aaf18f0257
EOL whitespace, yo.
2013-01-29 14:22:30 -06:00
6002e35460
Merge pull request #1397 from wchen-r7/target_uri_fix
...
normalize_uri fixes (double slashes and trailing slash)
2013-01-29 11:26:30 -08:00
38785015e1
Missing period in description
2013-01-28 23:08:53 -06:00
464d048eca
Remove debugging print
2013-01-28 22:25:57 -06:00
dc19968555
Minor cleanups
2013-01-28 22:21:03 -06:00
c0757ce905
Add support for 2.x
2013-01-28 21:41:15 -06:00
92c736a6a9
Move fork stuff out of exploit into payload mixin
...
Tested xml against 3.2.10 and json against 3.0.19
2013-01-28 21:34:39 -06:00
ee2579607a
Working against 3.0.19
2013-01-28 21:05:14 -06:00
690ef85ac1
Fix trailing slash problem
...
These modules require the target URI to be a directory path. So
if you remove the trailing slash, the web server might return a
301 or 404 instead of 200.
Related to: [SeeRM: #7727 ]
2013-01-28 13:19:31 -06:00
49aac302e6
normalize_uri() breaks URI parsing
...
Please see: http://dev.metasploit.com/redmine/issues/7727
2013-01-26 22:57:01 -06:00
3faf4b3aca
adding sinn3r as author
2013-01-24 18:13:30 +01:00
f1f8782a5d
Merge branch 'payload_inject.rb' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-payload_inject.rb
2013-01-24 18:13:00 +01:00
2cedcad810
Check PID
2013-01-24 10:46:23 -06:00
1bccc410a3
Merge branch 'module-movabletype_upgrade_exec' of https://github.com/kacpern/metasploit-framework into kacpern-module-movabletype_upgrade_exec
2013-01-24 15:02:48 +01:00
ba41ee9c83
- applied all the changes from #1363
...
- some extra escaping for the sake of it
- removed the timeout in http_send_raw
2013-01-24 13:15:42 +00:00
96d0b13de2
Merge branch 'excellentrankings' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-excellentrankings
2013-01-24 13:00:01 +01:00
3146b7ce77
Change default target
...
ExcellentRanking requires the module to auto-target. If the payload
is universal, that works too.
2013-01-23 23:40:47 -06:00
0c0f4a3e66
Lower ranking because they cannot auto-target
...
In order to be qualified as ExcellentRanking, auto-target is a must,
or the module has to default to a payload that's universal for
multiple platforms. Otherwise you're wasting time in Pro.
2013-01-23 23:35:31 -06:00
75f3a62ac4
Explain why we need this empty on_new_session
2013-01-23 16:43:36 -06:00
9c3e9f798f
Lower the ranking, because it cannot auto-target.
...
When it's excellent, Pro will fire this first, and that will only
generate more traffic than actually popping a shell.
2013-01-23 16:39:24 -06:00
53599e4c45
It's better to have a version # in the title, easier to find
2013-01-23 16:32:57 -06:00
d1736b8880
Merge branch 'sonicwall_upload' of github.com:julianvilas/metasploit-framework into julianvilas-sonicwall_upload
2013-01-23 16:32:06 -06:00
ad108900d5
Why yes I know it's a module
2013-01-23 16:23:41 -06:00
22f7619892
Improve Carlos' payload injection module - See #1201
...
Lots of changes, mainly:
* Description update
* Avoid accessing protected methods
* More careful exception & return value handling
2013-01-23 16:15:14 -06:00
e93b7ffcaf
Add Carlos Perez's payload injection module
...
See #1201
2013-01-23 14:07:48 -06:00
f50c7ea551
A version number helps deciding which exploit to use
2013-01-23 11:43:39 -06:00
a1f8da9ff6
Merge branch 'master' of github.com:rapid7/metasploit-framework
2013-01-23 11:41:35 -06:00
ca144b9e84
msftidy fix
2013-01-23 11:40:12 -06:00
dd0fdac73c
fix indent
2013-01-23 18:19:14 +01:00
c47392f5d1
normalize_uri and path fix
2013-01-23 16:57:30 +00:00
ff875d04e0
- RPATH changed to TARGETURI
...
- both CVE numbers referenced
- sightly changed exception handling
2013-01-23 16:50:35 +00:00
8bcf4a86ef
Update modules/exploits/multi/browser/java_jre17_method_handle.rb
...
Wrong reference type (URL instead of OSVDB)
2013-01-23 17:14:53 +01:00
a3fa7cc6bc
adjusted disclosure date
2013-01-23 12:49:08 +00:00
e78174297e
assuring stdapi loads on meterpreter
2013-01-23 12:44:55 +01:00
5d6ca30422
removed spaces at EOL
2013-01-23 10:33:55 +00:00
17d1c9f996
- expanded description
...
- updated references
2013-01-23 10:29:11 +00:00
9c9a0d1664
Added module for cve-2012-0432
2013-01-23 10:51:29 +01:00
8819059499
Merge branch 'zoneminder_packagecontrol_exec' of github.com:bcoles/metasploit-framework into bcoles-zoneminder_packagecontrol_exec
2013-01-22 14:41:40 -06:00
807bd6e88a
Merge branch 'java_jre17_glassfish_averagerangestatisticimpl' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_glassfish_averagerangestatisticimpl
2013-01-22 15:33:39 +01:00
c498930644
Merge branch 'java_jre17_method_handle' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_method_handle
2013-01-22 15:33:07 +01:00
8a59c7b8fb
removed extra print_status() calls
2013-01-22 12:31:40 +00:00
970591a85f
Add ZoneMinder arbitrary command execution exploit
2013-01-22 22:56:50 +10:30
08a5f467b1
added URL for developer site
2013-01-22 12:14:38 +00:00
cd29a88c18
added Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
2013-01-22 11:58:24 +00:00
eb92070df8
added module for CVE-2013-1359
2013-01-22 01:54:41 +01:00
967c04e727
finally it doesn't use FileDropper atm
2013-01-20 19:54:24 +01:00
76edbb9e1c
Merge branch 'module-jenkins-script-console' of https://github.com/zeroSteiner/metasploit-framework into zeroSteiner-module-jenkins-script-console
2013-01-20 19:53:44 +01:00
9769efbf01
references and date updated
2013-01-20 17:38:37 +01:00
dc318c5aed
update php_charts_exec metadata
2013-01-21 02:12:42 +10:30
f975a42571
move and update php_charts_exec metadata
2013-01-21 02:10:48 +10:30
Tod Beardsley