Land #4755, @todb-r7's release fixes

bug/bundler_fix
William Vu 2015-02-12 13:16:08 -06:00
commit 9b10cd5655
No known key found for this signature in database
GPG Key ID: 68BD00CE25866743
4 changed files with 22 additions and 18 deletions

View File

@ -14,16 +14,17 @@ class Metasploit4 < Msf::Exploit::Local
def initialize(info={})
super( update_info( info, {
'Name' => 'Android Futex Requeue Kernel Exploit',
'Name' => "Android 'Towelroot' Futex Requeue Kernel Exploit",
'Description' => %q{
This module exploits a bug in futex_requeue in the linux kernel.
Any android phone with a kernel built before June 2014 should be vulnerable.
This module exploits a bug in futex_requeue in the Linux kernel, using
similiar techniques employed by the towelroot exploit. Any Android device
with a kernel built before June 2014 is likely to be vulnerable.
},
'License' => MSF_LICENSE,
'Author' => [
'Pinkie Pie', #discovery
'geohot', #towelroot
'timwr' #metasploit module
'Pinkie Pie', # discovery
'geohot', # towelroot
'timwr' # metasploit module
],
'References' =>
[

View File

@ -18,11 +18,12 @@ class Metasploit3 < Msf::Exploit::Local
def initialize(info={})
super(update_info(info, {
'Name' => 'Windows tcpip!SetAddrOptions NULL Pointer Dereference',
'Name' => 'MS14-070 Windows tcpip!SetAddrOptions NULL Pointer Dereference',
'Description' => %q{
A vulnerability within the Microsoft TCP/IP protocol driver tcpip.sys,
can allow an attacker to trigger a NULL pointer dereference by using a
specially crafted IOCTL.
A vulnerability within the Microsoft TCP/IP protocol driver tcpip.sys
can allow a local attacker to trigger a NULL pointer dereference by using a
specially crafted IOCTL. This flaw can be abused to elevate privileges to
SYSTEM.
},
'License' => MSF_LICENSE,
'Author' =>

View File

@ -13,13 +13,13 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
'Name' => 'Achat v0.150 beta7 Buffer Overflow',
'Name' => 'Achat Unicode SEH Buffer Overflow',
'Description' => %q{
This module exploits an unicode SEH based stack buffer overflow in Achat v0.150. By
sending a crafted message to the default port 9256 it's possible to overwrites the
SEH handler. Even when the exploit is reliable it depends of timing since there are
This module exploits a Unicode SEH buffer overflow in Achat. By
sending a crafted message to the default port 9256/UDP, it's possible to overwrite the
SEH handler. Even when the exploit is reliable, it depends on timing since there are
two threads overflowing the stack in the same time. This module has been tested on
Windows XP SP3 and Windows 7.
Achat v0.150 running on Windows XP SP3 and Windows 7.
},
'Author' =>
[

View File

@ -14,9 +14,11 @@ class Metasploit3 < Msf::Post
def initialize(info = {})
super(update_info(info,
'Name' => 'Windows File Gather File from Raw NTFS',
'Description' => %q(
'Description' => %q{
This module gathers a file using the raw NTFS device, bypassing some Windows restrictions
such as open file with write lock. Can be used to retrieve files such as NTDS.dit.),
such as open file with write lock. Because it avoids the usual file locking issues, it can
be used to retrieve files such as NTDS.dit.
},
'License' => 'MSF_LICENSE',
'Platform' => ['win'],
'SessionTypes' => ['meterpreter'],