115c63e4ba
karaf default credential scanner PoC
2016-01-27 03:27:48 -05:00
2df458c359
Few updates per OJ and wvu
2016-01-26 23:19:18 -06:00
3cab27086f
Added PCMan FTP PUT Buffer Overflow Exploit
2016-01-26 17:09:31 -06:00
4560d553b5
Fixing more issues from comments
...
This commit includes more minor fixes from the github
comments for this PR.
2016-01-24 19:43:02 -06:00
d877522ea5
Fixing various issues from comments
...
This commit fixes issues with specifying "rhost:rport",
replacing them instead with "peer". Also, a couple of
"Unknown" errors were replaced with "UnexpectedReply".
2016-01-23 13:43:09 -06:00
a5a2e7c06b
Fixing Disclosure Date
...
Disclosure date was in incorrect format, this commit
fixes the issue
2016-01-23 11:41:05 -06:00
8c8cdd9912
Adding Dlink DCS Authenticated RCE Module
...
This module takes advantage of an authenticated HTTP RCE
vulnerability to start telnet on a random port. The module
then connects to that telnet session and returns a shell.
This vulnerability is present in version 2.01 of the firmware
and resolved by version 2.12.
2016-01-23 11:15:23 -06:00
6187354392
Land #6226 , Add Wordpress XML-RPC system.multicall Credential BF
2016-01-23 00:12:46 -06:00
064af0d670
Remove unwanted comment
2016-01-23 00:11:58 -06:00
ad3eed525b
Handing newer version of WP, fallback CHUNKSIE to 1
2016-01-23 08:06:27 +03:00
d6facbe339
Land #6421 , ADB protocol and exploit
2016-01-22 20:45:44 -06:00
53e9bd7f51
This line does nothing
2016-01-22 18:55:45 -06:00
0f9cf812b7
Bring wordpress_xmlrpc_login back, make wordpress_multicall as new
2016-01-22 18:54:20 -06:00
1b386fa7f1
Add targets to avoid ARCH_ALL payload confusion
2016-01-22 16:45:10 -06:00
51eb79adc7
first try in changing class names
2016-01-22 23:36:37 +01:00
a3cafc3bae
Update PHP meterpreter size
2016-01-22 15:14:18 -06:00
ad93d11868
Delete easyfilesharing_seh.rb
2016-01-22 13:04:14 -05:00
45c88d3189
Create easyfilesharing_seh.rb
2016-01-22 13:04:03 -05:00
76a8899d59
Delete EasyFileSharing_SEH.rb
2016-01-22 12:39:44 -05:00
91db2597c7
normalize URIs
2016-01-22 11:27:26 -06:00
b02c762b93
Grab zeroSteiner's module/jenkins-cmd branch
2016-01-22 10:17:32 -06:00
99de466a4d
Bugfix: specify scripting language
2016-01-22 15:00:10 +01:00
484d57614a
remove re-registered ssl options
2016-01-22 09:54:52 +01:00
dc6dd55fe4
Shrink the size of ms08_067 so that it again works with bind_tcp
...
In #6283 , we discovered that ms08_067 was busted with reverse_tcp. The
solution was to bump the amount of space needed to help with encoding.
However, we flew a little too close to the sun, and introduced a
regression with bind_tcp on Windows XP SP2 EN where the payload stages
but does not run.
This shrinks the payload just enough to make bind_tcp work again, but
reverse_tcp also continues to work as expected.
2016-01-21 19:37:09 -06:00
216986f7af
Do API documentation, rspec, and other small changes
2016-01-21 17:22:14 -06:00
1a80878054
Create easyfilesharing_seh.rb
2016-01-21 13:46:43 -05:00
d515e4db64
Unwanted comment
2016-01-21 00:55:08 -06:00
bda76c7340
Update lastpass_creds module
2016-01-21 00:53:16 -06:00
a8feb8cad5
make passwords faster for reading huge wordlest files
2016-01-21 03:32:50 +03:00
4cb19c75a6
Enhance the module and add version check
2016-01-21 03:19:31 +03:00
9b43876270
Create EasyFileSharing_SEH.rb
2016-01-20 18:18:00 -05:00
fcaef76215
Do a version check
...
This attack is not suitable for newer versions due to the
mitigation in place.
2016-01-20 17:14:44 -06:00
ad107a2d1c
Show - No Auth Required - Just Once
2016-01-19 08:29:33 +08:00
a7cd5991ac
Add encoding of the upload path into the module
2016-01-17 22:44:41 +00:00
5660c1238b
Fix problem causing upload to fail on versions 1.2 and 1.3 of theme
2016-01-17 18:44:00 +00:00
0b78406d29
clear Metasploit::Framework::LoginScanner::REDIS.new
2016-01-16 13:12:04 +08:00
b2983e1ee7
replace #{rhost}: #{rport} with #{peer}
2016-01-16 13:05:35 +08:00
2abaca3f6b
include Msf::Auxiliary::Redis / Remove default RPORT option
2016-01-16 12:58:02 +08:00
643ebfed7e
format print_status output for get_srv/get_tld
2016-01-16 11:21:16 +08:00
348ae586a7
Handle vault parsing exceptions
2016-01-15 14:54:59 -08:00
3d04f405b4
Update telisca_ips_lock_control.rb
...
commit the changes mad by sinn3r and replace headers on lock and unlock
2016-01-15 15:05:24 +00:00
477dc64e1e
Rename module
2016-01-14 19:45:00 -06:00
eb6cff77bc
Update the code to today's standards
...
Mainly making sure it is following the Ruby style guide, and
avoid unrecommended coding practices.
2016-01-14 19:38:59 -06:00
e7e63d92be
Land #6467 : fix missing requires in payloads
...
Fixes #6460
2016-01-15 07:42:14 +10:00
fec75c1daa
Land #6457 , FileDropper for axis2_deployer
2016-01-14 15:10:05 -06:00
28cf943bcb
Fix a couple of missing requires in payloads.
...
This pops up occasionally. This fixes a couple of anecdotal reports of missing
requires that cause the loader to fail, depending on the directory sort order.
It also fixes the problem as reported in #6460
2016-01-14 13:17:26 -06:00
8479d01029
Land #6450 , add TLS support to MSSQL
2016-01-14 12:17:40 -06:00
37178cda06
Land #6449 , properly handle HttpServer resource collisions
2016-01-14 12:15:18 -06:00
7e1446d8fa
Land #6400 , iis_webdav_upload_asp improvements
2016-01-14 12:12:33 -06:00
46f06516ad
Update /telisca_ips_lock_abuse
...
cleaning the code
2016-01-14 11:13:10 +00:00
Brent Cook