloney 40a1d8bcc8 Fixed issue with a missing nil check in ftp_login 2012-01-06 20:51:58 -08:00
David Maloney 81acfd2126 Adds hashdump and cracking modules for AIX 2012-01-06 20:31:22 -08:00
David Maloney 8e017fd4db Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-01-06 20:30:25 -08:00
David Maloney bf425a6744 Fixed bug that prevented telnet sessions from opening with good creds 2012-01-06 16:59:08 -08:00
Stephen Haywood 2e60d2e01a Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2012-01-06 17:46:42 -05:00
Stephen Haywood 72072c4ef3 Added enum_artifacts 2012-01-06 17:43:50 -05:00
sinn3r 6ceb2f04a3 Add CVE-2011-2474 Sybase EAServer directory traversal vulnerability 2012-01-06 14:24:49 -06:00
David Maloney 9cf2af6a94 Adds exploit/windows/htt/xampp_webdav_upload_php 
This exploit abuses weak default passwords on XAMPP
for windows to uplaod a php payload and execute it.

Fixes #2170
 2012-01-06 12:00:14 -08:00
Sam Sharps 06414c2413 changed author to my actual name 2012-01-06 01:03:20 -06:00
HD Moore 7b26e33e19 Initial version 2012-01-06 00:53:50 -06:00
Sam Sharps b26ed37467 Added description, urls, and another author 2012-01-06 00:47:01 -06:00
Sam Sharps 5c05cebaf7 Added ms05_054_onload.rb IE 6 SP 2 exploit - CVE-2005-1790 2012-01-06 00:16:45 -06:00
sam f3a9bc2dad Added ms05_054_onload.rb IE 6 SP 2 exploit - CVE-2005-1790 2012-01-06 00:12:28 -06:00
David Maloney ba86e8a04f Added PROPFIND support to http_login 
This allows http_login to test against WebDAV.
Also added XAMPP default usernames and passwords to default wordlists
 2012-01-05 12:10:53 -08:00
HD Moore 8315709fb6 Correct typo and set the disclosure date 2012-01-04 19:46:56 -06:00
Tod Beardsley 7b692aa0b9 Adding references to vss modules. 2012-01-04 12:10:03 -06:00
sinn3r 8cced0a91e Add CVE-2011-2462 Adobe Reader U3D exploit 2012-01-04 03:49:49 -06:00
David Maloney 12221b0433 UAC will disrupt these modules 
Added checks for UAC.
UAC must be bypassed before using these modules.
 2012-01-03 12:07:38 -08:00
Joshua J. Drake 958ffe6e1d Fix stack trace from unknown agents 2012-01-02 03:41:49 -06:00
Steve Tornio 7bfdc9eff4 add osvdb ref 2012-01-01 09:10:10 -06:00
David Maloney dd0b07b2cc Adds mixin and post modules to manipulate Volume shadowcopy Service(VSS) 2011-12-30 15:03:04 -08:00
sinn3r d9db03dba6 Add CoCSoft StreamDown buffer overflow (Feature #6168; no CVE or OSVDB ref) 2011-12-30 10:16:29 -06:00
Tod Beardsley bc22b7de99 MSFConsole should display hostless loot, also typo fix. 
Fixes the console to display loot not associated with a host, as when
the CorpWatch modules save loot. Also fixes a typo on
corpwatch_lookup_id.rb

Fixes #6177
 2011-12-29 15:11:15 -06:00
sinn3r b202c29153 Correct e-mail format 2011-12-29 11:27:10 -06:00
sinn3r d484e18300 Add e-mail for tecr0c 2011-12-29 11:14:15 -06:00
sinn3r 9972f42953 Add e-mail for mr_me for consistency 2011-12-29 11:01:38 -06:00
sinn3r b5b2c57b9f Correct e-mail format 2011-12-29 10:57:00 -06:00
sinn3r a330a5c63a Add e-mail for Brandon 2011-12-29 10:53:39 -06:00
Steve Tornio 778d396bc6 add osvdb ref 2011-12-29 07:54:15 -06:00
Steve Tornio 6d72dbb609 add osvdb ref 2011-12-29 07:54:01 -06:00
Steve Tornio a00dad32fe Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2011-12-29 07:50:33 -06:00
Steve Tornio 27d1601028 add osvdb ref 2011-12-29 07:49:16 -06:00
Brandon Perry c88b582f97 Add CorpWatch Name lookup module by bperry 2011-12-28 15:43:21 -06:00
Brandon Perry d896f128e5 Add CorpWatch ID Lookup module by bperry 2011-12-28 15:41:28 -06:00
Tod Beardsley 0e3370f1fe Grammar and spelling on splunk and oracle exploits 2011-12-28 13:42:56 -06:00
David Maloney 9e1e87508f Fix to boundary validation for when no db is present 
Fixes #6171
 2011-12-28 08:47:22 -08:00
HD Moore 5dc647a125 Make it clear that this exploit is for RHEL 3 (White Box 3 uses the same 
packages)
 2011-12-28 02:02:03 -06:00
HD Moore 5d67bd2a5e Phew. Exhaustive test of all i386 FreeBSD versions complete 2011-12-28 01:38:55 -06:00
HD Moore 1ff0cb2eef More testing - looks like 5.5 is not exploitable, at least not the same 
way
 2011-12-28 01:30:25 -06:00
HD Moore e071944a1a Allow ff in payloads but double them back up 2011-12-28 00:04:24 -06:00
HD Moore edb9843ef9 Add Linux exploit with one sample target (Whitebox Linux 3) 2011-12-28 00:00:10 -06:00
HD Moore 79103074cb Add credit for Dan's advice 2011-12-27 23:39:02 -06:00
HD Moore f9224d6010 Adds basic coverage for CVE-2011-4862. Ported from Jaime Penalba 
Estebanez's code, mostly written by Brandon Perry, exploit method (jmp
edx) by Dan Rosenberg, and general mangling/targets by hdm.
 2011-12-27 23:37:30 -06:00