infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #3082 - Release fixes

bug/bundler_fix
sinn3r 2014-03-10 15:19:13 -05:00
parent 368df03ae1 2086224a4c
commit 8b4f8ec21a
No known key found for this signature in database
GPG Key ID: 2384DB4EF06F730B
2 changed files with 9 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
modules/exploits/osx/browser/safari_user_assisted_download_launch.rb
View File

@ -1,8 +1,6 @@
## ##
# This file is part of the Metasploit Framework and may be subject to # This module requires Metasploit: http//metasploit.com/download
# redistribution and commercial restrictions. Please see the Metasploit # Current source: https://github.com/rapid7/metasploit-framework
# web site for more information on licensing and terms of use.
# http://metasploit.com/
## ##
require 'msf/core' require 'msf/core'
@ -17,7 +15,7 @@ class Metasploit3 < Msf::Exploit::Remote
# unmount after the attack and not leave a trace on user's machine. # unmount after the attack and not leave a trace on user's machine.
def initialize(info = {}) def initialize(info = {})
super(update_info(info, super(update_info(info,
'Name' => 'Safari User-Assisted Download & Run Attack', 'Name' => 'Safari User-Assisted Download and Run Attack',
'Description' => %q{ 'Description' => %q{
This module abuses some Safari functionality to force the download of a This module abuses some Safari functionality to force the download of a
zipped .app OSX application containing our payload. The app is then zipped .app OSX application containing our payload. The app is then
@ -35,7 +33,7 @@ class Metasploit3 < Msf::Exploit::Remote
developer." To work around this issue, you will need to manually build and sign developer." To work around this issue, you will need to manually build and sign
an OSX app containing your payload with a custom URL handler called "openurl". an OSX app containing your payload with a custom URL handler called "openurl".
You can put newlines & unicode in your APP_NAME, although you must be careful not You can put newlines and unicode in your APP_NAME, although you must be careful not
to create a prompt that is too tall, or the user will not be able to click to create a prompt that is too tall, or the user will not be able to click
the buttons, and will have to either logout or kill the CoreServicesUIAgent the buttons, and will have to either logout or kill the CoreServicesUIAgent
process. process.
@ -57,6 +55,7 @@ class Metasploit3 < Msf::Exploit::Remote
] ]
], ],
'DefaultTarget' => 0, 'DefaultTarget' => 0,
'DisclosureDate' => 'Mar 10 2014',
'Author' => [ 'joev' ], 'Author' => [ 'joev' ],
'BrowserRequirements' => { 'BrowserRequirements' => {
:source => 'script', :source => 'script',

8
test/modules/auxiliary/test/heaplib2.rb
View File

@ -12,13 +12,13 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info={}) def initialize(info={})
super(update_info(info, super(update_info(info,
'Name' => "heaplib2 test", 'Name' => "Heaplib2 Test",
'Description' => %q{ 'Description' => %q{
This tests heaplib2 This tests heaplib2. Since it is a test module, it's not intended to do much useful work in the field.
}, },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => [ 'sinn3r' ], 'Author' => [ 'sinn3r' ],
'References' => 'References' =>
[ [
[ 'URL', 'http://metasploit.com' ] [ 'URL', 'http://metasploit.com' ]
], ],
@ -79,4 +79,4 @@ class Metasploit3 < Msf::Auxiliary
exploit exploit
end end
end end