infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Minor updates for release 

Fixes some title/desc action.
Adds a print_status on the firefox module so it's not just silent.
Avoids the use of "puts" in the description b/c this freaks out msftidy
(it's a false positive but easily worked around).
bug/bundler_fix
Tod Beardsley 2014-03-17 13:24:24 -05:00
parent c76c0221cc
commit 8f2124f5da
No known key found for this signature in database
GPG Key ID: 1EFFB682ADB9F193
2 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/exploits/firefox/local/exec_shellcode.rb
View File

@ -15,9 +15,9 @@ class Metasploit3 < Msf::Exploit::Local
super(update_info(info, super(update_info(info,
'Name' => 'Firefox Exec Shellcode from Privileged Javascript Shell', 'Name' => 'Firefox Exec Shellcode from Privileged Javascript Shell',
'Description' => %q{ 'Description' => %q{
Allows execution of native payloads from a privileged Firefox Javascript shell. This module allows execution of native payloads from a privileged Firefox Javascript shell.
Puts the specified payload into memory, adds the necessary protection flags, It places the specified payload into memory, adds the necessary protection flags,
and calls it. Useful for upgrading a Firefox javascript shell to a Meterpreter and calls it, which can be useful for upgrading a Firefox javascript shell to a Meterpreter
session without touching the disk. session without touching the disk.
}, },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
@ -41,6 +41,7 @@ class Metasploit3 < Msf::Exploit::Local
end end
def exploit def exploit
print_status "Running the Javascript shell..."
session.shell_write("[JAVASCRIPT]#{js_payload}[/JAVASCRIPT]") session.shell_write("[JAVASCRIPT]#{js_payload}[/JAVASCRIPT]")
results = session.shell_read_until_token("[!JAVASCRIPT]", 0, datastore['TIMEOUT']) results = session.shell_read_until_token("[!JAVASCRIPT]", 0, datastore['TIMEOUT'])
print_warning(results) if results.present? print_warning(results) if results.present?

4
modules/exploits/windows/fileformat/mplayer_m3u_bof.rb
View File

@ -19,8 +19,8 @@ class Metasploit3 < Msf::Exploit::Remote
MPlayer Lite r33064, caused by improper bounds checking of an URL entry. MPlayer Lite r33064, caused by improper bounds checking of an URL entry.
By persuading the victim to open a specially-crafted .M3U file, specifically by By persuading the victim to open a specially-crafted .M3U file, specifically by
drag-and-dropping it to the player, a remote attacker could execute arbitrary drag-and-dropping it to the player, a remote attacker can execute arbitrary
code on the system or cause the application to crash. code on the system.
}, },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => 'Author' =>