infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Minor description fixups. 

Edited modules/exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
first landed in #5524, adobe_flash_pixel_bender_bof in flash renderer .
Removed ASCII bullets since those rarely render correctly.

Edited modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb
first landed in #5252, @espreto's module for WordPress Front-end Editor
File Upload Vuln . Fixed up some language usage, camel-cased "WordPress."
bug/bundler_fix
Tod Beardsley 2015-06-18 13:25:39 -05:00
parent 0f2897df3a
commit afcb016814
No known key found for this signature in database
GPG Key ID: BD63D0A3EA19CAAC
2 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
modules/exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
View File

@ -17,11 +17,12 @@ class Metasploit3 < Msf::Exploit::Remote
This module exploits a buffer overflow vulnerability in Adobe Flash Player. The This module exploits a buffer overflow vulnerability in Adobe Flash Player. The
vulnerability occurs in the flash.Display.Shader class, when setting specially vulnerability occurs in the flash.Display.Shader class, when setting specially
crafted data as its bytecode, as exploited in the wild in April 2014. This module crafted data as its bytecode, as exploited in the wild in April 2014. This module
has been tested successfully on: has been tested successfully on the following operating systems and Flash versions:
* Windows 7 SP1, IE 8 to IE 11 with Flash 13.0.0.182.
* Windows 7 SP1, Firefox 38.0.5, Flash 11.7.700.275 and Adobe Flash 13.0.0.182 Windows 7 SP1, IE 8 to IE 11 with Flash 13.0.0.182,
* Windows 8.1, Firefox 38.0.5 and Adobe Flash 13.0.0.182. Windows 7 SP1, Firefox 38.0.5, Flash 11.7.700.275 and Adobe Flash 13.0.0.182,
* Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.350 Windows 8.1, Firefox 38.0.5 and Adobe Flash 13.0.0.182,
Linux Mint "Rebecca" (32 bit), Firefox 33.0 and Adobe Flash 11.2.202.350
}, },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => 'Author' =>

8
modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb
View File

@ -16,10 +16,10 @@ class Metasploit3 < Msf::Exploit::Remote
info, info,
'Name' => 'Wordpress Front-end Editor File Upload', 'Name' => 'Wordpress Front-end Editor File Upload',
'Description' => %q{ 'Description' => %q{
The Wordpress Front-end Editor plugin contains an authenticated file upload The WordPress Front-end Editor plugin contains an authenticated file upload
vulnerability. We can upload arbitrary files to the upload folder, because vulnerability. An attacker can upload arbitrary files to the upload folder because
the plugin also uses it's own file upload mechanism instead of the wordpress the plugin uses its own file upload mechanism instead of the WordPress API, which
api it's possible to upload any file type. incorrectly allows uploads of any file type.
}, },
'Author' => 'Author' =>
[ [