infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
50,396 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

337 Commits (0dbad5d2e3c9e9c4cfb6203b99a2b437b18a0105)

Author SHA1 Message Date
Tim W 5fc0c66109 add version to check to safari exploit 2019-01-22 16:10:51 +08:00
Wei Chen cc7cb7302e
Land #10944, Add macOS Safari exploit from pwn2own2018 2018-12-13 13:50:19 -06:00
Wei Chen d523124faf
Land #10965, Add the macOS LPE from pwn2own2018 (CVE-2018-4237) 2018-11-27 14:00:35 -06:00
Tim W 3829cc11bb add DEBUG_EXPLOIT option 2018-11-20 17:58:36 +08:00
Tim W 57bad6b213 move offsets to hash 
fix
 2018-11-20 17:58:34 +08:00
Tim W bee3c3d4d3 add documentation 2018-11-20 16:53:34 +08:00
Tim W 44b1b6fe31 fix forking 2018-11-20 15:58:55 +08:00
William Vu 90b9204703 Update DisclosureDate to ISO 8601 in my modules 
Basic msftidy fixer:

diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
     # Check disclosure date format
     if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
       d = $1  #Captured date
+      File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+      fixed('Probably updated traditional DisclosureDate to ISO 8601')
       # Flag if overall format is wrong
       if d =~ /^... (?:\d{1,2},? )?\d{4}$/
         # Flag if month format is wrong
 2018-11-16 12:18:28 -06:00
Tim W 420be60900 add CVE-2018-4237 2018-11-15 08:48:10 +08:00
Tim W 2c30459a1b add CVE-2018-4233 and CVE-2018-4404 2018-11-15 08:44:18 +08:00
Brendan Coles c3080d69f2 Use writable? method for local modules 2018-11-04 05:28:32 +00:00
Brent Cook 6126a627cc
Land #10570, AKA Metadata Refactor 2018-09-17 22:29:20 -05:00
William Vu 4c036e70c1 Fix http://seclists.org links to https:// 
I have no idea how this happened in my own code. I was seeing https://.
 2018-09-15 18:54:45 -05:00
Erin Bleiweiss eb17d9b198
Refactor AKA references for modules 2018-08-31 16:56:05 -05:00
asoto-r7 1a3a4ef5e4
Revised 88 aux and exploit modules to add CVEs / references 2018-07-12 17:34:52 -05:00
Tim W 641ffca98c use base_dir 2018-06-08 14:53:21 +08:00
Brendan Coles 9c14bddd93 Cleanup OSX local exploit modules 2018-05-31 12:26:33 +00:00
Brendan Coles 45481f26b6 Add Msf::Post::OSX::Priv mixin 2018-05-22 22:25:39 +00:00
Brendan Coles aa033bf5c1 Fix cleanup 2018-05-20 16:19:25 +00:00
Brent Cook b13f4e25e1 thanks for making this well-known 2017-12-04 18:32:31 -06:00
Brent Cook a27bb38d51 add authors 2017-12-04 18:25:18 -06:00
Tim W 58897bf2fc msftidy 2017-11-29 16:36:50 +08:00
Tim W 7f1f7281f1 add local exploit for osx root login with no password 2017-11-29 16:06:02 +08:00
h00die 00c593e0a2 55 pages of spelling done 2017-09-07 21:18:50 -04:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 4720d1a31e OCD fixes - Spaces 2017-07-14 08:46:59 +01:00
g0tmi1k fd843f364b Removed extra lines 2017-07-14 08:17:16 +01:00
Brent Cook d20036e0fb revise spelling, add heartbleed and tidy checks 2017-06-28 18:50:20 -04:00
Brent Cook 461ab4501d add 'Also known as', AKA 'AKA', to module references 2017-06-28 15:53:00 -04:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings 
Also fixed rex requires.
 2017-05-03 15:44:51 -05:00
OJ 1d617ae389
Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
jvoisin 2272e15ca2 Remove some anti-patterns, in the same spirit than #7372 2016-09-29 00:15:01 +02:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references. 
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
 2016-04-23 12:32:34 -05:00
James Lee 1375600780
Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names" 
This reverts commit 666ae14259.
 2016-03-07 13:19:55 -06:00
Brent Cook 44990e9721 Revert "change Metasploit4 class names" 
This reverts commit 3da9535e22.
 2016-03-07 13:19:48 -06:00
Christian Mehlmauer 3da9535e22
change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Brent Cook c7c0e12bb3 remove various module hacks for the datastore defaults not preserving types 2016-03-05 23:11:39 -06:00
HD Moore 16d0d53150 Update Shellshock modules, add Advantech coverage 2015-12-01 10:40:46 -06:00
wchen-r7 154fb585f4 Remove bad references (dead links) 
These links are no longer available. They are dead links.
 2015-10-27 12:41:32 -05:00
wchen-r7 f4abc16c66
Land #6102, Add rsh/libmalloc privilege escalation exploit module 2015-10-26 10:54:05 -05:00
Sam H 5fcc70bea4 Fixed issue w/ msf payloads + added timeout rescue 
Apparently when OS X payload shells get a sudo command, it requires a full path (even though it clearly has $PATH defined in its env...) to that file. The updates here take that into account. Also, the script more directly catches a timeout error when the maximum time for sudoers file to change has passed.
 2015-10-25 23:38:48 -07:00
wchen-r7 360f40249c
Land #6122, user-assisted Safari applescript:// module (CVE-2015-7007) 2015-10-22 15:07:42 -05:00
wchen-r7 9d2e2df1f1 Update description 2015-10-22 15:07:11 -05:00
joev 35578c7292 Add refs. 2015-10-22 09:48:11 -05:00
joev 6a87e7cd77 Add osx safari cmd-R applescript exploit. 2015-10-22 09:46:56 -05:00