adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

2369 Commits

Author SHA1 Message Date
jvazquez-r7 fdd7c375ad added linux native target 2013-03-07 19:12:25 +01:00
David Maloney 4212c36566 Fix up basic auth madness 2013-03-01 11:59:02 -06:00
David Maloney c290bc565e Merge branch 'master' into feature/http/authv2 2013-02-28 14:33:44 -06:00
Joe Rozner abdcde06cd Fix polarcms_upload_exec exploit 2013-02-25 22:58:26 -08:00
sinn3r 181e3c0496 Uses normalize_uri 2013-02-25 19:36:48 -06:00
sinn3r 1ed74b46be Add CVE-2013-0803 
From:
http://dev.metasploit.com/redmine/issues/7691
 2013-02-25 14:14:57 -06:00
sinn3r f3f913edc5 Correct bad naming style 2013-02-25 13:29:27 -06:00
sinn3r 690e7ec8a7 Uses normalize_uri 2013-02-25 13:28:00 -06:00
sinn3r b930613653 Merge branch 'kordil-edms-upload-exec' of github.com:bcoles/metasploit-framework into bcoles-kordil-edms-upload-exec 2013-02-25 12:43:50 -06:00
sinn3r 5fe2c26d82 Merge branch 'bcoles-glossword_upload_exec' 2013-02-25 12:41:05 -06:00
sinn3r 52241b847a Uses normalize_uri instead of manually adding a slash 2013-02-25 12:20:37 -06:00
bcoles d7c0ce4e4a Fix 'check()' in glossword_upload_exec 2013-02-25 15:52:07 +10:30
bcoles 1f46b3aa02 Add Glossword Arbitrary File Upload Vulnerability exploit 2013-02-25 01:59:46 +10:30
bcoles 002654317c Add Kordil EDMS File Upload Vulnerability exploit 2013-02-22 23:32:17 +10:30
jvazquez-r7 1913d60d65 multibrowser support 2013-02-21 01:13:25 +01:00
jvazquez-r7 bf216cca5c description and references updated 2013-02-20 18:14:53 +01:00
jvazquez-r7 d7b89a2228 added security level bypass 2013-02-20 17:50:47 +01:00
jvazquez-r7 d88ad80116 Added first version of cve-2013-0431 2013-02-20 16:39:53 +01:00
David Maloney 0ae489b37b last of revert-merge snaffu 2013-02-19 23:16:46 -06:00
James Lee 9d4a3ca729 Fix a typo that broke this module against x64 
[SeeRM #7747]
 2013-02-19 19:22:42 -06:00
jvazquez-r7 221ce22f53 make msftidy happy 2013-02-15 19:01:58 +01:00
Tod Beardsley 8ddc19e842 Unmerge #1476 and #1444 
In that order. #1476 was an attempt to salvage the functionality, but
sinn3r found some more bugs. So, undoing that, and undoing #1444 as
well.

First, do no harm. It's obvious we cannot be making sweeping changes in
libraries like this without a minimum of testing available. #1478 starts
to address that, by the way.

FixRM #7752
 2013-02-11 20:49:55 -06:00
James Lee 5b3b0a8b6d Merge branch 'dmaloney-r7-http/auth_methods' into rapid7 2013-02-08 12:45:35 -06:00
James Lee 9b6f2fcd1d Use the install path to tell us the separator 
Fixes the java target on windows victims
 2013-02-08 12:10:42 -06:00
James Lee 5b398076ae Couple of fixes for windows 
* Catch IOError when chmod doesn't exist (i.e. Windows)
* Proper escaping for paths
 2013-02-08 11:52:50 -06:00
James Lee 071df7241b Merge branch 'rapid7' into sonicwall_gms 
Conflicts:
	modules/exploits/multi/http/sonicwall_gms_upload.rb

Adds a loop around triggering the WAR payload, which was causing some
unreliability with the Java target.
 2013-02-07 21:53:49 -06:00
James Lee 1f9a09d5dd Add a method to upload and exec in one step 2013-02-07 21:09:32 -06:00
James Lee 13d1045989 Works for java and native linux targets 2013-02-07 16:56:38 -06:00
James Lee b6c6397da3 typo 2013-02-06 19:21:20 -06:00
James Lee 1095fe198b Merge branch 'rapid7' into dmaloney-r7-http/auth_methods 2013-02-06 16:57:50 -06:00
HD Moore 80a8bab02f Correct the CVE reference 2013-02-05 10:37:24 -06:00
sinn3r 42912bf286 Merge branch 'jjarmoc-rails_methods' of github.com:jjarmoc/metasploit-framework into jjarmoc-jjarmoc-rails_methods 2013-02-04 16:50:01 -06:00
Jeff Jarmoc 9b30e354ea Updates HTTP_METHOD option to use OptEnum. 2013-02-04 15:32:36 -06:00
sinn3r 45db43d2b3 Merge branch 'msftidy/no-twitter-handles' of github.com:todb-r7/metasploit-framework into todb-r7-msftidy/no-twitter-handles 2013-02-04 14:21:40 -06:00
David Maloney 8d013d1034 Merge branch 'master' into http/auth_methods 2013-02-04 13:11:57 -06:00
David Maloney 4c1e630bf3 BasicAuth datastore cleanup 
cleanup all the old BasicAuth datastore options
 2013-02-04 13:02:26 -06:00
HD Moore 4c8811bb8a Add a debug target 2013-02-03 23:24:44 -06:00
HD Moore 191eed88bc Fix liberal matching expression on target 2013-02-03 21:50:03 -06:00
HD Moore 9379c68e51 Fix typo, auto-fingerprint, unconnected sockets 2013-02-03 21:23:05 -06:00
HD Moore 42c8a2d265 Add VU and blog references 2013-02-03 18:17:51 -06:00
HD Moore c24da99104 Update authors, add Richard (thanks!) 2013-02-03 18:13:28 -06:00
HD Moore 9e491f0b1c Add a fingerprint string and more comments 2013-02-03 18:03:32 -06:00
HD Moore 1f227243b8 Make it clear BadChars are ignored 2013-02-03 17:54:25 -06:00
HD Moore 214a60aa01 iFix spacing 2013-02-03 17:52:33 -06:00
HD Moore 94953d0450 Fix idents from copypasta 2013-02-03 17:48:13 -06:00
HD Moore 975230c9e7 Add the first module for unique_service_name() 2013-02-03 17:46:20 -06:00
RageLtMan ffb88baf4a initial module import from SV rev_ssl branch 2013-02-03 15:06:24 -05:00
Tod Beardsley e8def29b4f Dropping all twitter handles 
Also adds "pbot" as an accepted lowercase word. This will come up pretty
routinley for functions and stuff.
 2013-02-01 16:33:52 -06:00
jvazquez-r7 70b252dc7b Merge branch 'normalize_uri_update2' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-normalize_uri_update2 2013-01-31 22:32:50 +01:00
egypt 5332e80ae9 Fix errant use of .to_s instead of .path 2013-01-31 14:18:42 -06:00