infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
41,012 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

373 Commits (3fdd3d36516549eb498662c64ca31d38a46ee239)

Author SHA1 Message Date
wchen-r7 72caeaa72f Fix redirect url 2016-07-24 15:49:03 -05:00
RageLtMan 14c9569afa 2013-1710 - Use header VHOST info for redirection 
When this exploit is hit by hostname, the HTTP request contains
a Host header field which does not match the IP-based redirection.
Update the module to check request headers for host information,
and fallback to the prior behavior if none exists.

Tested in conjunction with #6611 DNS spoofer - works great, see
issue #7098 for details.
 2016-07-17 04:50:54 -04:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references" 
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
 2016-07-15 12:00:31 -05:00
wchen-r7 4a95e675ae Rm empty references 2016-04-24 11:46:08 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references. 
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
 2016-04-23 12:32:34 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names" 
This reverts commit 666ae14259.
 2016-03-07 13:19:55 -06:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Jon Hart 27a6aa0be1
Fix current msftidy warnings about PACKETSTORM vs URL 2015-12-24 09:05:02 -08:00
Brent Cook 7444f24721 update whitespace / syntax for java_calendar_deserialize 2015-12-23 15:42:27 -06:00
wchen-r7 11c1eb6c78 Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails 
Most exploits don't check nil for generate_payload_exe, they just
assume they will always have a payload. If the method returns nil,
it ends up making debugging more difficult. Instead of checking nil
one by one, we just raise.
 2015-12-08 21:13:23 -06:00
wchen-r7 154fb585f4 Remove bad references (dead links) 
These links are no longer available. They are dead links.
 2015-10-27 12:41:32 -05:00
joev 98e2d074c3 Add disclosure date. 2015-08-15 20:09:41 -05:00
joev a133e98ba5 Adds a ff 35-36 RCE vector based off the recent ff bug. 2015-08-15 20:02:00 -05:00
Tod Beardsley 2052b4ef56
Fixed the HT leak attribution a little 2015-07-20 16:36:47 -05:00
Tod Beardsley f7c11d0852
More cleanups 
Edited modules/exploits/multi/browser/adobe_flash_hacking_team_uaf.rb
first landed in #5678, adobe_flash_hacking_team_uaf.rb

Edited
modules/exploits/multi/browser/adobe_flash_opaque_background_uaf.rb
first landed in #5698, Adobe Flash CVE-2015-5122 opaqueBackground

Edited modules/exploits/multi/http/sysaid_auth_file_upload.rb first
landed in #5471, @pedrib's module for SysAid CVE-2015-2994

Edited modules/exploits/multi/http/sysaid_rdslogs_file_upload.rb first
landed in #5473 Correct spelling of sysaid module
 2015-07-20 16:29:49 -05:00
wchen-r7 7113c801b1
Land #5732, reliability update for adobe_flash_hacking_team_uaf 2015-07-17 16:43:39 -05:00
wchen-r7 f77f7d6916 Bump rank 2015-07-17 16:23:27 -05:00
wchen-r7 0bd1dc017e Update coverage information 2015-07-17 16:23:00 -05:00
jvazquez-r7 255d8ed096
Improve adobe_flash_opaque_background_uaf 2015-07-16 14:56:32 -05:00
jvazquez-r7 b504f0be8e
Update adobe_flash_hacking_team_uaf 2015-07-15 18:18:04 -05:00
wchen-r7 f7ce6dcc9f We agreed to Normal 2015-07-11 02:07:18 -05:00
wchen-r7 0ff7333090 Lower the ranking for CVE-2015-5122 
As an initial release we forgot to lower it.
 2015-07-11 02:05:56 -05:00
wchen-r7 1289ec8863 authors 2015-07-11 01:38:21 -05:00
wchen-r7 6eabe5d48c Update description 2015-07-11 01:36:26 -05:00
wchen-r7 54fc712131 Update Win 8.1 checks 2015-07-11 01:33:23 -05:00
jvazquez-r7 6f0b9896e1
Update description 2015-07-11 00:56:18 -05:00
jvazquez-r7 115549ca75
Delete old check 2015-07-11 00:42:59 -05:00
jvazquez-r7 63005a3b92
Add module for flash CVE-2015-5122 
* Just a fast port for the exploit leaked
* Just tested on win7sp1 / IE11
 2015-07-11 00:28:55 -05:00
wchen-r7 a3ec56c4cb Do it in on_request_exploit because it's too specific 2015-07-08 12:32:38 -05:00
wchen-r7 cefbdbb8d3 Avoid unreliable targets 
If we can't garantee GreatRanking on specific targets, avoid them.
 2015-07-08 12:12:53 -05:00
wchen-r7 6a33807d80 No Chrome for now 2015-07-07 15:56:58 -05:00
jvazquez-r7 f8b668e894
Update ranking and References 2015-07-07 15:43:02 -05:00
Tod Beardsley 116c3f0be1
Add CVE as a real ref, too 2015-07-07 14:46:44 -05:00
Tod Beardsley 3d630de353
Replace with a real CVE number 2015-07-07 14:44:12 -05:00
jvazquez-r7 829b08b2bf
Complete authors list 2015-07-07 12:49:54 -05:00
wchen-r7 49effdf3d1 Update description 2015-07-07 12:46:02 -05:00
wchen-r7 d885420aff This changes the version requirement for adobe_flash_hacking_team_uaf.rb 
Because it works for Win 8.1 + IE11 too
 2015-07-07 12:42:56 -05:00
wchen-r7 d30688b116 Add more requirement info 2015-07-07 12:33:47 -05:00
jvazquez-r7 d9aacf2d41
Add module for hacking team flash exploit 2015-07-07 11:19:48 -05:00
William Vu 8892cbdd10 Fix some minor things 2015-07-02 14:32:16 -05:00
Tod Beardsley 95f19e6f1f
Minor description edits for clarity 
Edited modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
first landed in #5642, Adobe Flash CVE-2015-3113 Nellymoser Audio
Decoding BOF

Edited modules/post/windows/gather/credentials/enum_laps.rb first landed
in #5590, @Meatballs1 adds MS LAPS Enum post mod

Edited modules/post/windows/gather/enum_ad_bitlocker.rb first landed in
Keys from AD
 2015-07-02 13:51:37 -05:00
jvazquez-r7 3b9ba189f7
Add CVE-2015-3043 information 2015-07-01 19:56:35 -05:00
wchen-r7 93c74efb97 Add Ubuntu as a tested target 2015-07-01 18:43:22 -05:00
jvazquez-r7 ee118aa89d
Fix description 2015-07-01 13:30:22 -05:00
jvazquez-r7 1de94a6865
Add module for CVE-2015-3113 2015-07-01 13:13:57 -05:00
Tod Beardsley 31eedbcfa0
Minor cleanups on recent modules 
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577, MS15-034 HTTP.SYS Information Disclosure

Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605, CVE-2015-3105 flash exploit

Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559, Adobe Flash Player ShaderJob Buffer Overflow

Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
 2015-06-26 12:18:33 -05:00
jvazquez-r7 ee0377ca16
Add module for CVE-2015-3105 2015-06-25 13:35:01 -05:00
wchen-r7 15985e8b4f
Land #5559, Adobe Flash Player ShaderJob Buffer Overflow 2015-06-19 10:38:05 -05:00
Tod Beardsley afcb016814
Minor description fixups. 
Edited modules/exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
first landed in #5524, adobe_flash_pixel_bender_bof in flash renderer .
Removed ASCII bullets since those rarely render correctly.

Edited modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb
first landed in #5252, @espreto's module for WordPress Front-end Editor
File Upload Vuln . Fixed up some language usage, camel-cased "WordPress."
 2015-06-18 13:25:39 -05:00