metasploit-gs

Author	SHA1	Message	Date
Alan Foster	30809787c4	Convert disclosure dates to iso8601	2020-10-02 21:00:37 +01:00
Clément Notin	33e35bae7c	Add descriptions to auxiliary modules Actions And a little formatting Closes #13403 Update modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/backupexec/dump.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/http/arris_motorola_surfboard_backdoor_xss.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/android/android_stock_browser_iframe.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/admin/tikiwiki/tikidblib.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/smb.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/telnet.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/vnc.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/fakedns.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/tftp.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/http/gzip_bomb_dos.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/http/ibm_lotus_notes.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/http/ibm_lotus_notes2.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/http/webkitplus.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/dos/windows/browser/ms09_065_eot_integer.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/example.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/android_browser_file_theft.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/android_browser_new_tab_cookie_theft.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/apple_safari_webarchive_uxss.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/browser_lanipleak.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/firefox_pdfjs_file_theft.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/flash_rosetta_jsonp_url_disclosure.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/samsung_browser_sop_bypass.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/http.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/http_basic.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/http_ntlm.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/http_ntlmrelay.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/socks4a.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/socks5.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/sip.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/postgresql.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/local_hwbridge.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/webkit_xslt_dropper.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/socks_unc.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/client/iec104/iec104.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/browser_info.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/drda.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/ftp.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/mssql.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/mysql.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/pop3.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/dns/spoofhelper.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/server/capture/printjob_capture.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update description following Actions removal Update modules/auxiliary/gather/browser_info.rb Update modules/auxiliary/gather/browser_info.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com> Update modules/auxiliary/gather/browser_info.rb Co-authored-by: wvu-r7 <wvu-r7@users.noreply.github.com>	2020-05-17 14:51:14 -05:00
William Vu	23bc62dac3	Land #12818 , Cable Haunt WebSocket DoS module	2020-03-31 15:57:03 -05:00
William Vu	8811c51644	Clean up module and update module doc	2020-03-31 12:23:19 -05:00
Adam Galway	f165527e88	Land #12851 , DOS attack on Tautulli <=2.1.9	2020-03-19 16:42:07 +00:00
Brent Cook	8489bcdfd9	This fixes broken links to the community.rapid7.com blog Performed mechanically with sed, spot-checked that the new blog can consume these links.	2020-02-18 09:06:11 -06:00
Nicholas Starke	ef4b72cc5a	Adding EDB reference	2020-01-17 07:49:28 -06:00
İsmail Taşdelen	574bfbed84	add exploit module tautulli_shutdown_exec [ CVE-2019-19833 ] add exploit module tautulli_shutdown_exec [ CVE-2019-19833 ]	2020-01-17 13:57:32 +03:00
Nicholas Starke	0387d09e67	Changing faulty parameter descriptions	2020-01-13 10:09:06 -06:00
Nicholas Starke	8593f68c14	Adding Cable Haunt WebSocket DoS Module This module exploits a vulnerability in Sagecom Cable Modems from a variety of manufacturers. Since the firmware for vulnerable modems will vary based on Make, Model, and ISP, this module can only be used to verify the presence of the vulnerability, and not actually return a shell. Successful exploitation will most likely disrupt all upstream services. Module documentation is included in this commit.	2020-01-12 19:56:42 -06:00
Brent Cook	d87f752591	add module docs	2019-12-26 13:31:38 -06:00
Brent Cook	b177a8235d	adjust indentation	2019-12-26 13:05:21 -06:00
Brent Cook	3dac95ed32	fix enumeration handling	2019-12-26 13:00:52 -06:00
p0	8576a7876a	changed disclosure date to ISO 8601 format	2019-10-09 21:53:47 +02:00
Jose Garduno	d65775e5bf	added metasploit http DoS module	2019-10-09 16:54:43 +02:00
CFP	315d7f28c1	Replace `path` with `uri` to fix #11776	2019-04-25 23:08:19 +02:00
Javan Rasokat	8350effaa5	Fixed wrong check (did never work) * HOST was always localhost * Now sends both Range and the legacy 'Request-Range' TODO: Method HEAD is not always sufficient, should be editable	2019-04-03 16:23:58 +02:00
Brent Cook	ddef5b4961	MSF5: Remove unneeded RHOST deregister in scanners With Metasploit 5, RHOST and RHOSTS are aliases, so no need to deregister one or the other, as they are the same option. Deregistering one deregisters both.	2019-03-05 13:04:49 -06:00
Brendan Coles	467e0877f5	res.code	2018-11-18 12:40:09 +00:00
Rob	6f5a8f8f42	Fix outdated metadata	2018-10-01 18:59:09 +01:00
William Vu	4c036e70c1	Fix http://seclists.org links to https:// I have no idea how this happened in my own code. I was seeing https://.	2018-09-15 18:54:45 -05:00
Christian Mehlmauer	7431ae401b	fix more errors	2018-08-28 13:49:31 +02:00
William Vu	5096eee2ec	Land #10120 , npm "marked" ReDoS module	2018-08-16 15:01:12 -05:00
William Vu	3c1befdacb	Clean up module	2018-08-16 15:00:56 -05:00
asoto-r7	1a3a4ef5e4	Revised 88 aux and exploit modules to add CVEs / references	2018-07-12 17:34:52 -05:00
Nicholas Starke	936632f180	Minor Tweaks to Module This commit changes some logic around on a few different conditional portions of code.	2018-06-14 10:06:42 -05:00
Dhiraj Mishra	c0a5a65e0c	Updated Suggestion's by acammack-r7	2018-06-14 11:25:00 +05:30
Dhiraj Mishra	b44265fcb2	Minor tweaks Suggestion's made by bcoles	2018-06-11 13:25:02 +05:30
Dhiraj Mishra	51823b1d3d	Spaces at EOL	2018-06-09 15:58:11 +05:30
Dhiraj Mishra	d3a18b2ce9	Some tweak Thanks bcloes 😎	2018-06-09 12:15:21 +05:30
Dhiraj Mishra	76588aed09	Error at disclosure date format	2018-06-09 12:03:41 +05:30
Dhiraj Mishra	f1d29e730f	Spaces at EOL	2018-06-09 11:53:21 +05:30
Dhiraj Mishra	6e8412fa73	CVE-2018-11646 - Webkit+	2018-06-09 11:43:47 +05:30
Nicholas Starke	53d9dc75d8	Adding npm component "marked" ReDoS module This commit adds a module for the npm component "marked" which exploits a Regular Expression Denial of Service (ReDoS) vulnerability in the "heading" regular expression. Also included is the documentation markdown for this module.	2018-05-31 13:33:09 -05:00
Aaron Soto	c8b2fc8a35	Land #9701 , Flexense HTTP Server DoS exploit	2018-05-29 16:19:59 -05:00
Aaron Soto	026b22d061	Refined packet sizes and counts, improved error messages	2018-05-29 16:09:27 -05:00
Ege Balcı	3ab7526786	Name & description Change Exploit::CheckCode changed to Unknown as suggested.	2018-05-25 20:22:51 +03:00
Ege Balcı	2950c84660	Better code. Added check function. Smaller & cleaner code.	2018-03-12 20:33:46 +03:00
Ege Balcı	420905137b	CVA added.	2018-03-12 08:42:28 +03:00
Ege Balcı	d71b6bdf0d	Update syncbreeze_enterprise_dos.rb msftidy.rb adjustment.	2018-03-11 23:27:46 +03:00
Ege Balcı	0e4e260a02	Adding Sync Breeze Enterprise 10.6.24 DOS This module triggers a Denial of Service vulnerability in the Sync Breeze Enterprise HTTP server. Vulnerable version of the product can be downloaded here (http://www.syncbreeze.com/setups/syncbreezeent_setup_v10.6.24.exe). After installing the software web server should be enabled via Options->Server->Enable web server on port. Module triggers a user space write access violation on syncbrs.exe memory region. Number of requests that will crash the server changes between 200-1000 depending on the OS version and system memory.	2018-03-11 23:07:50 +03:00
Adam Cammack	9a8f1ace2d	Add slowloris support for IPv6 and hostnames Replace manual socket creation with `socket.create_connection` to get auto-detection goodness.	2018-03-07 17:06:04 -06:00
h00die	62573731fe	remove empty line	2018-01-24 20:54:21 -05:00
h00die	4be0e7f9ef	final fixes for brother debut dos	2018-01-24 20:53:08 -05:00
h00die	fb75cd4617	it does work!	2018-01-04 14:44:43 -05:00
h00die	e23e87b444	bcoles fixes	2018-01-02 20:23:24 -05:00
h00die	bc0a08ef5a	a few updates per bcoles	2017-12-30 11:23:58 -05:00
h00die	67c2119736	oh brother	2017-12-29 14:16:34 -05:00
Brent Cook	a8b845fff9	Land #9283 , Add node.js ws websocket library DoS module	2017-12-20 14:20:42 -06:00
Nicholas Starke	dd5532c5de	Addressing Formatting Issues There were several formatting and layout issues that are fixed in this commit. Also changing `RHOSTS` to `RHOST`.	2017-12-13 14:26:27 -06:00

1 2 3 4 5 ...

263 Commits