juan
e69037959f
Added CVE-2010-0842
2012-02-15 23:32:31 +01:00
scriptjunkie
1e811aed02
Adds scriptjunkie's multilingual admin fie for pxexploit
...
Also removes duplicated code between external/source/exploits/pxesploit
and external/source/pxesploit.
[Closes #63 ]
Squashed commit of the following:
commit 325f52527233ded1bf6506c366ec8cb9efdc2610
Author: scriptjunkie <scriptjunkie@scriptjunkie.us>
Date: Fri Dec 16 12:14:18 2011 -0600
Jetzt auf Deutsch! y español! 中國人!
[update pxexploit to resolve administrators' group name rather than assume the English 'Administrators']
Also remove duplicate/old pxexploit source code from the tree.
2011-12-23 12:24:45 -06:00
David Maloney
d939e33f1e
Allows for Loot and Tasks to be imported from an MSF ZIP.
...
This should bring any loots and tasks along with
everything else when doing an improt from an MSF ZIP file.
2011-12-05 22:30:34 -05:00
sinn3r
c5302e13ac
Slight changes
2011-12-01 03:02:08 -06:00
sinn3r
f64f0eefda
Add class file for CVE-2011-3544
2011-11-29 18:06:20 -06:00
David Maloney
30d1451159
Consolidation of the Axis2 Deployer Exploits
...
Fixes #5276
2011-11-22 08:47:53 -08:00
sinn3r
3185b3471b
Add template for CVE-2010-0822
2011-11-21 11:36:27 -06:00
scriptjunkie
8d58ea227f
Add UAC bypass to default pxesploit attack.
2011-11-16 08:16:22 -08:00
HD Moore
96766edfd0
Permission changes (to sync)
2011-11-10 19:48:32 -06:00
Wei Chen
aeaea65896
Add template file for ms11-021
...
git-svn-id: file:///home/svn/framework3/trunk@14168 4d416f70-5f16-0410-b530-b9f4589650da
2011-11-05 23:04:54 +00:00
Mario Ceballos
2f2421badc
initial coverage of the pnsize bug (fileformat)
...
git-svn-id: file:///home/svn/framework3/trunk@13691 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-03 21:17:58 +00:00
David Rude
0b72c931b6
Adds the nsepa.ocx ActiveX control for CVE-2011-2882
...
git-svn-id: file:///home/svn/framework3/trunk@13668 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-30 22:23:27 +00:00
Matt Weeks
ce9db06589
Add localboot config for PXE.
...
git-svn-id: file:///home/svn/framework3/trunk@13628 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-24 21:26:41 +00:00
Wei Chen
5559eec7c9
Add trigger file for MS10-026
...
git-svn-id: file:///home/svn/framework3/trunk@13545 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 19:01:59 +00:00
Matt Weeks
f12742a05f
Better cleanup for PXE attacks.
...
git-svn-id: file:///home/svn/framework3/trunk@13518 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 02:57:02 +00:00
Matt Weeks
b2733c04db
More PXE dust for extra magic!
...
git-svn-id: file:///home/svn/framework3/trunk@13493 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-05 17:10:27 +00:00
amaloteaux
b9bb5c454d
psnuffle : add a smb protocol decoder
...
git-svn-id: file:///home/svn/framework3/trunk@13375 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-27 18:06:28 +00:00
Tod Beardsley
c54e18d757
Fixes #5038 . Removes all instances of Racket objects, as far as I can tell. If I missed any through my mighty grep -ril racket . statement, please reopen!
...
git-svn-id: file:///home/svn/framework3/trunk@13342 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-26 01:29:21 +00:00
Matt Weeks
338a13baac
Fix minor error.
...
git-svn-id: file:///home/svn/framework3/trunk@13167 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-14 02:36:42 +00:00
James Lee
d1b971c5f2
no need for a static sig anymore
...
git-svn-id: file:///home/svn/framework3/trunk@12835 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 00:13:44 +00:00
Matt Weeks
971b6f96f6
pxesploit update; compatibility with x64, compatibility with different windows versions.
...
Still no custom payload yet.
git-svn-id: file:///home/svn/framework3/trunk@12430 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-25 02:51:07 +00:00
Wei Chen
ce2687cafe
Added swf trigger file
...
git-svn-id: file:///home/svn/framework3/trunk@12329 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-16 02:08:03 +00:00
David Rude
8c614a9296
made the shellcode request random to avoid signatures
...
git-svn-id: file:///home/svn/framework3/trunk@12148 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 16:00:52 +00:00
David Rude
ff3659aa37
Lots of work to make this a lot more reliable =)
...
git-svn-id: file:///home/svn/framework3/trunk@12146 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 06:35:28 +00:00
Wei Chen
bdccc67d1d
Added Crash file for CVE-2010-3275 (VLC AMV file)
...
git-svn-id: file:///home/svn/framework3/trunk@12136 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 21:01:30 +00:00
Tod Beardsley
9895d01d51
Moving lib_mysqludf_sys*.dll to a more obvious subdirectory of the exploit binaries.
...
git-svn-id: file:///home/svn/framework3/trunk@12128 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-24 17:48:19 +00:00
Tod Beardsley
b1178686cf
Fixes #3988 . Adds a command execution module for PostgreSQL by uploading a UDF library and adding sys_exec() as a temporary function. Requires the target to be Windows, uses Bernardo Damele A. G.'s binaries.
...
Also fixes a typo in the arguments to handler which clears up a heretofore mysterious exception (see exploit.rb).
git-svn-id: file:///home/svn/framework3/trunk@12111 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 19:36:07 +00:00
David Rude
d7266b6551
Add CVE-2011-0609 exploit for Adobe Flash
...
git-svn-id: file:///home/svn/framework3/trunk@12089 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 04:31:48 +00:00
Joshua Drake
fb6107ffb5
enable java payloads, currently via one-off method
...
git-svn-id: file:///home/svn/framework3/trunk@12012 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 23:57:11 +00:00
Joshua Drake
4644110962
add exploit for cve-2010-4452, currently windows only and no payloads :(
...
git-svn-id: file:///home/svn/framework3/trunk@11982 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 04:50:25 +00:00
Tod Beardsley
42531e097f
Fixes #3916 . Adds a module for mysql delivery of a payload via a UDF, using Bernardo's quite excellent UDF libraries.
...
git-svn-id: file:///home/svn/framework3/trunk@11899 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-08 22:42:26 +00:00
James Lee
05d073c467
move the evil-looking metasploit.PayloadApplet to the more inocuous SiteLoader.class, re-enable rjb compiling for the applet class
...
git-svn-id: file:///home/svn/framework3/trunk@11249 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-07 20:43:53 +00:00
Joshua Drake
fbd340aae8
add an adodb based cmdstager, fixes #1431
...
git-svn-id: file:///home/svn/framework3/trunk@11247 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-07 18:51:12 +00:00
James Lee
191c4e8eb7
make java_signed_applet work with generic java payloads, but keep the default target as Windows/x86 since it is by far the most common victim.
...
git-svn-id: file:///home/svn/framework3/trunk@11172 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-30 03:50:40 +00:00
James Lee
6f7af42667
add an exploit for cve-2010-3563, thanks Matthias Kaiser
...
git-svn-id: file:///home/svn/framework3/trunk@11078 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 23:02:35 +00:00
Carlos Perez
c492737f0f
Fixed format issue
...
git-svn-id: file:///home/svn/framework3/trunk@11032 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-14 02:37:37 +00:00
James Lee
089ace9726
update the static-signed jar for java_signed_applet, fixes #3015
...
git-svn-id: file:///home/svn/framework3/trunk@10993 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 21:00:29 +00:00
Joshua Drake
b572414eac
add exploit for cve-2010-3654
...
git-svn-id: file:///home/svn/framework3/trunk@10857 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-01 22:34:13 +00:00
Joshua Drake
21f16f63a1
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10855 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-01 21:45:49 +00:00
Joshua Drake
6bd75bb2d5
add shockwave exploit from abysssec/rel1k
...
git-svn-id: file:///home/svn/framework3/trunk@10779 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 03:15:22 +00:00
Joshua Drake
f997b37245
remove the kitrap0d meterpreter script in favor of the "getsystem" implementation, fixes #800 , fixes #801
...
git-svn-id: file:///home/svn/framework3/trunk@10739 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-18 23:57:41 +00:00
HD Moore
f88033f0cc
Merge in R3L1K's Powershell enhancements and powerdump code (hashdump through powershell)
...
git-svn-id: file:///home/svn/framework3/trunk@10721 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-17 17:39:43 +00:00
Joshua Drake
eaf8ef00d0
add initial version of cve-2010-2883 exploit
...
git-svn-id: file:///home/svn/framework3/trunk@10263 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-08 23:05:18 +00:00
James Lee
85126af521
add an exploit module for cve-2010-0094, thanks Matthias Kaiser.
...
git-svn-id: file:///home/svn/framework3/trunk@10255 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-08 08:20:55 +00:00
James Lee
7381ab8b6d
duh, dont actually need this
...
git-svn-id: file:///home/svn/framework3/trunk@10093 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-21 07:19:49 +00:00
James Lee
6b08dfed61
Add exploit module for cve-2010-08040. This is an awesome bug and my description field doesn't do it justice
...
git-svn-id: file:///home/svn/framework3/trunk@10092 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-21 06:38:29 +00:00
Joshua Drake
4f148f9374
oops, add updateX data files, see #2329
...
git-svn-id: file:///home/svn/framework3/trunk@9964 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-06 19:43:25 +00:00
James Lee
119f9328fc
remove debug prints. =/
...
git-svn-id: file:///home/svn/framework3/trunk@9875 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-20 00:57:03 +00:00
James Lee
08d705c1db
add java meterpreter and update java_calendar_deserialize to be able to use it, see #406
...
git-svn-id: file:///home/svn/framework3/trunk@9874 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-20 00:53:24 +00:00
Joshua Drake
74b30535c4
oops, forgot swf
...
git-svn-id: file:///home/svn/framework3/trunk@9474 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-10 20:14:45 +00:00