Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

added metasploit http DoS module #12433

Merged
merged 5 commits into from Dec 26, 2019
Merged

added metasploit http DoS module #12433

merged 5 commits into from Dec 26, 2019

Conversation

@deepsight
Copy link
Contributor

deepsight commented Oct 9, 2019

Adding a module for for CVE-2019-5645, Denial of Service on Metasploit framework HTTP(s) handler.

Jose Garduno
@jmartin-r7

This comment has been minimized.

Copy link
Member

jmartin-r7 commented Oct 9, 2019

Please update the disclosure date to ISO 8601 format as 2019-09-04.

[*] Running msftidy.rb in ./.git/hooks/post-merge mode
--- Checking new and changed module syntax with tools/dev/msftidy.rb ---
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [ERROR] Incorrect disclosure date format
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [WARNING] Please add a newline at the end of the file
@busterb busterb self-assigned this Oct 21, 2019
busterb added 3 commits Dec 26, 2019
@busterb busterb added docs and removed needs-docs labels Dec 26, 2019
@busterb

This comment has been minimized.

Copy link
Member

busterb commented Dec 26, 2019

Updated options to take an enum, fixed some other minor things, verified function, and added module docs. Thanks @deepsight and @bcoles for the review.

busterb added a commit that referenced this pull request Dec 26, 2019
@busterb busterb merged commit d87f752 into rapid7:master Dec 26, 2019
1 of 3 checks passed
1 of 3 checks passed
Metasploit Automation - Sanity Test Execution Running automation sanity tests. Details available on completion.
Details
continuous-integration/travis-ci/pr The Travis CI build is in progress
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
@busterb

This comment has been minimized.

Copy link
Member

busterb commented Dec 26, 2019

Release Notes

This add a DoS module targeting a regex parsing weakness in reverse_http and reverse_https payload handlers in Metasploit 5.0.27 and below.

msjenkins-r7 added a commit that referenced this pull request Dec 26, 2019
@jirayutza1

This comment has been minimized.

Copy link

jirayutza1 commented Jan 3, 2020

Please update the disclosure date to ISO 8601 format as 2019-09-04.

[*] Running msftidy.rb in ./.git/hooks/post-merge mode
--- Checking new and changed module syntax with tools/dev/msftidy.rb ---
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [ERROR] Incorrect disclosure date format
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [WARNING] Please add a newline at the end of the file

Please update the disclosure date to ISO 8601 format as 2019-09-04.

[*] Running msftidy.rb in ./.git/hooks/post-merge mode
--- Checking new and changed module syntax with tools/dev/msftidy.rb ---
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [ERROR] Incorrect disclosure date format
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [WARNING] Please add a newline at the end of the file
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
7 participants
You can’t perform that action at this time.