Joe Vennix
1b0e99b448
Update proto_crmfrequest module.
2014-01-02 10:48:28 -06:00
Joe Vennix
694cb11025
Add firefox platform, architecture, and payload.
...
* Enables chrome privilege exploits in firefox to run a javascript cmd
shell session without touching the disk.
* Adds a spec for the addon_generator.
2014-01-02 10:48:28 -06:00
William Vu
d291cd92d7
Land #2817 , icofx_bof random things
2014-01-01 22:01:48 -06:00
jvazquez-r7
b4439a263b
Make things random
2013-12-31 16:06:25 -06:00
sinn3r
184bd1e0b2
Land #2815 - Change gsub hardtabs
2013-12-31 15:58:21 -06:00
jvazquez-r7
2252a037a5
Fix disclosure date
2013-12-31 14:51:43 -06:00
jvazquez-r7
3775b6ce91
Add module for CVE-2013-4988
2013-12-31 14:43:45 -06:00
jvazquez-r7
841f67d392
Make adobe_reader_u3d also compliant
2013-12-31 11:07:31 -06:00
jvazquez-r7
7f9f4ba4db
Make gsubs compliant with the new indentation standard
2013-12-31 11:06:53 -06:00
William Vu
80a1e85235
Add :config => false to sysax_ssh_username
2013-12-30 18:13:49 -06:00
David Maloney
c3fd657bde
Missing config false flag
...
the sshexec exploit was missing the flag
that tells net:ssh to not use the user's
local config . This can cuase ugly problem
MSP-9262
2013-12-30 14:28:15 -06:00
Tod Beardsley
5ce862a5b5
Add OSVDB
2013-12-26 10:33:46 -06:00
sinn3r
90ce761681
Land #2790 - RealNetworks RealPlayer Version Attribute Buffer Overflow
2013-12-24 00:39:54 -06:00
sinn3r
367dce505b
Minor details
2013-12-24 00:39:15 -06:00
sgabe
f687a14539
Added support for opening via menu.
2013-12-24 03:12:49 +01:00
sinn3r
9c484dd0a3
Land #2786 - HP SiteScope issueSiebelCmd Remote Code Execution
2013-12-23 02:34:01 -06:00
sinn3r
5b647ba6f8
Change description
...
Pre-auth is implied.
2013-12-23 02:33:17 -06:00
sgabe
287271cf98
Fixed date format.
2013-12-22 01:32:16 +01:00
sgabe
0ac495fef8
Replaced hex with plain text.
2013-12-22 01:31:37 +01:00
jvazquez-r7
f43bc02297
Land #2787 , @mwulftange's exploit for CVE-2013-6955
2013-12-20 17:03:10 -06:00
jvazquez-r7
163a54f8b1
Do send_request_cgi final clean up
2013-12-20 17:00:57 -06:00
sgabe
44ab583611
Added newline to end of file.
2013-12-20 22:40:45 +01:00
sgabe
62f71f6282
Added module for CVE-2013-6877
2013-12-20 22:37:09 +01:00
jvazquez-r7
af13334c84
Revert gsub!
2013-12-20 11:39:49 -06:00
sinn3r
ce8b8e8ef9
Land #2783 - OpenSIS 'modname' PHP Code Execution
2013-12-20 11:29:10 -06:00
sinn3r
d0ef860f75
Strip default username/password
...
There isn't one. So force the user to supply one.
2013-12-20 11:28:18 -06:00
sinn3r
52a4e55804
Land #2781 - Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
2013-12-20 11:25:50 -06:00
jvazquez-r7
1da961343a
Do final (minor) cleanup
2013-12-20 11:20:29 -06:00
Markus Wulftange
929f3ea35c
Turn Auxiliary module into Exploit module
2013-12-20 16:45:38 +01:00
bcoles
fb6cd9c149
add osvdb+url refs and module tidy up
2013-12-20 20:27:07 +10:30
jvazquez-r7
4816abe63b
Add module for ZDI-13-263
2013-12-19 17:48:52 -06:00
Joe Vennix
8e27e87c81
Use the right disclosure date.
2013-12-19 12:58:52 -06:00
Joe Vennix
955dfe5d29
msftidy it up.
2013-12-19 12:53:58 -06:00
Joe Vennix
b50bbc2f84
Update module to use sinn3r's beautiful browserexploitserver.
2013-12-19 12:49:24 -06:00
bcoles
fc2da15c87
Add OpenSIS 'modname' PHP Code Execution module for CVE-2013-1349
2013-12-19 19:10:48 +10:30
Joe Vennix
eb08a30293
Update description with new version support.
2013-12-19 02:08:55 -06:00
Joe Vennix
5ee6c77901
Add a patch for 15.x support.
...
* Also add authors i forgot, oops
2013-12-19 02:05:45 -06:00
Joe Vennix
2add2acc8f
Use a smaller key size, harder to spot.
2013-12-18 21:02:23 -06:00
Joe Vennix
8d183d8afc
Update versions, 4.0.1 does not work on windows.
2013-12-18 20:57:47 -06:00
Joe Vennix
cb390bee7d
Move comment.
2013-12-18 20:37:33 -06:00
Joe Vennix
23b5254ea1
Fix include reference.
2013-12-18 20:35:43 -06:00
Joe Vennix
5255f8da12
Clean up code. Test version support.
...
* Using #get in Object#defineProperty call makes the payload execute immediately
on all supported browsers I tested.
* Moved Ranking to Excellent since it is now 100% reliable.
2013-12-18 20:30:08 -06:00
jvazquez-r7
198667b650
Land #2774 , @Mekanismen's module for CVE-2013-7091
2013-12-18 16:23:44 -06:00
jvazquez-r7
aec2e0c92c
Change ranking
2013-12-18 16:23:14 -06:00
jvazquez-r7
d4ec858051
Clean zimbra_lfi
2013-12-18 15:46:37 -06:00
sinn3r
4bddd077ec
Land #2762 - Use new ntdll railgun functions
2013-12-18 15:18:47 -06:00
Joe Vennix
64273fe41d
Move addon datastore options into mixin.
2013-12-18 14:42:01 -06:00
Joe Vennix
ca2de73879
It helps to actually commit the exploit.
2013-12-18 14:31:42 -06:00
Joe Vennix
1235615f5f
Add firefox 15 chrome privilege exploit.
...
* Moves the logic for generating a firefox addon into its own mixin
* Updates the firefox_xpi_bootstrapped_addon module to use the mixin
* Module only works if you move your mouse 1px in any direction.
2013-12-18 14:30:35 -06:00
Mekanismen
0c0e8c3a49
various updates
2013-12-18 20:54:35 +01:00