Commit Graph

7931 Commits (3b21de390661675fc6d47dbce293e37bd128e56c)

Author SHA1 Message Date
Tod Beardsley 94b4bc24bd
Minor word choice changes
[See #4804]
2015-02-24 12:29:11 -06:00
Brent Cook cf913e521c
Land #4832 @wvu-r7 remove and merge duplicate hash key initializers 2015-02-24 08:38:09 -06:00
William Vu 5cdb678654 Fix invalid use of RPORT (should be RHOST) 2015-02-24 05:24:09 -06:00
William Vu aa1e1a5269 Fix duplicate hash key "Platform"
In modules/exploits/windows/mssql/mssql_linkcrawler.rb.
2015-02-24 05:19:56 -06:00
William Vu 57642377cc Fix duplicate hash key "MinNops"
In modules/exploits/windows/backupexec/name_service.rb.
2015-02-24 05:19:55 -06:00
William Vu f2c96b4fdd Fix duplicate hash key "DefaultOptions"
In modules/exploits/windows/browser/ntr_activex_stopmodule.rb.
2015-02-24 05:19:54 -06:00
William Vu b671c9b496 Fix duplicate hash key "DefaultOptions"
In modules/exploits/windows/browser/oracle_autovue_setmarkupmode.rb.
2015-02-24 05:19:53 -06:00
William Vu 2e90f266fa Fix duplicate hash key "massage_array"
In modules/exploits/windows/browser/ms13_090_cardspacesigninhelper.rb.
2015-02-24 05:19:52 -06:00
William Vu e618c2f112 Fix duplicate hash key "DefaultOptions"
In modules/exploits/windows/browser/cisco_playerpt_setsource_surl.rb.
2015-02-24 05:19:51 -06:00
William Vu 2ffa368c18 Fix duplicate hash key "DefaultOptions"
In modules/exploits/windows/browser/ntr_activex_check_bof.rb.
2015-02-24 05:19:50 -06:00
William Vu a8f0af4409 Fix duplicate hash key "DefaultOptions"
In modules/exploits/windows/browser/cisco_playerpt_setsource.rb.
2015-02-24 05:19:49 -06:00
William Vu ff73b4d51a Fix duplicate hash key "DefaultOptions"
In modules/exploits/windows/local/pxeexploit.rb.
2015-02-24 05:19:48 -06:00
William Vu 53e45498ca Fix duplicate hash key "DefaultOptions"
In modules/exploits/windows/http/hp_pcm_snac_update_certificates.rb.
2015-02-24 05:19:47 -06:00
William Vu 943ff2da75 Fix duplicate hash key "DefaultOptions"
In modules/exploits/windows/http/hp_pcm_snac_update_domain.rb.
2015-02-24 05:19:46 -06:00
William Vu 6aa3952c91 Fix duplicate hash key "Platform"
In modules/exploits/windows/scada/winlog_runtime_2.rb.
2015-02-24 05:19:45 -06:00
William Vu 933c4a05b4
Land #4814, ms04_011_pct improved error messages 2015-02-22 23:51:14 -06:00
William Vu 2609a2acee
Land #4815, MS15-001 reference update 2015-02-21 21:05:03 -06:00
Christian Mehlmauer 7d42dcee9c
Land #4769, Wordpress holding-pattern theme file upload 2015-02-21 23:13:06 +01:00
Christian Mehlmauer 9223c23eb4
Land #4808, Wordpress plugin upload module 2015-02-21 23:01:15 +01:00
sinn3r aa8a82f44f Update MS15-001 reference 2015-02-21 08:39:21 -06:00
rastating 708340ec5a Tidy up various bits of code 2015-02-21 12:53:33 +00:00
jvazquez-r7 ef62e1fc04
Land #4798, @wchen-r7's deletion of x64 support on ms13_022_silverlight_script_object
* Ungenuine support, well deleted
2015-02-21 01:11:09 -06:00
jvazquez-r7 ef990223d5 Move arch out of target 2015-02-21 01:10:35 -06:00
sinn3r 441c301fd3 Fix #4458, more informative errors for ms04_011
Fix #4458
2015-02-21 00:32:20 -06:00
rastating 76a64b31d7 Resolve msftidy issues 2015-02-21 01:41:29 +00:00
rastating 7d30b214ee Add WordPress admin shell upload module 2015-02-21 01:31:33 +00:00
sinn3r 40972220e3
Land #4804, HP Client Automation Command Injection 2015-02-20 16:56:03 -06:00
Brent Cook b624278f9d Merge branch 'master' into land-4706-smb_reflector 2015-02-20 10:26:04 -06:00
jvazquez-r7 1633a6d4fd Read response back while staging 2015-02-20 01:06:47 -06:00
jvazquez-r7 b0c6671721 Add module for ZDI-15-038, HPCA command injection 2015-02-20 00:41:17 -06:00
sinn3r 49f4b68671
Land #4790, injecting code into eval-based Javascript unpackers 2015-02-19 12:33:52 -06:00
sinn3r 036a6089eb Drop ungenuine x64 support in ms13_022_silverlight_script_object
The MS13-022 exploit does not actually run as x64. IE by default
still runs x86 so BES will always automatically select that target.

If IE forces x64 (which can be done manually), the BES detection
code will see it as ARCH_X86_64, and the payload generator will
still end up generating a x86 payload anyway.

If the user actually chooses a x64 payload, such as
windows/x64/meterpreter/reverse_tcp, the exploit is going to crash
because you can't run x64 shellcode on an x86 architecture.
2015-02-19 10:39:43 -06:00
joev 483a145d19 Fix msftidy issues. 2015-02-18 14:08:03 -06:00
Jay Smith e40772efe2
Fixed open device issue for non-priv users
Fixed the open_device call to work for users without Administrator
privileges
2015-02-18 12:44:58 -05:00
joev f8609ab0ba Add file format exploit for injecting code into unpackers. 2015-02-18 11:26:45 -06:00
sinn3r 6acbe64dbd The MSB reference in the title is wrong
It should be MS13-022.

MS12-022 is MSFT Expression Design.
2015-02-17 14:56:14 -06:00
William Vu be5a0ee9c2
Land #4777, @todb-r7's release fixes 2015-02-17 13:45:00 -06:00
sinn3r b90639fd66
Land #4726, X360 Software actvx buffer overflow 2015-02-17 11:41:23 -06:00
Brent Cook e08206d192
Land #4768, jvazquez-r7 reorganizes the SMB mixins 2015-02-17 10:36:19 -06:00
Tod Beardsley 6370c99755
Avoid version numbers in titles 2015-02-17 10:28:56 -06:00
Tod Beardsley 62a679ebb8
Avoid version numbers in titles
Usually, the versions are more of a range, and nearly always, the module
author never truly knows where the ranges are bounded. It's okay to
clarify in the description.
2015-02-17 10:26:40 -06:00
sinn3r 0597d2defb
Land #4560, Massive Java RMI update 2015-02-17 10:07:07 -06:00
rastating 40c92f5fe3 Add URL reference 2015-02-14 13:09:37 +00:00
rastating 4dce589bbe Add WordPress Holding Pattern file upload module 2015-02-14 12:54:03 +00:00
jvazquez-r7 0372b08d83 Fix mixin usage on modules 2015-02-13 17:17:59 -06:00
sinn3r b197b98ab9
Land #4759, fix ms09_067_excel_featheader 2015-02-13 13:25:15 -06:00
jvazquez-r7 3ae3d56caa
Land #4745, fixes #4711, BrowserAutoPwn failing due to getpeername 2015-02-12 16:51:09 -06:00
jvazquez-r7 92422c7b9a Save the output file on local_directory 2015-02-12 16:16:21 -06:00
Christian Mehlmauer 55f57e0b9b
Land #4746, WordPress photo-gallery exploit 2015-02-12 22:24:12 +01:00
Christian Mehlmauer bce7211f86
added url and randomize upload directory 2015-02-12 22:16:37 +01:00