7503f643cc
Deprecate windows/fileformat/office_word_macro
...
Please use exploits/multi/fileformat/office_word_macro instead,
because the new one supports OS X.
2017-02-16 12:32:14 -06:00
1d617ae389
Implement first pass of architecture/platform refactor
2016-10-28 07:16:05 +10:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
d1281b6594
Chmod to remove the exec bit.
2016-06-30 10:43:46 -04:00
2480781409
pesky pry.
2016-06-27 01:55:49 -04:00
c2b4e22b46
updated with discovered changes from k kali & documentation update changes requested.
2016-06-27 01:53:20 -04:00
15a1a9ed71
Raise if payload.arch doesn't match expected
...
This is necessary when payload is a generic/* since we can't actually
figure out what we need the prefix/suffix to be because the generics are
a pain to extract the arch/platform info out of.
Also remove some unnecessary options.
2016-06-24 16:08:47 -05:00
3fb9eae687
EOL space if a ruby devil.
2016-06-23 15:40:16 -07:00
b38b116c9a
@ePaul comments added to description.
2016-06-23 15:33:11 -07:00
08d08d2c95
Fix Java payload generator
2016-06-23 14:51:26 -05:00
464808d825
First, put the RC data in the module proper
2016-06-23 14:43:37 -05:00
92c70dab6f
Real array, and fix PHP
2016-06-23 13:22:21 -05:00
ffabf26593
No Automatic target.
2016-06-23 12:50:23 -05:00
7a36d03fe3
Trying multi arch
2016-06-23 12:34:51 -05:00
47674c77ad
chmod 644 swagger_param_inject.rb
2016-06-23 11:49:16 -04:00
fbd0bc4308
updated as per @egypt & @todb-r7 recommendations.
2016-06-23 11:41:54 -04:00
fc79f3a2a9
Modify for only NodeJS
...
Not sure if we can do multiple arch's in the same module. Doesn't look
like it's possible today.
See rapid7#7015
2016-06-23 10:14:57 -05:00
579a3bcf7c
default payload is NOT text based, so do nothing with it.
2016-06-23 07:00:14 -07:00
47e4321424
CVE-2016-5641
2016-06-23 06:09:37 -07:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
4bbec88882
Various other one-off nonhuman author credits
...
[See #5012 ]
2015-04-02 15:25:47 -05:00
483a145d19
Fix msftidy issues.
2015-02-18 14:08:03 -06:00
f8609ab0ba
Add file format exploit for injecting code into unpackers.
2015-02-18 11:26:45 -06:00
0f27c63720
fix msftidy warnings
2014-12-12 13:16:21 +01:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
170608e97b
Fix first chunk of msftidy "bad char" errors
...
There needs to be a better way to go about preventing/fixing these.
2014-03-11 11:18:54 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
0acb170ee8
Bug #8419 - Added platform info missing on exploits
2013-10-08 22:41:50 -04:00
4266b88a20
Move author name to just 'joev'
...
[See #2476 ]
2013-10-07 12:50:04 -05:00
b618c40ceb
Fix English
2013-09-26 09:00:41 -05:00
ff610dc752
Add vulnerability discoverer as author
2013-09-25 12:45:54 -05:00
5c88ad41a8
Beautify nodejs_js_yaml_load_code_exec metadata
2013-09-25 12:44:34 -05:00
99e46d2cdb
Merge branch 'master' into cve-2013-4660_js_yaml_code_exec
...
Conflicts:
modules/exploits/multi/handler.rb
2013-09-25 00:32:56 -05:00
c547e84fa7
Prefer Ruby style for single word collections
...
According to the Ruby style guide, %w{} collections for arrays of single
words are preferred. They're easier to type, and if you want a quick
grep, they're easier to search.
This change converts all Payloads to this format if there is more than
one payload to choose from.
It also alphabetizes the payloads, so the order can be more predictable,
and for long sets, easier to scan with eyeballs.
See:
https://github.com/bbatsov/ruby-style-guide#collections
2013-09-24 12:33:31 -05:00
a08d195308
Add Node.js as a platform.
...
* Fix some whitespace issues in platform.rb
2013-09-20 18:14:01 -05:00
49f15fbea4
Removes PayloadType from exploit module.
2013-09-20 18:01:55 -05:00
5fc724bced
Kill explanatory comment.
2013-09-16 21:34:38 -05:00
2c47e56d90
Adds module for yaml code exec.
2013-09-16 21:33:57 -05:00
e1e1cab797
Module gets me a shell, yay
2013-09-16 13:37:16 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
2f3bbdc00c
Sed replacement of exploit-db links with EDB refs
...
This is the result of:
find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/ \([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
4590844871
tons of indentation fixes, some other style tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
wchen-r7