infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,451 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

827 Commits (25f4e3ee1fe6642a6b4ac58ba5d9ac5fb2d409d7)

Author SHA1 Message Date
sinn3r 25f4e3ee1f Update patch information for MS12-063 2012-09-21 12:28:41 -05:00
sinn3r 54b98b4175 Merge branch 'ntr_activex_check_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_check_bof 2012-09-20 16:43:20 -05:00
sinn3r 4ead0643a0 Correct target parameters 2012-09-20 16:41:54 -05:00
sinn3r 41449d8379 Merge branch 'ntr_activex_stopmodule' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_stopmodule 2012-09-20 16:33:12 -05:00
Tod Beardsley a5ffe7297f Touching up Kernelsmith's wording. 
It is merely the ROP chain, not the vuln, that requires Java.
 2012-09-20 14:52:52 -05:00
jvazquez-r7 e98e3a1a28 added module for cve-2012-0266 2012-09-20 19:03:46 +02:00
jvazquez-r7 b61c8b85b8 Added module for CVE-2012-02672 2012-09-20 19:02:20 +02:00
kernelsmith f1a39c76ed update to ie_execcommand_uaf's info to add ROP info 
This module requires the following dependencies on the target for the
ROP chain to function.  For WinXP SP3 with IE8, msvcrt must be present
(which it is on default installs).  For Vista/Win7 with IE8 or Win7
with IE9, ire 1.6.x or below must be installed.
 2012-09-19 14:10:02 -05:00
sinn3r cc8102434a CVE assigned for the IE '0day' 2012-09-18 16:13:27 -05:00
Tod Beardsley 25475ffc93 Msftidy fixes. 
Whitespace on ie_execcommand_uaf, and skipping a known-weird caps check
on a particular software name.
 2012-09-18 11:25:00 -05:00
sinn3r 5fbc4b836a Add Microsoft advisory 2012-09-17 22:13:57 -05:00
Tod Beardsley 75bbd1c48d Being slightly more clear on Browser Not Supported 
With this and the rest of sinn3r's fixes, it looks like we can close the
Redmine bug.

[FixRM #7242]
 2012-09-17 11:16:19 -05:00
sinn3r d77ab9d8bd Fix URIPATH and nil target 
Allow random and '/' as URIPATh, also refuse serving the exploit
when the browser is unknown.
 2012-09-17 10:54:12 -05:00
Tod Beardsley 48a46f3b94 Pack / Unpack should be V not L 
Packing or unpacking to/from L, I, or S as pack types will cause
problems on big-endian builds of Metasloit, and are best avoided.
 2012-09-17 09:52:43 -05:00
Tod Beardsley d77efd587a Merge remote branch 'wchen-r7/ie_0day_execcommand' 2012-09-17 08:48:22 -05:00
sinn3r 5eaefcf4c7 This is the right one, I promise 2012-09-17 08:41:25 -05:00
sinn3r 8f50a167bd This is the right module 2012-09-17 08:36:04 -05:00
sinn3r e43cae70a7 Add IE 0day exploiting the execcommand uaf 2012-09-17 08:28:33 -05:00
Tod Beardsley 39f2cbfc3c Older targets confirmed for CoolType SING 2012-09-12 16:51:51 -05:00
sinn3r 783ffb13c2 Add Adobe security bulletin references 2012-09-04 00:07:53 -05:00
sinn3r 9d97dc8327 Add Metasploit blogs as references, because they're useful. 2012-09-03 15:57:27 -05:00
sinn3r 8e56d4f2eb This reference is too damn useful, must add 2012-08-25 16:05:58 -05:00
sinn3r d51f8cad25 Change title and description 2012-08-24 15:39:56 -05:00
jvazquez-r7 57c6385279 heap spray from flash works pretty well on ie9 too 2012-08-22 20:47:11 +02:00
jvazquez-r7 730c0e9368 added windows vista and w7 targets 2012-08-22 20:13:10 +02:00
sinn3r f715527423 Improve CVE-2012-1535 2012-08-21 19:58:21 -05:00
sinn3r d1370c0f33 Alexander Gavrun gets a cookie 2012-08-17 12:23:49 -05:00
sinn3r 53a835dc85 Imply that we only garantee 11.3 2012-08-17 12:18:45 -05:00
sinn3r 13df1480c8 Add exploit for CVE-2012-1535 2012-08-17 12:16:54 -05:00
jvazquez-r7 44dd8b0cc5 Merge branch 'update_juan_author' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-update_juan_author 2012-08-06 19:04:26 +02:00
jvazquez-r7 c2cc4b3b15 juan author name updated 2012-08-06 18:59:16 +02:00
sinn3r 349c841f6b Blah, OSVDB ref shouldn't be a link 2012-08-06 11:57:59 -05:00
sinn3r 647b587f75 Merge branch 'Meatballs1-uplay' 2012-08-06 11:54:51 -05:00
sinn3r 69ff9e7c1c Lots of changes before commit. 2012-08-06 11:54:08 -05:00
sinn3r 25b2b2de68 Merge branch 'uplay' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-uplay 2012-08-06 11:33:27 -05:00
sinn3r 13aca3fe4c Merge branch 'oracle_autovue_setmarkupmode' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-oracle_autovue_setmarkupmode 2012-08-06 03:13:27 -05:00
Steve Tornio 79e04bb793 add osvdb ref 2012-08-05 09:02:11 -05:00
jvazquez-r7 4e8a6f6508 Added module for CVE-2012-0549 2012-08-05 12:13:23 +02:00
Meatballs1 1aacea951d Serve files as hidden 2012-08-04 18:03:12 +01:00
Meatballs1 833999b2c3 Changed blacklist to 404 all files that are not our share and executable - this allows windows/exec payload to work 2012-08-04 17:59:45 +01:00
sinn3r 2f1022a5a3 Merge branch 'uplay' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-uplay 2012-08-01 16:24:23 -05:00
jvazquez-r7 4c28b2a310 modified autopwn_info to add ie9 2012-08-01 19:36:20 +02:00
jvazquez-r7 d3c10d5d39 Added module for CVE-2012-0284 2012-08-01 19:34:37 +02:00
sinn3r d66678e7ee Forgot to randomize element ID 2012-07-31 17:25:50 -05:00
jvazquez-r7 7a0b5a6169 Added module for CVE-2012-1876 2012-07-31 23:14:29 +02:00
Meatballs1 75a9283fbf Removed auto migrate as exploit loads in a seperate process to browser anyway 2012-07-31 20:44:14 +01:00
Meatballs1 6f697ce519 Working with WebDAV 2012-07-31 20:26:47 +01:00
sinn3r e7db0ebcef Blah, removed the wrong ref. 2012-07-30 12:47:32 -05:00
sinn3r edfe43e7e0 When I say to remove BID ref, I mean it... 2012-07-30 12:46:27 -05:00
sinn3r e84214d1e1 Remove some references to avoid confusion. 
rgod's poc and Mikado aren't actually the same thing, despite the
fact they both use the same method. To avoid confusion, refs to
Secunia and CVE are removed, but OSVDB/EDB are kept unless OSVDB
decides rgod's and Mikado's are separate issues.
 2012-07-30 12:42:27 -05:00