Commit Graph

346 Commits (master)

Author SHA1 Message Date
Tim W f589db6831
Land #11152, add macOS adobe flash player type confusion RCE 2019-02-09 18:46:48 +08:00
Tim W 5c1f4a4703 fix include -> include? 2019-02-09 18:46:35 +08:00
Tim W 5fc0c66109 add version to check to safari exploit 2019-01-22 16:10:51 +08:00
Brent Cook c959c98161 add original public research author 2018-12-21 02:54:35 -06:00
Brent Cook a7e8afe760 update references, remove unused metadata, use more straightforward string operations 2018-12-21 02:54:35 -06:00
Brent Cook 0dab74a71f tweak description 2018-12-21 02:54:35 -06:00
Brent Cook 46acd7a206 simplify 2018-12-21 02:54:35 -06:00
Brent Cook 2f35695327 update web link 2018-12-21 02:54:35 -06:00
Brent Cook ac51fbd122 style fixes 2018-12-21 02:54:35 -06:00
Brent Cook dc6ae6f058 initial import, CVE-2016-4117 OSX exploit 2018-12-21 02:54:35 -06:00
Wei Chen cc7cb7302e
Land #10944, Add macOS Safari exploit from pwn2own2018 2018-12-13 13:50:19 -06:00
Wei Chen d523124faf
Land #10965, Add the macOS LPE from pwn2own2018 (CVE-2018-4237) 2018-11-27 14:00:35 -06:00
Tim W 3829cc11bb add DEBUG_EXPLOIT option 2018-11-20 17:58:36 +08:00
Tim W 57bad6b213 move offsets to hash
fix
2018-11-20 17:58:34 +08:00
Tim W bee3c3d4d3 add documentation 2018-11-20 16:53:34 +08:00
Tim W 44b1b6fe31 fix forking 2018-11-20 15:58:55 +08:00
William Vu 90b9204703 Update DisclosureDate to ISO 8601 in my modules
Basic msftidy fixer:

diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
     # Check disclosure date format
     if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
       d = $1  #Captured date
+      File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+      fixed('Probably updated traditional DisclosureDate to ISO 8601')
       # Flag if overall format is wrong
       if d =~ /^... (?:\d{1,2},? )?\d{4}$/
         # Flag if month format is wrong
2018-11-16 12:18:28 -06:00
Tim W 420be60900 add CVE-2018-4237 2018-11-15 08:48:10 +08:00
Tim W 2c30459a1b add CVE-2018-4233 and CVE-2018-4404 2018-11-15 08:44:18 +08:00
Brendan Coles c3080d69f2 Use writable? method for local modules 2018-11-04 05:28:32 +00:00
Brent Cook 6126a627cc
Land #10570, AKA Metadata Refactor 2018-09-17 22:29:20 -05:00
William Vu 4c036e70c1 Fix http://seclists.org links to https://
I have no idea how this happened in my own code. I was seeing https://.
2018-09-15 18:54:45 -05:00
Erin Bleiweiss eb17d9b198
Refactor AKA references for modules 2018-08-31 16:56:05 -05:00
asoto-r7 1a3a4ef5e4
Revised 88 aux and exploit modules to add CVEs / references 2018-07-12 17:34:52 -05:00
Tim W 641ffca98c use base_dir 2018-06-08 14:53:21 +08:00
Brendan Coles 9c14bddd93 Cleanup OSX local exploit modules 2018-05-31 12:26:33 +00:00
Brendan Coles 45481f26b6 Add Msf::Post::OSX::Priv mixin 2018-05-22 22:25:39 +00:00
Brendan Coles aa033bf5c1 Fix cleanup 2018-05-20 16:19:25 +00:00
Brent Cook b13f4e25e1 thanks for making this well-known 2017-12-04 18:32:31 -06:00
Brent Cook a27bb38d51 add authors 2017-12-04 18:25:18 -06:00
Tim W 58897bf2fc msftidy 2017-11-29 16:36:50 +08:00
Tim W 7f1f7281f1 add local exploit for osx root login with no password 2017-11-29 16:06:02 +08:00
h00die 00c593e0a2 55 pages of spelling done 2017-09-07 21:18:50 -04:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
Brent Cook d20036e0fb revise spelling, add heartbleed and tidy checks 2017-06-28 18:50:20 -04:00
Brent Cook 461ab4501d add 'Also known as', AKA 'AKA', to module references 2017-06-28 15:53:00 -04:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
OJ 1d617ae389
Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
jvoisin 2272e15ca2 Remove some anti-patterns, in the same spirit than #7372 2016-09-29 00:15:01 +02:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references"
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
2016-07-15 12:00:31 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references.
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
2016-04-23 12:32:34 -05:00
James Lee 1375600780
Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00
Brent Cook 44990e9721 Revert "change Metasploit4 class names"
This reverts commit 3da9535e22.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer 3da9535e22
change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00