Permalink
Browse files

Land #9189, s/patrick/aushack/g

  • Loading branch information...
wvu-r7 committed Nov 8, 2017
2 parents 5a07be9 + 2f6da89 commit b7c604f941452010e816392a23f794de17755ce4
Showing with 115 additions and 115 deletions.
  1. +1 −1 lib/msf/core/author.rb
  2. +1 −1 modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb
  3. +1 −1 modules/auxiliary/admin/http/contentkeeper_fileaccess.rb
  4. +1 −1 modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb
  5. +1 −1 modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb
  6. +1 −1 modules/auxiliary/admin/http/tomcat_utf8_traversal.rb
  7. +1 −1 modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb
  8. +1 −1 modules/auxiliary/admin/officescan/tmlisten_traversal.rb
  9. +1 −1 modules/auxiliary/admin/pop2/uw_fileretrieval.rb
  10. +1 −1 modules/auxiliary/admin/smb/check_dir_file.rb
  11. +1 −1 modules/auxiliary/dos/cisco/ios_http_percentpercent.rb
  12. +2 −2 modules/auxiliary/dos/http/3com_superstack_switch.rb
  13. +1 −1 modules/auxiliary/dos/http/dell_openmanage_post.rb
  14. +1 −1 modules/auxiliary/dos/http/sonicwall_ssl_format.rb
  15. +1 −1 modules/auxiliary/dos/pptp/ms02_063_pptp_dos.rb
  16. +1 −1 modules/auxiliary/dos/smtp/sendmail_prescan.rb
  17. +1 −1 modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb
  18. +1 −1 modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb
  19. +2 −2 modules/auxiliary/gather/checkpoint_hostname.rb
  20. +1 −1 modules/auxiliary/gather/citrix_published_applications.rb
  21. +1 −1 modules/auxiliary/gather/citrix_published_bruteforce.rb
  22. +1 −1 modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb
  23. +2 −2 modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb
  24. +2 −2 modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb
  25. +1 −1 modules/auxiliary/scanner/http/soap_xml.rb
  26. +1 −1 modules/auxiliary/scanner/http/squiz_matrix_user_enum.rb
  27. +1 −1 modules/auxiliary/scanner/varnish/varnish_cli_login.rb
  28. +1 −1 modules/exploits/linux/http/alcatel_omnipcx_mastercgi_exec.rb
  29. +1 −1 modules/exploits/linux/http/piranha_passwd_exec.rb
  30. +1 −1 modules/exploits/linux/imap/imap_uw_lsub.rb
  31. +1 −1 modules/exploits/linux/misc/gld_postfix.rb
  32. +2 −2 modules/exploits/multi/misc/openview_omniback_exec.rb
  33. +1 −1 modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb
  34. +1 −1 modules/exploits/multi/ntp/ntp_overflow.rb
  35. +1 −1 modules/exploits/unix/http/contentkeeperweb_mimencode.rb
  36. +1 −1 modules/exploits/unix/misc/spamassassin_exec.rb
  37. +1 −1 modules/exploits/unix/smtp/clamav_milter_blackhole.rb
  38. +1 −1 modules/exploits/unix/webapp/awstats_migrate_exec.rb
  39. +1 −1 modules/exploits/unix/webapp/awstatstotals_multisort.rb
  40. +2 −2 modules/exploits/unix/webapp/dogfood_spell_exec.rb
  41. +1 −1 modules/exploits/unix/webapp/guestbook_ssi_exec.rb
  42. +1 −1 modules/exploits/unix/webapp/phpbb_highlight.rb
  43. +1 −1 modules/exploits/unix/webapp/sphpblog_file_upload.rb
  44. +1 −1 modules/exploits/unix/webapp/wp_foxypress_upload.rb
  45. +1 −1 modules/exploits/windows/brightstor/discovery_tcp.rb
  46. +1 −1 modules/exploits/windows/brightstor/discovery_udp.rb
  47. +1 −1 modules/exploits/windows/brightstor/message_engine.rb
  48. +1 −1 modules/exploits/windows/brightstor/tape_engine.rb
  49. +2 −2 modules/exploits/windows/browser/barcode_ax49.rb
  50. +1 −1 modules/exploits/windows/browser/ebook_flipviewer_fviewerloading.rb
  51. +1 −1 modules/exploits/windows/browser/juniper_sslvpn_ive_setupdll.rb
  52. +1 −1 modules/exploits/windows/browser/tumbleweed_filetransfer.rb
  53. +1 −1 modules/exploits/windows/fileformat/altap_salamander_pdb.rb
  54. +1 −1 modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb
  55. +1 −1 modules/exploits/windows/fileformat/destinymediaplayer16.rb
  56. +1 −1 modules/exploits/windows/fileformat/ursoft_w32dasm.rb
  57. +1 −1 modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb
  58. +1 −1 modules/exploits/windows/ftp/dreamftp_format.rb
  59. +1 −1 modules/exploits/windows/ftp/leapftp_pasv_reply.rb
  60. +1 −1 modules/exploits/windows/ftp/sami_ftpd_user.rb
  61. +1 −1 modules/exploits/windows/ftp/sasser_ftpd_port.rb
  62. +1 −1 modules/exploits/windows/games/racer_503beta5.rb
  63. +2 −2 modules/exploits/windows/http/amlibweb_webquerydll_app.rb
  64. +3 −3 modules/exploits/windows/http/apache_mod_rewrite_ldap.rb
  65. +1 −1 modules/exploits/windows/http/ca_igateway_debug.rb
  66. +1 −1 modules/exploits/windows/http/mcafee_epolicy_source.rb
  67. +2 −2 modules/exploits/windows/http/mdaemon_worldclient_form2raw.rb
  68. +1 −1 modules/exploits/windows/http/psoproxy91_overflow.rb
  69. +1 −1 modules/exploits/windows/http/sambar6_search_results.rb
  70. +1 −1 modules/exploits/windows/http/savant_31_overflow.rb
  71. +1 −1 modules/exploits/windows/http/steamcast_useragent.rb
  72. +1 −1 modules/exploits/windows/http/webster_http.rb
  73. +1 −1 modules/exploits/windows/http/xitami_if_mod_since.rb
  74. +2 −2 modules/exploits/windows/iis/ms02_065_msadc.rb
  75. +2 −2 modules/exploits/windows/iis/msadc.rb
  76. +1 −1 modules/exploits/windows/imap/mdaemon_fetch.rb
  77. +1 −1 modules/exploits/windows/isapi/ms00_094_pbserver.rb
  78. +1 −1 modules/exploits/windows/ldap/pgp_keyserver7.rb
  79. +2 −2 modules/exploits/windows/license/calicclnt_getconfig.rb
  80. +2 −2 modules/exploits/windows/license/calicserv_getconfig.rb
  81. +1 −1 modules/exploits/windows/lotus/domino_sametime_stmux.rb
  82. +2 −2 modules/exploits/windows/misc/bigant_server_250.rb
  83. +1 −1 modules/exploits/windows/misc/mirc_privmsg_server.rb
  84. +1 −1 modules/exploits/windows/misc/netcat110_nt.rb
  85. +2 −2 modules/exploits/windows/misc/sap_2005_license.rb
  86. +1 −1 modules/exploits/windows/proxy/ccproxy_telnet_ping.rb
  87. +1 −1 modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb
  88. +1 −1 modules/exploits/windows/scada/citect_scada_odbc.rb
  89. +1 −1 modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb
  90. +1 −1 modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb
  91. +1 −1 modules/exploits/windows/telnet/gamsoft_telsrv_username.rb
  92. +1 −1 modules/exploits/windows/tftp/attftp_long_filename.rb
  93. +1 −1 modules/exploits/windows/tftp/dlink_long_filename.rb
  94. +1 −1 modules/exploits/windows/tftp/tftpdwin_long_filename.rb
  95. +1 −1 modules/exploits/windows/vnc/winvnc_http_get.rb
  96. +1 −1 modules/payloads/singles/cmd/windows/bind_perl.rb
  97. +1 −1 modules/payloads/singles/cmd/windows/bind_perl_ipv6.rb
  98. +1 −1 modules/payloads/singles/cmd/windows/reverse_perl.rb
View
@@ -17,6 +17,7 @@ class Msf::Author
KNOWN = {
'amaloteaux' => 'alex_maloteaux' + 0x40.chr + 'metasploit.com',
'anonymous' => 'Unknown',
'aushack' => 'patrick' + 0x40.chr + 'osisecurity.com.au',
'bannedit' => 'bannedit' + 0x40.chr + 'metasploit.com',
'Carlos Perez' => 'carlos_perez' + 0x40.chr + 'darkoperator.com',
'cazz' => 'bmc' + 0x40.chr + 'shmoo.com',
@@ -39,7 +40,6 @@ class Msf::Author
'mubix' => 'mubix' + 0x40.chr + 'hak5.org',
'natron' => 'natron' + 0x40.chr + 'metasploit.com',
'optyx' => 'optyx' + 0x40.chr + 'no$email.com',
'patrick' => 'patrick' + 0x40.chr + 'osisecurity.com.au',
'pusscat' => 'pusscat' + 0x40.chr + 'metasploit.com',
'Ramon de C Valle' => 'rcvalle' + 0x40.chr + 'metasploit.com',
'sf' => 'stephen_fewer' + 0x40.chr + 'harmonysecurity.com',
@@ -17,7 +17,7 @@ def initialize(info = {})
verifies that the directory has been created, then deletes it and verifies deletion
to confirm the bug.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -20,7 +20,7 @@ def initialize
[ 'OSVDB', '54551' ],
[ 'URL', 'http://www.aushack.com/200904-contentkeeper.txt' ],
],
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE)
register_options(
@@ -17,7 +17,7 @@ def initialize(info = {})
systems, however at this stage the module only works against Windows.
This module does not apply to HP printers.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -19,7 +19,7 @@ def initialize
[ 'OSVDB', '55586' ],
[ 'CVE', '2009-2367' ],
],
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE
)
@@ -29,7 +29,7 @@ def initialize
[ 'CVE', '2008-2938' ],
[ 'URL', 'http://www.securityfocus.com/archive/1/499926' ],
],
'Author' => [ 'patrick','guerrino <ruggine> di massa' ],
'Author' => [ 'aushack','guerrino <ruggine> di massa' ],
'License' => MSF_LICENSE,
'DisclosureDate' => 'Jan 9 2009'
)
@@ -29,7 +29,7 @@ def initialize
[ 'EDB', '17388' ],
[ 'BID', '48225' ],
],
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'DisclosureDate' => 'Jan 9 2009'
)
@@ -23,7 +23,7 @@ def initialize
[ 'BID', '31531' ],
[ 'URL', 'http://www.trendmicro.com/ftp/documentation/readme/OSCE_7.3_Win_EN_CriticalPatch_B1372_Readme.txt' ],
],
'Author' => [ 'Anshul Pandey <anshul999[at]gmail.com>', 'patrick' ],
'Author' => [ 'Anshul Pandey <anshul999[at]gmail.com>', 'aushack' ],
'License' => MSF_LICENSE
)
@@ -17,7 +17,7 @@ def initialize(info = {})
be exploited with a valid username and password. The From address is
the file owner.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -29,7 +29,7 @@ def initialize
},
'Author' =>
[
'patrick',
'aushack',
'j0hn__f'
],
'References' =>
@@ -16,7 +16,7 @@ def initialize(info = {})
unresponsive. IOS 11.1 -> 12.1 are reportedly vulnerable. This module
tested successfully against a Cisco 1600 Router IOS v11.2(18)P.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -18,11 +18,11 @@ def initialize(info = {})
against a 3300SM firmware v2.66. Reported to affect versions
prior to v2.72.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
# patrickw - I am not sure if these are correct, but the closest match!
# aushack - I am not sure if these are correct, but the closest match!
[ 'OSVDB', '7246' ],
[ 'CVE', '2004-2691' ],
[ 'URL', 'http://support.3com.com/infodeli/tools/switches/dna1695-0aaa17.pdf' ],
@@ -18,7 +18,7 @@ def initialize(info = {})
This module will crash the web server, however it is likely exploitable
under certain conditions.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -18,7 +18,7 @@ def initialize(info = {})
string data. With physical access to the device and debugging,
this module may be able to be used to execute arbitrary code remotely.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' => [
[ 'BID', '35145' ],
@@ -16,7 +16,7 @@ def initialize(info = {})
(Remote Access Services). Kernel memory is overwritten resulting in a BSOD.
Code execution may be possible however this module is only a DoS.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -16,7 +16,7 @@ def initialize(info = {})
parsing SMTP headers. Due to the prescan function, only 0x5c and 0x00
bytes can be used, limiting the likelihood for arbitrary code execution.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'References' =>
[
[ 'OSVDB', '2577' ],
@@ -18,7 +18,7 @@ def initialize(info = {})
when running, will overwrite the stack with our string and generate an
exception. The FileZilla FTP Server itself will continue functioning.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -15,7 +15,7 @@ def initialize(info = {})
Server versions 0.9.21 and earlier. By sending a malformed PORT command
then LIST command, the server attempts to write to a NULL pointer.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -21,11 +21,11 @@ def initialize(info = {})
networks where the hostname reveals the physical location and rack number
of the device, which may be unintentionally published to the world.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'DisclosureDate' => 'Dec 14 2011', # Looks like this module is first real reference
'References' =>
[
# patrickw - None? Stumbled across, probably an old bug/feature but unsure.
# aushack - None? Stumbled across, probably an old bug/feature but unsure.
[ 'URL', 'http://www.osisecurity.com.au/advisories/checkpoint-firewall-securemote-hostname-information-disclosure' ],
[ 'URL', 'https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk69360' ]
]
@@ -13,7 +13,7 @@ def initialize(info = {})
This module attempts to query Citrix Metaframe ICA server to obtain
a published list of applications.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'References' =>
[
[ 'URL', 'http://www.securiteam.com/exploits/5CP0B1F80S.html' ],
@@ -13,7 +13,7 @@ def initialize(info = {})
This module attempts to brute force program names within the Citrix
Metaframe ICA server.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'References' =>
[
[ 'OSVDB', '50617' ],
@@ -26,7 +26,7 @@ def initialize(info={})
control. IOS 11.3 -> 12.2 are reportedly vulnerable. This module
tested successfully against a Cisco 1600 Router IOS v11.3(11d).
},
'Author' => [ 'patrick', 'hdm' ],
'Author' => [ 'aushack', 'hdm' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -22,7 +22,7 @@ def initialize(info = {})
where WebDAV is enabled on the IIS6 server, and any protected folder
requires either Basic, Digest or NTLM authentication.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -154,7 +154,7 @@ def run_host(ip)
'ctype' => 'application/xml',
'headers' =>
{
#'Translate' => 'f', # Not required in PROPFIND, only GET - patrickw 20091518
#'Translate' => 'f', # Not required in PROPFIND, only GET - aushack 20091518
},
'data' => webdav_req + "\r\n\r\n",
}, 20)
@@ -20,7 +20,7 @@ def initialize(info = {})
to be exploitable where WebDAV is enabled on the IIS6 server, and any
protected folder requires either Basic, Digest or NTLM authentication.
},
'Author' => [ 'et', 'patrick' ],
'Author' => [ 'et', 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -83,7 +83,7 @@ def run_host(ip)
'ctype' => 'application/xml',
'headers' =>
{
#'Translate' => 'f', # Not required in PROPFIND, only GET - patrickw 20091518
#'Translate' => 'f', # Not required in PROPFIND, only GET - aushack 20091518
},
'data' => webdav_req + "\r\n\r\n",
}, 20)
@@ -19,7 +19,7 @@ def initialize(info = {})
This module attempts to brute force SOAP/XML requests to uncover
hidden methods.
),
'Author' => ['patrick'],
'Author' => ['aushack'],
'License' => MSF_LICENSE))
register_options(
@@ -28,7 +28,7 @@ def initialize(info={})
ASSETBEGIN and ASSETEND values for greater results, or set VERBOSE.
Information gathered may be used for later bruteforce attacks.
},
'Author' => [ 'Troy Rose <troy[at]osisecurity.com.au>', 'patrick' ],
'Author' => [ 'Troy Rose <troy[at]osisecurity.com.au>', 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -27,7 +27,7 @@ def initialize
],
'Author' =>
[
'patrick', #original module
'aushack', #original module
'h00die <mike@shorebreaksecurity.com>' #updates and standardizations
],
'License' => MSF_LICENSE
@@ -21,7 +21,7 @@ def initialize(info = {})
module only supports command line payloads, as the httpd process kills
the reverse/bind shell spawn after the HTTP 200 OK response.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -22,7 +22,7 @@ def initialize(info = {})
/piranha/secure/passwd.php3 script. The package installs with a default
user and password of piranha:q which was exploited in the wild.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -18,7 +18,7 @@ def initialize(info = {})
This vulnerability can only be exploited with a valid username
and password.
},
'Author' => [ 'patrick', 'jduck' ],
'Author' => [ 'aushack', 'jduck' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -16,7 +16,7 @@ def initialize(info = {})
GLD <= 1.4 greylisting daemon for Postfix. By sending an
overly long string the stack can be overwritten.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'Arch' => ARCH_X86,
'Platform' => 'linux',
'References' =>
@@ -21,7 +21,7 @@ def initialize(info = {})
"unix/cmd/generic" payload and set CMD to your command. You can only
pass a small amount of characters (4) to the command line on Windows.
},
'Author' => [ 'hdm', 'patrick' ],
'Author' => [ 'hdm', 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -164,7 +164,7 @@ def exploit
if (target.name =~ /Windows/)
# patrickw
# aushack
#
# Tested during pen test against Windows 2003 server.
# Windows Service details:
@@ -18,7 +18,7 @@ def initialize(info = {})
allows direct console access as root or SYSTEM from
any source address.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -18,7 +18,7 @@ def initialize(info = {})
request it is possible to execute code remotely. As the stack
is corrupted, this module uses the Egghunter technique.
},
'Author' => 'patrick',
'Author' => 'aushack',
'License' => MSF_LICENSE,
'References' =>
[
@@ -17,7 +17,7 @@ def initialize(info = {})
to enable remote command execution as the Apache user. By setting
SkipEscalation to false, this module will attempt to setuid the bash shell.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'Arch' => [ ARCH_CMD ],
'License' => MSF_LICENSE,
'References' =>
@@ -16,7 +16,7 @@ def initialize(info = {})
a malicious vpopmail User header, when running with vpopmail and paranoid
modes enabled (non-default). Versions prior to v3.1.3 are vulnerable
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -17,7 +17,7 @@ def initialize(info = {})
When implemented with black hole mode enabled, it is possible to execute
commands remotely due to an insecure popen call.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -18,7 +18,7 @@ def initialize(info = {})
present when AllowToUpdateStatsFromBrowser is enabled in the AWStats
configuration file (non-default).
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
@@ -15,7 +15,7 @@ def initialize(info = {})
This module exploits an arbitrary command execution vulnerability in the
AWStats Totals PHP script. AWStats Totals version v1.0 - v1.14 are vulnerable.
},
'Author' => [ 'patrick' ],
'Author' => [ 'aushack' ],
'License' => MSF_LICENSE,
'References' =>
[
Oops, something went wrong.

0 comments on commit b7c604f

Please sign in to comment.