1b6fe22359
Give proper credit to Craig plus additional references
...
Craig first found the buffer overflow. But Matt found a more
reliable way to exploit the flaw.
2012-08-21 22:48:15 -05:00
3da8a59cf0
a little cleanup plus complete metadata
2012-08-20 22:42:54 +02:00
d226135986
Code Review Feedback
...
Removed trailing spaces and fixed indenting.
2012-08-20 10:41:42 -04:00
d82493a658
Code Review Feedback
...
Added 'Space' payload option, which in turn also required 'DisableNops'
Added/Corrected documentation for return addresses
2012-08-19 22:09:08 -04:00
bd249d1f28
Fixed exploit and made code review changes
...
The exploit was not working due to the user's root path causing
the EIP offset to change. To correct this, I was able to get
the server to disclose the root path in an error message (fixed in
5.67). I also radically refactored the exploit due to the feedback
I received from Juan Vazquez.
2012-08-19 10:01:03 -04:00
6dfe706860
Merge remote-tracking branch 'upstream/master' into sysax_create_folder
2012-08-19 09:58:04 -04:00
6059bb5710
Merge branch 'cyclope' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-cyclope
2012-08-13 11:40:46 -05:00
f9b5f321cb
ADD OSVDB-84517
2012-08-12 17:56:18 -05:00
bf04e2dded
Added module for CVE-2011-2653
2012-08-12 18:27:56 +02:00
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
57c32c9c7b
Slip Plixer's name in there, because it's their product.
2012-08-07 12:20:44 -05:00
c2cc4b3b15
juan author name updated
2012-08-06 18:59:16 +02:00
eb963ae52a
add osvdb ref
2012-08-05 09:01:46 -05:00
d5b165abbb
Msftidy.rb cleanup on recent modules.
...
Notably, DisclosureDate is required for other module parsers, so let's
not ignore those, even if you have to guess at the disclosure or call
the module's publish date the disclosure date.
2012-08-04 12:18:00 -05:00
6ae863cdff
Forgot two extra spaces, how dare me!
2012-08-01 15:11:33 -05:00
92d1d26288
Add CVE-2012-2962 : Dell SonicWall Scrutinizer exploit
2012-08-01 15:00:24 -05:00
2f7b5f35af
Added Sysax 5.64 Create Folder exploit
2012-07-29 10:40:02 -04:00
b527356e00
This check can be handy
2012-07-22 03:34:16 -05:00
beb1fbb55d
Added module for Simple Web Server Connection header bof
2012-07-21 12:07:36 +02:00
7f3aeca501
Put lipstick on this pig for the time being
2012-07-15 21:35:29 -05:00
24c57b61a8
Add juan as an author too for improving the module a lot
2012-07-06 10:41:06 -05:00
9fecc80459
User of TARGETURI plus improve of description
2012-07-06 15:47:25 +02:00
7751c54a52
references updates
2012-07-06 11:56:03 +02:00
f8ca5b4234
Revision of pull request #562
2012-07-06 11:52:43 +02:00
a3d74f5b10
Correct dead milw0rm references
2012-06-30 16:50:04 -05:00
e5dd6fc672
Update milw0rm references.
...
milw0rm.com is long gone, so all milw0rm references are just
a bunch of broken links. Change to exploit-db instead.
2012-06-28 14:27:12 -05:00
7c9a8ba699
Add OSVDB reference
2012-06-28 02:09:12 -05:00
d85ce8db5c
Update CVEs for HTTP exploits
2012-06-28 00:00:53 -05:00
348a0b8f6e
Merge branch 'master' into feature/vuln-info
2012-06-24 23:00:13 -05:00
6be7ba98aa
ezserver_http: added bid reference
2012-06-20 22:08:58 +02:00
f7ecc98923
Merge branch 'master' into feature/vuln-info
2012-06-20 13:34:53 -05:00
d40e39b71b
Additional exploit fail_with() changes to remove raise calls
2012-06-19 19:43:41 -05:00
3b1c434252
Remove trailing space
2012-06-19 16:44:07 -05:00
fb7f6b49f0
This mega-diff adds better error classification to existing modules
2012-06-19 12:59:15 -05:00
4987acc703
Correct e-mail format, description, and some commas.
2012-06-18 18:52:26 -05:00
2df237b066
minor fixes
2012-06-18 22:44:17 +02:00
d706199a83
fix all changes suggested by jvazquez-r7
2012-06-19 02:05:25 +07:00
a8a4594cd4
Documenting esi alignment plus using target_uri.to_s
2012-06-16 09:26:22 +02:00
1d121071f3
Prepend nops to raw payload in encoder if needed
2012-06-15 09:59:10 +02:00
091b3bbbd9
Added module plus encoder for CVE-2012-2329
2012-06-15 00:29:52 +02:00
a071d2805e
Fix the rest of possible nil res bugs I've found
2012-06-04 14:56:27 -05:00
3752c10ccf
Adding FireFart's RPORT(80) cleanup
...
This was tested by creating a resource script to load every changed
module and displaying the options, like so:
````
use auxiliary/admin/2wire/xslt_password_reset
show options
use auxiliary/admin/http/contentkeeper_fileaccess
show options
````
...etc. This was run in both the master branch and FireFart's branch
while spooling out the results of msfconsole, then diffing those
results. All modules loaded successfully, and there were no changes to
the option sets, so it looks like a successful fix.
Thanks FireFart!
Squashed commit of the following:
commit 7c1eea53fe3743f59402e445cf34fab84cf5a4b7
Author: Christian Mehlmauer <FireFart@gmail.com >
Date: Fri May 25 22:09:42 2012 +0200
Cleanup Opt::RPORT(80) since it is already registered by Msf::Exploit::Remote::HttpClient
2012-06-02 09:53:19 -05:00
18c8314d79
Change unknown authors to "Unknown".
...
Since "Anonymous" has become a well known organization, the meaning of the
term also may cause confusion. In order to clarify, we correct unknown
authors to simply "Unknown".
2012-05-26 15:23:09 -05:00
7b0fbaed23
Merge pull request #417 from wchen-r7/rabidhamster
...
Add OSVDB-79007 - RabidHamster R4 Log Entry BoF
2012-05-25 01:11:17 -07:00
d595f908fc
Add OSVDB-79007
2012-05-25 03:06:28 -05:00
675dfe4e14
Don't keep the weblogi return codes secret
2012-05-21 11:27:24 -05:00
f9bcb95952
Correct EDB references
2012-05-19 02:24:29 -05:00
bedf010676
description modified
2012-05-18 01:23:09 +02:00
e7f5bf132c
trying to improve bea weblogic connector bof
2012-05-18 01:13:56 +02:00
c0d17734ed
Improve run-on sentences.
2012-05-17 15:00:00 -05:00
sinn3r