1
mirror of https://github.com/rapid7/metasploit-framework synced 2024-10-29 18:07:27 +01:00
Commit Graph

8144 Commits

Author SHA1 Message Date
William Vu
7a2d3f5ebd
Land #5082, firefox_proxy_prototype autopwn_info 2015-04-06 13:36:03 -05:00
William Vu
e1af495d21 Add extra release fixes 2015-04-06 13:08:40 -05:00
Tod Beardsley
b62011121b
Minor word choice fix on Solarwinds exploit
Removing the second person pronoun usage.

[See #5050]
2015-04-06 12:40:22 -05:00
Tod Beardsley
5be5b6097c
Minor grammar on #5030, Adobe Flash
[See #5030]
2015-04-06 12:36:25 -05:00
Tod Beardsley
1e6d895975
Description fixes on #4784, jboss exploit
Also, needed to run through msftidy.

[See #4784]
2015-04-06 12:34:49 -05:00
root
cd65e6f282 Add browser_autopwn info to firefox_proxy_prototype 2015-04-06 10:42:32 +05:00
William Vu
56dc7afea6
Land #5068, @todb-r7's module author cleanup 2015-04-03 16:00:36 -05:00
jvazquez-r7
828301a6cc
Land #5050, @wchen-r7's exploit for Solarwinds Firewall Security Manager
* CVE-2015-2284
2015-04-03 13:45:30 -05:00
jvazquez-r7
7c9b19c6f8
Do minor cleanup 2015-04-03 11:53:50 -05:00
scriptjunkie
0f7c644fff
Land #4784, JBoss Seam 2 upload exec exploit 2015-04-02 22:32:35 -05:00
Tod Beardsley
3ff91d74ca
More cleanup, mostly abysssec
[See #5012]
2015-04-02 16:16:38 -05:00
Tod Beardsley
11057e5b3b
Fix up the last couple from Tenable, missed last
[See #5012]
2015-04-02 15:27:46 -05:00
Tod Beardsley
4bbec88882
Various other one-off nonhuman author credits
[See #5012]
2015-04-02 15:25:47 -05:00
Tod Beardsley
6532fad579
Remove credits to Alligator Security Team
All but one of these modules credits both a team name and individual
team members. We should just be crediting team members. The domain
persists in all the other credits.

The one that didn't was credited to dflah_ specifically, so merely
changed the author name.

Longer description, if needed, wrapped at 72 characters.

[See #5012]
2015-04-02 15:12:22 -05:00
Tod Beardsley
b17727d244
Switching to privileged => false 2015-04-01 14:35:45 -05:00
Tod Beardsley
0825534d2c
Fix reference 2015-04-01 14:16:45 -05:00
Tod Beardsley
8ec71e9daf
Add a module for R7-2015-05 2015-04-01 14:05:41 -05:00
sinn3r
0b14a18ad2 This is final 2015-04-01 12:00:49 -05:00
sinn3r
0ee858cd65 Some useful messages 2015-04-01 01:41:31 -05:00
sinn3r
8ad07cdc0f This should be on the right track 2015-04-01 01:27:50 -05:00
sinn3r
6795c90eac Some progress 2015-03-31 20:46:34 -05:00
sinn3r
97305629cb Add Solarwinds FSM module
starter
2015-03-31 16:21:52 -05:00
sinn3r
8ea1ffc6ff
Land #5030, CVE-2015-0313 Flash Exploit 2015-03-30 11:31:53 -05:00
h00die
28b9e89963 removed duplicate "uses" from description 2015-03-29 19:40:31 -04:00
William Vu
ef8c0aac69
Land #5020, spelling fixes for some modules 2015-03-28 00:36:04 -05:00
jvazquez-r7
f84a46df63
Add module for CVE-2015-0313 2015-03-27 18:51:13 -05:00
sinn3r
9cfafdd8b8
Land #4649, improve post/windows/manage/run_as and as an exploit 2015-03-27 17:31:30 -05:00
C-P
4f4bf9debb paylod vs payload 2015-03-27 11:55:15 -07:00
C-P
0a8fe781d1 paylod vs payload 2015-03-27 11:54:14 -07:00
C-P
5ba614a325 payloda vs payload 2015-03-27 11:53:20 -07:00
C-P
2d81460583 Explot vs Exploit 2015-03-27 11:37:11 -07:00
C-P
f129347b51 Filed vs Failed fix 2015-03-27 11:28:50 -07:00
C-P
48484c1f09 Filed vs Failed fix 2015-03-27 11:27:36 -07:00
sinn3r
955c0557e0
Land #4988, Relative URL for ms14_064_ole_code_execution 2015-03-26 13:36:37 -05:00
jvazquez-r7
d84c48cb7d
Use newer hash syntax 2015-03-25 13:39:34 -05:00
jvazquez-r7
72a0909e9b
Land #4992, @wchen-r7's support for multiple ActiveX controls on BrowserExploitServerMerge 2015-03-25 13:30:36 -05:00
Tod Beardsley
49a6057f74
Grammaring harder 2015-03-24 11:10:36 -05:00
William Vu
7c456f2ad8
Land #4993, ams_xfr "payload_exe" NameError fix 2015-03-24 00:51:49 -05:00
sinn3r
8255e7a2dc Fix #4987 - undef payload_exe for ams_xfr
Fix #4987
2015-03-24 00:42:22 -05:00
William Vu
3dac6377d0
Fix #4983, bad copy pasta'd deprecation year 2015-03-24 00:34:54 -05:00
William Vu
fadac30f00 Fix deprecated year 2015-03-24 00:34:38 -05:00
William Vu
6353154865
Land #4983, renamed WordPress modules 2015-03-23 23:49:40 -05:00
William Vu
e338b77389 Readd and deprecate renamed WordPress modules 2015-03-23 23:48:56 -05:00
sinn3r
db243a8225 x360_video_player_set_text_bof actually uses SetText for ActiveX 2015-03-23 23:36:20 -05:00
sinn3r
3248f02c2c These exploits use :activex, so I update the usage for them 2015-03-23 19:34:24 -05:00
andygoblins
89e27d98ab Use relative URL to GET payload for WinXP
Relative URLs are simpler, and allow the exploit to work on attack machines in NAT environments. Example: attack machine is NATed and does not have a DNS hostname. SRVHOST must be 0.0.0.0 but the victim cannot access the attacker from Rex::Socket.source_address
2015-03-23 14:40:06 -05:00
Tod Beardsley
21a97c0926
Add exploit for R7-2015-04, Firefox Proxy RCE 2015-03-23 13:44:41 -05:00
sinn3r
156520338d Making some changes to how BES handles ActiveX 2015-03-23 12:21:27 -05:00
aushack
b191f92713 Renamed WordPress files to fit majority naming convention. 2015-03-23 18:15:04 +11:00
jvazquez-r7
2d1adf6ef4
Land #4923, @m-1-k-3's exploit for overflow on belkin routers 2015-03-22 02:05:35 -05:00