Commit Graph

23493 Commits (37fa4a73a1a924cff7b77c1cfc59f8d7b6140c63)

Author SHA1 Message Date
Joe Vennix 517a85d141 Remove unneeded quotes. 2014-03-03 15:42:46 -06:00
Joe Vennix b3ab8f7ce1 Make random_var_name public, add specs for it. 2014-03-03 15:39:56 -06:00
William Vu f80708b7d7 Merge remote-tracking branch 'origin/pr/4' into feature/contributing 2014-03-03 15:21:09 -06:00
Joe Vennix ae9ce962c0 Add future reserved words.
Gotta stay ahead of the game.
2014-03-03 14:59:46 -06:00
Joe Vennix dd86a9188c Prevent jsobfu from generating duplicate/reserved tokens.
I got an error from a script that tried to 'set void = 1'.
2014-03-03 14:56:50 -06:00
Brandon Perry 98b59c4103 update desc 2014-03-03 12:40:58 -08:00
Tod Beardsley defdf05f6d
Various and sundry text updates to CONTRIBUTING.md
Namely, all sentences should end with periods. Other light changes.
Please cover the rest of my comments mentioned on commit 30fec1af (or
argue with them) then PR away!
2014-03-03 14:39:40 -06:00
Brandon Perry c5d1071456 add mantisbt aux module 2014-03-03 12:36:38 -08:00
sinn3r 308267da14
Land #3056 - Pre-release fixups: Minor description/print_* cleanup 2014-03-03 14:34:18 -06:00
Tod Beardsley de6be50d64
Minor cleanup and finger-wagging about a for loop 2014-03-03 14:12:22 -06:00
sinn3r ee1209b7fb This should work 2014-03-03 11:53:51 -06:00
Joe Vennix 6a02a2e3b3 NULL out envp pointer before execve call.
This was causing a crash on 10.9.
2014-03-03 08:56:52 -06:00
sinn3r 8cf5c3b97e Add heaplib2
[SeeRM #8769] Add heapLib2 for browser exploitation
2014-03-02 11:47:18 -06:00
Sagi Shahar 8c4b663643 Fix payloads to bypass Perl's Taint mode. 2014-03-02 18:39:05 +02:00
bcoles f008c77f26 Write payload to startup for Vista+ 2014-03-02 18:10:10 +10:30
William Vu 21cdaa4f39
Land #3049, small msftidies 2014-02-28 16:26:45 -06:00
Meatballs 63751c1d1a
Small msftidies 2014-02-28 22:18:59 +00:00
David Maloney 42a730745e
Land #2418, Use meterpreter hostname resolution 2014-02-28 14:45:39 -06:00
David Maloney 1a0f77edb2
Land #2739, DLL injection in msfvenom
lands Meatballs PR to fix dll injection
in Msfvenom. Test to ensure it still works
in the new MsfVenom
2014-02-28 14:22:17 -06:00
David Maloney 9e355e1265 Merge branch 'master' into dll_inject 2014-02-28 14:20:46 -06:00
sinn3r ac446d3b3f
Land #3043 - randomization for Rex::Zip::Jar and java_signed_applet 2014-02-28 14:10:55 -06:00
David Maloney 566a791ef3
Land #2992, Fix VNC Inject Defaults 2014-02-28 14:04:56 -06:00
jvazquez-r7 8922f6457b
Land #3045, @wchen-r7's fix for browser autopwn 2014-02-28 12:55:32 -06:00
David Maloney e99e668a12 Merge branch 'master' of github.com:rapid7/metasploit-framework 2014-02-28 10:12:03 -06:00
David Maloney 2b5e4bea2b
Landing Pull Request 3003 2014-02-28 10:10:12 -06:00
William Vu fd1586ee6a
Land #2515, plaintext creds fix for John
[FixRM #8481]
2014-02-28 09:53:47 -06:00
OJ 7117d50fa4
Land #3028 - bypassuac revamp 2014-02-28 09:12:02 +10:00
William Vu 1a053909dc
Land #3044, chargen_probe reported service fix 2014-02-27 14:33:06 -06:00
sinn3r f531d61255
Land #3036 - Total Video Player buffer overflow 2014-02-27 14:28:53 -06:00
sinn3r 7625dc4880 Fix syntax error due to the missing , 2014-02-27 14:25:52 -06:00
sinn3r 49ded452a9 Add OSVDB reference 2014-02-27 14:22:56 -06:00
sinn3r e72250f08f Rename Total Video Player module
The filename shouldn't include the version, because the exploit should
be able to target multiple versions if it has to.
2014-02-27 14:20:26 -06:00
sinn3r 93ec12af43
Land #3035 - GE Proficy CIMPLICITY gefebt.exe Remote Code Execution 2014-02-27 14:13:28 -06:00
David Maloney b952b103bd
cleanup tior and .tmp files
bypassuac module now also cleans
the tior.exe and all the .tmp files so we have a
clean environemnt afterwards
2014-02-27 13:18:34 -06:00
David Maloney f66709b5bb
make bypassuac module clean itself up
since the IO redirection hangs our original process
we have the moudle wait for the session then kills
the spawning process and delete the exe we dropped
2014-02-27 12:54:40 -06:00
jgor 8be33f42fe Define service as udp 2014-02-27 12:53:29 -06:00
jvazquez-r7 6c490af75e Add randomization to Rex::Zip::Jar and java_signed_applet 2014-02-27 12:38:52 -06:00
David Maloney 9d9149d9d8
remove some dead code paths
refactor some dead conditionals and a case/switch
that wasn't doing anything
2014-02-27 11:45:57 -06:00
sinn3r 0c3891c0f9 Add more IE targets 2014-02-27 11:01:03 -06:00
sinn3r 151646156d Check navigator.oscpu for FF
If we don't check navigator.oscpu, IE 11 is detected as FF.
2014-02-27 10:54:38 -06:00
David Maloney a8e0c3c255
remove copypasta mistake 2014-02-27 10:05:53 -06:00
Fr330wn4g3 63f74bddae 2° update total_video_player_131_ini_bof 2014-02-27 16:41:35 +01:00
David Maloney 96b611104e cleanup methods in bypassuac module
apply the same sort of method cleanup as in
Meatballs injection based module.
2014-02-26 11:00:55 -06:00
David Maloney d5b22f66d2
Merge branch 'master' into feature/bypassuac/revamp 2014-02-26 10:37:54 -06:00
David Maloney d358fe5f94
Merge branch 'payload_defaults' 2014-02-26 10:28:46 -06:00
David Maloney cd79ed6dcb Merge branch 'payload_defaults' into feature/bypassuac/revamp 2014-02-26 10:25:58 -06:00
dmaloney-r7 13f25fa7a6 Merge pull request #11 from OJ/cosine-bypassuac-revamp
Configuration fixes, build system changes
2014-02-26 09:56:03 -06:00
jvazquez-r7 bfdefdb338
Land #3023, @m-1-k-3's module for Linksys WRT120N bof reset password 2014-02-26 09:36:14 -06:00
jvazquez-r7 6ba26bf743 Use normalize_uri 2014-02-26 09:35:42 -06:00
jvazquez-r7 582372ec3e Do minor cleanup 2014-02-26 09:32:11 -06:00