Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

added metasploit http DoS module #12433

Merged
merged 5 commits into from Dec 26, 2019
Merged

added metasploit http DoS module #12433

merged 5 commits into from Dec 26, 2019

Conversation

deepsight
Copy link
Contributor

Adding a module for for CVE-2019-5645, Denial of Service on Metasploit framework HTTP(s) handler.

@jmartin-r7
Copy link
Member

Please update the disclosure date to ISO 8601 format as 2019-09-04.

[*] Running msftidy.rb in ./.git/hooks/post-merge mode
--- Checking new and changed module syntax with tools/dev/msftidy.rb ---
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [ERROR] Incorrect disclosure date format
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [WARNING] Please add a newline at the end of the file

@busterb busterb self-assigned this Oct 21, 2019
@busterb busterb added docs and removed needs-docs labels Dec 26, 2019
@busterb
Copy link
Contributor

busterb commented Dec 26, 2019

Updated options to take an enum, fixed some other minor things, verified function, and added module docs. Thanks @deepsight and @bcoles for the review.

@busterb busterb merged commit d87f752 into rapid7:master Dec 26, 2019
@busterb
Copy link
Contributor

busterb commented Dec 26, 2019

Release Notes

This add a DoS module targeting a regex parsing weakness in reverse_http and reverse_https payload handlers in Metasploit 5.0.27 and below.

@jirayutza1
Copy link

Please update the disclosure date to ISO 8601 format as 2019-09-04.

[*] Running msftidy.rb in ./.git/hooks/post-merge mode
--- Checking new and changed module syntax with tools/dev/msftidy.rb ---
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [ERROR] Incorrect disclosure date format
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [WARNING] Please add a newline at the end of the file

Please update the disclosure date to ISO 8601 format as 2019-09-04.

[*] Running msftidy.rb in ./.git/hooks/post-merge mode
--- Checking new and changed module syntax with tools/dev/msftidy.rb ---
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [ERROR] Incorrect disclosure date format
modules/auxiliary/dos/http/metasploit_httphandler_dos.rb - [WARNING] Please add a newline at the end of the file

@tperry-r7 tperry-r7 added the rn-enhancement release notes enhancement label Jan 14, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
docs module rn-enhancement release notes enhancement
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

7 participants