flexnet_lmgrd_bof rand_text fix
Resolved conflicts merging back from release
Merge branch 'release'
Conflicts: lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb modules/exploits/windows/license/flexnet_lmgrd_bof.rb
Merge pull request #414 from wchen-r7/apprain
Add CVE-2012-1153
Module description update. TARGETURI description update.
Correct run-on sentence
Fix typos
Merge branch 'cve-2008-0320_openoffice_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-cve-2008-0320_openoffice_bof
added module for CVE-2008-0320
Updating release from master.
Added reference to vendor advisory
Adding extra ref from jjarmoc
randomization when possible for flexnet_lmgrd_bof
Added module for ZDI-12-052
Don't keep the weblogi return codes secret
Noting rhost/rport, cli.peerhost where appropriate
There's no msftidy check for this, and it's irritating to have toremember to do this all the time.
Consistent caps on SVG in batik_svg_java exploit
Also, modules should not refer to themselves as "I" or "me." It'screepy.
Fixed print_status to include rhost:rport
Also don't let the failed user:pass be a mystery to the user.
Msftidy fixes.
Fixed up activecollab_chat, batik_svg_java, and foxit_reader_launch
All whitespace fixes.
Merge pull request #398 from wchen-r7/foxit_reader_launch
CVE-2009-0837 by bannedit - Foxit Reader 3 Launch Action BoF
add osvdb ref
Merge pull request #399 from wchen-r7/hp_storageworks
Add HP StorageWorks VSA command execution vulnerability
Correct EDB references
Add Active Collab chat module PHP injection exploit, by mr_me
Francisco is the the one who found it according to advisory
Add CVE-2009-0837 by bannedit - Foxit Reader 3 Launch Action Buffer OverflowThis was added last year, but yanked due to some reliability issues.bannedit gave me the updated version recently, and the issue he was havingappears to be resolved.There is no good P/P/R to use in XP SP3, so that system isn't supported.
description modified
trying to improve bea weblogic connector bof
Improve run-on sentences.
Merge branch 'oracle_bea_post_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-oracle_bea_post_bof
better tab indentation
If the target isn't support, make sure we warn the user
fingerprinting bea connector with Transfer-Encoding
Fix broken target (variable naming)
Be explicit on what version we've tested
errata fixed
Added batik svg java module
Added target BEA Weblogic 8.1 SP4
Added module for CVE-2008-3257
Merge pull request #390 from jlee-r7/consolidate-250-254-375
Consolidate #250, #254, #375
Correct e-mail format
Add Spanish dir path. Thanks Miguel
Squashed commit of the following:
commit 6a3ad1d887df9d277e4878de94f8700ed8e404f9Author: James Lee <egypt@metasploit.com>Date: Wed May 9 16:22:49 2012 -0600
Add register_command calls for md5 and sha1
commit dbd52c5a1edfe1818a580d4d46aac0a9ca038e9c...
Msftidy on mozilla_attribchildremoved.rb
was executable, had bad spacing.
Fixing author tags
Ensuring a space between name and email.
Correct version number
Cleanup whitespace
Merge branch 'mozilla_attribchildremoved' of https://github.com/corelanc0d3r/metasploit-framework into corelanc0d3r-mozilla_attribchildremoved
added exploit for Firefox 8&9 AttributeChildRemoved UAF
Merge pull request #378 from wchen-r7/distinct
Add OSVDB-80984 - Distinct TFTP Directory traversal
Add OSVDB-80984
Add comment for PrependEncoder
Merge pull request #376 from wchen-r7/wikkawiki
Add CVE-2011-4449
It's "inject", not "upload"... because technically that's what really happens.
Update description
Whitespace on solarwinds
Cosmetic changes. Also lower the rank for now, because I picked up a state where it can be less stable.
Merge branch 'firefox_exploit' of https://github.com/lincoln-corelan/metasploit-framework into lincoln-corelan-firefox_exploit
Firefox Exploit
See #362 by changing the exitfunc arguments to be the correct type
Fixes #362 by changing the exitfunction arguments to be the correct type
Add osvdb ref
Randomize case for ini true/false values
Woops, small typo in disable_functions
Add additional definitions to disable safe_mode, open_basedir, suhosin. (thanks @i0n1c)
Bump the rank
A little more module cleanup
Rename this to a more suitable location
Fix up the PHP CGI exploit, remove debug lines
Add EDB reference
Merge pull request #359 from wchen-r7/solarwinds_storage_manager_sql
Add Solarwinds Storage Manager 5.1.0 SQL Injection (code execution)
no unicode
Update the comment for check()
Pff, and of course, I had to make a typo on that one
A little change to the description
Add hdm's better check method
Add an exploit module for the recent php cgi bug (CVE-2012-1823)
Squashed commit of minor cosmetic fixes:
commit eed15ea9ecc88683c8d922fe155d4777a7ce1286Author: Tod Beardsley <todb@metasploit.com>Date: Wed May 2 21:55:56 2012 -0500
Whitespace at EOL. Dangit.
commit 8159b27728d1a4fd0ad94ff56c4b4f2b995646f8Author: Tod Beardsley <todb@metasploit.com>...
Forgot... I don't need to print the client's IP manually anymore
We no longer have to print the client's IP, because it's now a built-in feature.
module for cve-2012-1775 added
Tabs. Sweet sweet tabs
Add McAfee Virtual Technician ActiveX MVTControl vulnerability
Fix possible "can't convert Fixnum into String" error
Make RMI easier to correlate, add a vulnerability check to the scanner module
Add CVE-2012-1495 WebCalendar settings.php code injection
Overrirdes the autofilter results from the HTTPServer mixin for the rmiexploit
Bump this up
Smarter RMI class loader logic