wchen-r7
591da3c97e
Please use exploit/multi/browser/adobe_flash_pixel_bender_bof
...
Time to say goodbye to:
exploits/windows/browser/adobe_flash_pixel_bender_bof.rb
Please use:
exploit/multi/browser/adobe_flash_pixel_bender_bof
Reason: The replacement supports multiple platforms, so better.
2015-11-24 20:37:57 -06:00
Louis Sato
2bd792f693
remove .rb file extension
2015-10-30 15:26:45 -05:00
wchen-r7
82e600a53a
Suggest the correct replacement for the deprecated module
...
The deprecated module has been suggesting the wrong replacement,
it should be exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
2015-10-29 16:24:29 -05:00
wchen-r7
da52c36687
Put back some links
2015-10-29 15:48:47 -05:00
wchen-r7
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
HD Moore
cd65478d29
Land #5826 , swap ExitFunction -> EXITFUNC
2015-09-01 13:58:12 -05:00
Christian Mehlmauer
115f409fef
change exitfunc to thread
2015-09-01 10:48:07 +02:00
Christian Mehlmauer
5398bf78eb
change exitfunc to thread
2015-09-01 10:46:54 +02:00
HD Moore
42e08cbe07
Fix bad use of get_profile (now browser_profile)
2015-08-14 19:50:42 -05:00
Christian Mehlmauer
80a22412d9
use EXITFUNC instead of ExitFunction
2015-08-13 21:22:32 +02:00
HD Moore
a7b5890dc5
Fix URIPATH=/ and stack trace on missing ntdll version match
2015-07-25 15:39:20 -07:00
wchen-r7
29defc979b
Fix #5740 , remove variable ROP for adobe_flashplayer_flash10o
2015-07-17 16:57:37 -05:00
wchen-r7
e638d85f30
Merge branch 'upstream-master' into bapv2
2015-07-12 02:01:09 -05:00
wchen-r7
c37b60de7b
Do some print_status with ms14_064
2015-07-07 00:57:37 -05:00
wchen-r7
8051a99f4a
Merge branch 'upstream-master' into bapv2
2015-07-01 18:45:42 -05:00
William Vu
3632cc44c5
Fix nil error when target not found
2015-06-30 11:48:41 -05:00
wchen-r7
9da99a8265
Merge branch 'upstream-master' into bapv2
2015-06-19 11:36:27 -05:00
wchen-r7
13a3f2781d
Change ExcellentRanking to GoodRanking for MS14-064
...
The ms14_064_ole_code_execution exploit's ranking is being lowered
to GoodRanking because of these two reasons:
1. The vulnerable component isn't in Internet Explorer. And BES can't
check it so the exploit still fires even if the target is patched.
2. Although rare, we've seen the exploit crashing IE, and since this
is a memory curruption type of bug, it should not be in Excellent
ranking anyway.
2015-06-18 13:07:44 -05:00
William Vu
8d640a0c8f
Land #5527 , multi/handler -> exploit/multi/handler
2015-06-15 10:23:26 -05:00
wchen-r7
17b8ddc68a
Land #5524 , adobe_flash_pixel_bender_bof in flash renderer
2015-06-15 02:42:16 -05:00
g0tmi1k
a53ca53a6a
Fix inconstancy - multi/handler
2015-06-12 21:23:51 +01:00
jvazquez-r7
8ed13b1d1b
Add linux support for CVE-2014-0515
2015-06-11 16:18:50 -05:00
wchen-r7
ae21b0c260
Land #5523 , adobe_flash_domain_memory_uaf in the flash renderer
2015-06-10 16:59:19 -05:00
wchen-r7
4c5b1fbcef
Land #5522 , adobe_flash_worker_byte_array_uaf in the flash renderer
2015-06-10 14:49:41 -05:00
jvazquez-r7
6c7ee10520
Update to use the new flash Exploiter
2015-06-10 13:52:43 -05:00
wchen-r7
d622c782ef
Land #5519 , adobe_flash_uncompress_zlib_uninitialized in the flash renderer
2015-06-10 11:52:47 -05:00
jvazquez-r7
fb531d0069
Update version coverage
2015-06-10 09:38:00 -05:00
jvazquez-r7
a6fe383852
Use AS Exploiter
2015-06-10 09:32:52 -05:00
jvazquez-r7
e5d6c9a3cb
Make last code cleanup
2015-06-09 16:01:57 -05:00
jvazquez-r7
cf8c6b510b
Debug version working
2015-06-09 15:46:21 -05:00
jvazquez-r7
b7f0fad72f
Modify CVE-2014-0569 to use the flash exploitation code
2015-06-09 11:31:39 -05:00
wchen-r7
ee13a215e9
Merge branch 'upstream-master' into bapv2
2015-06-05 14:09:07 -05:00
jvazquez-r7
318f67fcda
update descriptions
2015-06-05 09:01:20 -05:00
wchen-r7
69968fc9f1
Merge branch 'upstream-master' into bapv2
2015-06-04 23:36:24 -05:00
jvazquez-r7
02181addc5
Update CVE-2014-0556
2015-06-04 18:23:50 -05:00
wchen-r7
e83677d29d
rm deprecated mod
2015-05-29 17:43:26 -05:00
wchen-r7
13779adab4
Merge branch 'upstream-master' into bapv2
2015-05-29 14:59:04 -05:00
wchen-r7
6be363d82a
Merge branch 'upstream-master' into bapv2
2015-05-29 14:58:38 -05:00
jvazquez-r7
8c7d41c50c
Land #5426 , @wchen-r7's adds more restriction on Windows 7 target for MS14-064
2015-05-29 14:35:44 -05:00
wchen-r7
c3fa52f443
Update description
2015-05-29 13:47:20 -05:00
wchen-r7
bcdae5fa1a
Forgot to add the datastore option
2015-05-27 18:12:38 -05:00
wchen-r7
4f0e908c8b
Never mind, Vista doesn't have powershell.
2015-05-27 18:08:58 -05:00
wchen-r7
d43706b65e
It doesn't look like Vista shows the powershell prompt
2015-05-27 18:04:35 -05:00
wchen-r7
53774fed56
Be more strict with Win 7 for MS14-064
...
The Powershell prompt can cause BAP to hang so we need to be more
strict about that.
2015-05-27 18:01:40 -05:00
jvazquez-r7
e5d42850c1
Add support for Linux to CVE-2015-0336
2015-05-27 17:05:10 -05:00
wchen-r7
9600f6a30a
rm deprecated exploit
2015-05-22 17:14:08 -05:00
wchen-r7
eb5aadfb4e
Land #5401 , multi-platform CVE-2015-0311 - Flash uncompress() UAF
2015-05-22 16:50:13 -05:00
jvazquez-r7
6da94b1dd5
Deprecate windows module
2015-05-21 15:01:41 -05:00
wchen-r7
2cadd5e658
Resolve #5373 , Add ActiveX info in BrowserRequirements
...
Resolve #5373
2015-05-20 16:34:09 -05:00
jvazquez-r7
51bb4b5a9b
Add module for CVE-2015-0359
2015-05-07 17:00:00 -05:00