infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,566 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

2502 Commits (3f2fe8d5b4a9f99055f451f476d2f7986f176eef)

Author SHA1 Message Date
Rob Fuller 3f2fe8d5b4 port bypassuac from post module to local exploit 2012-10-04 14:31:23 -04:00
sinn3r fbc3709774 Change the title and regex a bit 2012-10-03 12:16:25 -05:00
jvazquez-r7 30846f4190 fix typo in comment 2012-10-03 16:06:00 +02:00
jvazquez-r7 24037ac79a Added module for CVE-2011-4051 2012-10-03 16:03:36 +02:00
sinn3r e36507fc05 Code cleanup and make msftidy happy 2012-10-02 12:00:23 -05:00
Spencer McIntyre 21e832ac1c add call to memory protect to fix DEP environments 2012-10-01 18:49:18 -04:00
Spencer McIntyre c93692b06d add a check to verify session is not already system for MS11-080 2012-09-27 08:36:13 -04:00
Spencer McIntyre 8648953747 added MS11-080 AFD JoinLeaf Windows Local Exploit 2012-09-26 11:01:30 -04:00
sinn3r 2db2c780d6 Additional changes 
Updated get_target function, comment for original author, possible
bug in handling page redirection.
 2012-09-24 17:38:19 -05:00
jvazquez-r7 2784a5ea2d added js obfuscation for heap spray 2012-09-24 21:28:34 +02:00
sinn3r 57b3aae9c0 Only JRE ROP is used 2012-09-24 10:21:02 -05:00
jvazquez-r7 d476ab75cc fix comment 2012-09-24 10:03:31 +02:00
jvazquez-r7 f3a64432e9 Added module for ZDI-12-170 2012-09-24 10:00:38 +02:00
sinn3r d3611c3f99 Correct the tab 2012-09-21 12:29:24 -05:00
sinn3r 25f4e3ee1f Update patch information for MS12-063 2012-09-21 12:28:41 -05:00
sinn3r 54b98b4175 Merge branch 'ntr_activex_check_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_check_bof 2012-09-20 16:43:20 -05:00
sinn3r 4ead0643a0 Correct target parameters 2012-09-20 16:41:54 -05:00
sinn3r 41449d8379 Merge branch 'ntr_activex_stopmodule' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_stopmodule 2012-09-20 16:33:12 -05:00
Tod Beardsley a5ffe7297f Touching up Kernelsmith's wording. 
It is merely the ROP chain, not the vuln, that requires Java.
 2012-09-20 14:52:52 -05:00
Tod Beardsley 883dc26d73 Merge remote branch 'kernelsmith/ie_execcommand_uaf_info' 2012-09-20 14:48:36 -05:00
jvazquez-r7 e98e3a1a28 added module for cve-2012-0266 2012-09-20 19:03:46 +02:00
jvazquez-r7 b61c8b85b8 Added module for CVE-2012-02672 2012-09-20 19:02:20 +02:00
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
kernelsmith f1a39c76ed update to ie_execcommand_uaf's info to add ROP info 
This module requires the following dependencies on the target for the
ROP chain to function.  For WinXP SP3 with IE8, msvcrt must be present
(which it is on default installs).  For Vista/Win7 with IE8 or Win7
with IE9, ire 1.6.x or below must be installed.
 2012-09-19 14:10:02 -05:00
Ramon de C Valle 11f82de098 Update author information 2012-09-19 14:00:51 -03:00
sinn3r cc8102434a CVE assigned for the IE '0day' 2012-09-18 16:13:27 -05:00
Tod Beardsley 25475ffc93 Msftidy fixes. 
Whitespace on ie_execcommand_uaf, and skipping a known-weird caps check
on a particular software name.
 2012-09-18 11:25:00 -05:00
sinn3r 5fbc4b836a Add Microsoft advisory 2012-09-17 22:13:57 -05:00
Tod Beardsley 75bbd1c48d Being slightly more clear on Browser Not Supported 
With this and the rest of sinn3r's fixes, it looks like we can close the
Redmine bug.

[FixRM #7242]
 2012-09-17 11:16:19 -05:00
sinn3r d77ab9d8bd Fix URIPATH and nil target 
Allow random and '/' as URIPATh, also refuse serving the exploit
when the browser is unknown.
 2012-09-17 10:54:12 -05:00
Tod Beardsley 48a46f3b94 Pack / Unpack should be V not L 
Packing or unpacking to/from L, I, or S as pack types will cause
problems on big-endian builds of Metasloit, and are best avoided.
 2012-09-17 09:52:43 -05:00
Tod Beardsley d77efd587a Merge remote branch 'wchen-r7/ie_0day_execcommand' 2012-09-17 08:48:22 -05:00
sinn3r 5eaefcf4c7 This is the right one, I promise 2012-09-17 08:41:25 -05:00
sinn3r 8f50a167bd This is the right module 2012-09-17 08:36:04 -05:00
sinn3r e43cae70a7 Add IE 0day exploiting the execcommand uaf 2012-09-17 08:28:33 -05:00
jvazquez-r7 9a83c7c338 changes according to egypt review 2012-09-14 18:47:50 +02:00
jvazquez-r7 eae571592c Added rgod email 2012-09-14 17:45:16 +02:00
jvazquez-r7 a2649dc8d1 fix typo 2012-09-14 17:10:41 +02:00
jvazquez-r7 e27d5e2eb7 Description improved 2012-09-14 17:08:59 +02:00
jvazquez-r7 9c77c15cf5 Added module for osvdb 85087 2012-09-14 16:54:28 +02:00
Tod Beardsley 39f2cbfc3c Older targets confirmed for CoolType SING 2012-09-12 16:51:51 -05:00
jvazquez-r7 61bf15114a deregistering FILENAME option 2012-09-10 23:14:14 +02:00
jvazquez-r7 199fbaf33d use a static filename 2012-09-10 23:08:21 +02:00
jvazquez-r7 cb975ce0a2 cleanup plus documentation for the maki template 2012-09-10 22:48:04 +02:00
jvazquez-r7 607c0f023a added edb references 2012-09-10 17:30:31 +02:00
jvazquez-r7 b813e4e650 Added module for CVE-2009-1831 2012-09-10 16:46:16 +02:00
jvazquez-r7 caae54a7ca added osvdb reference 2012-09-07 16:56:37 +02:00
jvazquez-r7 c572c20831 Description updated to explain conditions 2012-09-07 11:18:54 +02:00
sinn3r 86036737ca Apparently this app has two different names 
People may either call the app "ActiveFax", or "ActFax". Include
both names in there to allow the module to be more searchable.
 2012-09-06 18:38:03 -05:00
jvazquez-r7 4985cb0982 Added module for ActFac SYSTEM Local bof 2012-09-07 00:45:08 +02:00