adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
18,100 Commits 27 Branches 1,043 Tags
ee46771de560882e1f0446eec43e75f0833f3dd1
Commit Graph

9048 Commits

Author SHA1 Message Date
jvazquez-r7 ee46771de5 Land #1799, @m-1-k-3's auth bypass module for Dlink DSL320 2013-05-12 17:34:08 -05:00
sinn3r 7fcf20201b Ranking should be the same (to GoodRanking) 2013-05-11 09:19:25 -05:00
jvazquez-r7 d37d211ecc Fix short escape sequences error 2013-05-09 17:29:55 -05:00
jvazquez-r7 4147a27216 Land #1667, @nmonkee's sap_soap_rfc_sxpg_command_exec exploit 2013-05-09 17:00:11 -05:00
jvazquez-r7 6842432abb Land #1678, @nmonkee's sap_soap_rfc_sxpg_call_system_exec exploit 2013-05-09 16:52:01 -05:00
jvazquez-r7 cf05602c6f Land #1661, @nmonkee's sap_soap_rfc_eps_get_directory_listing module 2013-05-09 16:46:13 -05:00
jvazquez-r7 b18a98259b Modify default rport 2013-05-09 16:24:54 -05:00
jvazquez-r7 3e1d1a3f98 Land #1659, @nmonkee's sap_soap_rfc_eps_delete_file module 2013-05-09 16:22:54 -05:00
nmonkee 53c08cd60f fix incorrect printing typo 2013-05-09 21:37:04 +01:00
sinn3r 9043eeda66 A slight change for stability 
While updating ie_cgenericelement_uaf earlier today, I noticed the
changes made it a tiny bit less stable. Juan's test log in #1809
also kinda shows that (with the first attempt failing), so I decided
to go back and move the string crafting part, that way between
CollectGarbage() and the overwrite, there is less noise, and hopefully
more stable.  I did a few tests, seems better.
 2013-05-08 20:02:55 -05:00
jvazquez-r7 bdd2287daf Land #1809, @wchen-r7's modification for ie_cgenericelement_uaf 2013-05-08 16:21:11 -05:00
sinn3r 0e51042a01 Landing #1808 - ERS Viewer 2011 bof (CVE-2013-0726) 2013-05-08 15:51:46 -05:00
sinn3r 9a1400a75b Forgot to remove this print_warning 2013-05-08 15:44:04 -05:00
sinn3r 075f6e8d45 Updates ROP chain and mstime_malloc usage 2013-05-08 15:42:45 -05:00
Tod Beardsley 4c75354a6a Land #1786, request_cgi instead of request_raw 
Also some other small changes to modules, such as sensible defaults for
options.
 2013-05-08 14:58:04 -05:00
sinn3r c7609ac7d1 Initial update 2013-05-08 14:24:52 -05:00
jvazquez-r7 1aa80cd35e Add module for CVE-2013-0726 2013-05-08 13:48:48 -05:00
jvazquez-r7 e939de583c Clean up and multi platform support for sap_soap_rfc_sxpg_command_exec 2013-05-07 22:46:39 -05:00
jvazquez-r7 5f59d9f723 Move sap_soap_rfc_sxpg_command_exec to multi dir 2013-05-07 22:46:04 -05:00
jvazquez-r7 ab60e0bfb7 Fix print message 2013-05-07 22:41:15 -05:00
jvazquez-r7 24bad9c15c Clean up sap_soap_rfc_sxpg_call_system_exec and make it multi platform 2013-05-07 17:03:10 -05:00
jvazquez-r7 76f6d9f130 Move module to multi-platform location 2013-05-07 17:01:56 -05:00
m-1-k-3 e3582887cf OSVDB, Base64 2013-05-07 08:28:48 +02:00
jvazquez-r7 fff8593795 Fix author name 2013-05-06 17:34:37 -05:00
jvazquez-r7 c84febb81a Fix extra character 2013-05-06 15:19:15 -05:00
jvazquez-r7 92b4d23c09 Add Mariano as Author because of the abuse disclosure 2013-05-06 15:15:15 -05:00
jvazquez-r7 db243e78c8 Land #1682, sap_router_info_request fix from @nmonkee 2013-05-06 15:13:57 -05:00
jvazquez-r7 85581a0b6f Clean up sap_soap_rfc_eps_get_directory_listing 2013-05-06 13:21:42 -05:00
jvazquez-r7 1fc0bfa165 Change module filename 2013-05-06 13:20:07 -05:00
m-1-k-3 0f2a3fc2d4 dsl320b authentication bypass - password extract 2013-05-06 14:31:47 +02:00
jvazquez-r7 7b960a4f18 Add OSVDB reference 2013-05-06 00:54:00 -05:00
jvazquez-r7 a17062405d Clean up for sap_soap_rfc_eps_delete_file 2013-05-06 00:53:07 -05:00
jvazquez-r7 5adc2879bf Change module filename 2013-05-06 00:51:23 -05:00
jvazquez-r7 66a5eb74c5 Move file to auxiliary/dos/sap 2013-05-06 00:50:50 -05:00
David Maloney e40695769d unbotch merge? 2013-05-05 16:43:56 -05:00
David Maloney 2d99167fe7 Merge commit 'b0f5255de8f78fb0d54be1ee49f43455968d6740' into upstream-master 2013-05-05 16:41:18 -05:00
David Maloney b0f5255de8 fix ssh_creds username 
ssh_creds post module as not saving
the username in the cred objects
 2013-05-05 16:31:28 -05:00
Tod Beardsley 8239998ada Typo on URL for #1797. Thx @Meatballs1 2013-05-05 12:26:06 -05:00
Tod Beardsley c9ea7e250e Fix disclosure date, ref for #1897 2013-05-05 12:13:02 -05:00
Tod Beardsley e9841b216c Land #1797, IE8 DoL exploit module from @wchen-r7 
Exploit for an in-the-wild unpatched vuln in IE8. @jvazquez-r7 already
reviewed functionality
 2013-05-05 12:06:45 -05:00
sinn3r a33510e821 Add MS IE8 DoL 0day exploit (CVE-2013-1347) 
This module exploits a use-after-free vuln in IE 8, used in the
Department of Labor attack.
 2013-05-05 12:04:17 -05:00
HD Moore 63b0eace32 Add a missing require 2013-05-04 22:39:57 -05:00
m-1-k-3 c3e9503c0b tplink traversal - initial commit 2013-05-03 14:27:13 -05:00
jvazquez-r7 589be270bf Land #1658, @nmonkee's SAP module for PFL_CHECK_OS_FILE_EXISTENCE 2013-05-03 14:19:36 -05:00
jvazquez-r7 13202a3273 Add OSVDB reference 2013-05-03 09:46:29 -05:00
jvazquez-r7 a95de101e7 Delete extra line 2013-05-02 22:04:27 -05:00
jvazquez-r7 6210b42912 Port EDB 25141 to msf 2013-05-02 22:00:43 -05:00
jvazquez-r7 a2e1fbe7a9 Make msftidy happy 2013-05-02 19:46:26 -05:00
jvazquez-r7 f57b2de632 Land #1787, @wchen-r7's mod to ie_cbutton_uaf to use the js_mstime_malloc API 2013-05-02 19:44:19 -05:00
Tod Beardsley 7579b574cb Rework parse_xml 
We try to avoid using Nokogiri in modules due to the sometimes
uncomfortable dependencies it creates with particular compiled libxml
versions. Also, the previous parse_xml doesn't seem to be correctly
skipping item entries with blank names.

I will paste the test XML in the PR proper, but do check against a live
target to make sure I'm not screwing it up.
 2013-05-02 14:43:30 -05:00