diff --git a/modules/exploits/android/local/futex_requeue.rb b/modules/exploits/android/local/futex_requeue.rb index d890f39818..9b5ec81028 100644 --- a/modules/exploits/android/local/futex_requeue.rb +++ b/modules/exploits/android/local/futex_requeue.rb @@ -14,16 +14,17 @@ class Metasploit4 < Msf::Exploit::Local def initialize(info={}) super( update_info( info, { - 'Name' => 'Android Futex Requeue Kernel Exploit', + 'Name' => "Android 'Towelroot' Futex Requeue Kernel Exploit", 'Description' => %q{ - This module exploits a bug in futex_requeue in the linux kernel. - Any android phone with a kernel built before June 2014 should be vulnerable. + This module exploits a bug in futex_requeue in the Linux kernel, using + similiar techniques employed by the towelroot exploit. Any Android device + with a kernel built before June, 2014 is likely to be vulnerable. }, 'License' => MSF_LICENSE, 'Author' => [ - 'Pinkie Pie', #discovery - 'geohot', #towelroot - 'timwr' #metasploit module + 'Pinkie Pie', # discovery + 'geohot', # towelroot + 'timwr' # metasploit module ], 'References' => [ diff --git a/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb b/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb index fc159d599e..bdfe648cff 100644 --- a/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb +++ b/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb @@ -18,11 +18,12 @@ class Metasploit3 < Msf::Exploit::Local def initialize(info={}) super(update_info(info, { - 'Name' => 'Windows tcpip!SetAddrOptions NULL Pointer Dereference', + 'Name' => 'MS14-070 Windows tcpip!SetAddrOptions NULL Pointer Dereference', 'Description' => %q{ - A vulnerability within the Microsoft TCP/IP protocol driver tcpip.sys, - can allow an attacker to trigger a NULL pointer dereference by using a - specially crafted IOCTL. + A vulnerability within the Microsoft TCP/IP protocol driver tcpip.sys + can allow a local attacker to trigger a NULL pointer dereference by using a + specially crafted IOCTL. This flaw can be abused to elevate privileges to + SYSTEM. }, 'License' => MSF_LICENSE, 'Author' => diff --git a/modules/exploits/windows/misc/achat_bof.rb b/modules/exploits/windows/misc/achat_bof.rb index e74499e98e..1c1837e14a 100644 --- a/modules/exploits/windows/misc/achat_bof.rb +++ b/modules/exploits/windows/misc/achat_bof.rb @@ -13,13 +13,13 @@ class Metasploit3 < Msf::Exploit::Remote def initialize(info = {}) super(update_info(info, - 'Name' => 'Achat v0.150 beta7 Buffer Overflow', + 'Name' => 'Achat Stack Based Buffer Overflow', 'Description' => %q{ - This module exploits an unicode SEH based stack buffer overflow in Achat v0.150. By - sending a crafted message to the default port 9256 it's possible to overwrites the - SEH handler. Even when the exploit is reliable it depends of timing since there are + This module exploits a Unicode SEH based stack based buffer overflow in Achat. By + sending a crafted message to the default port UDP/9256, it's possible to overwrite the + SEH handler. Even when the exploit is reliable, it depends of timing since there are two threads overflowing the stack in the same time. This module has been tested on - Windows XP SP3 and Windows 7. + Achat v0.150 running on Windows XP SP3 and Windows 7. }, 'Author' => [ diff --git a/modules/post/windows/gather/file_from_raw_ntfs.rb b/modules/post/windows/gather/file_from_raw_ntfs.rb index 3704fba66d..b29c903c2d 100644 --- a/modules/post/windows/gather/file_from_raw_ntfs.rb +++ b/modules/post/windows/gather/file_from_raw_ntfs.rb @@ -16,7 +16,8 @@ class Metasploit3 < Msf::Post 'Name' => 'Windows File Gather File from Raw NTFS', 'Description' => %q( This module gathers a file using the raw NTFS device, bypassing some Windows restrictions - such as open file with write lock. Can be used to retrieve files such as NTDS.dit.), + such as open file with write lock. Because it avoids the usual file locking issues, it can + be used to retrieve files such as NTDS.dit.), 'License' => 'MSF_LICENSE', 'Platform' => ['win'], 'SessionTypes' => ['meterpreter'],