414349972f
Fix comment
2015-02-06 11:34:20 -06:00
f6933ed02c
Add module for EDB-35948
2015-02-06 11:05:29 -06:00
b5e230f838
Add javascript exploit
2015-02-06 11:04:59 -06:00
036cb77dd0
Land #4709 , fixed up some datastore mangling
2015-02-05 21:22:38 -06:00
fb3422c221
Merge pull request #10 from todb-r7/land-4709-datastore
...
Fix datastore mangling with instance variables
2015-02-05 21:09:54 -06:00
7e649a919c
This version will actually work.
2015-02-05 21:00:54 -06:00
3e0ce4a955
Fix datastore mangling with instance variables
...
See rapid7/metasploit-framework #4709
2015-02-05 20:37:18 -06:00
4e0a62cb3a
Land #4664 , MS14-070 Server 2003 tcpip.sys priv esc
2015-02-05 18:49:15 -05:00
a359fe9acc
Minor fixup on the ms14-070 module description
2015-02-05 18:41:58 -05:00
f8c81e601c
Land #4710 for real.
...
This isn't a proper merge commit. Will need to figure out what I did to
wang up the last landing -- I'm guessing I didn't fetch enough first.
This should fix #4710 .
2015-02-05 17:18:51 -06:00
0a587c9f5a
Land #4710 , really
...
Looks like my publish script ended up rebasing wchen-r7/aux_ie_uxss and
didn't catch the file rename correctly.
Conflicts:
modules/auxiliary/gather/ie_uxss_injection.rb
2015-02-05 17:13:53 -06:00
be20714019
Land #4710 , @wchen-r7's IE 10/11 UXSS module
2015-02-05 17:09:12 -06:00
79e0ddadf6
Rename file again
2015-02-05 17:09:11 -06:00
97aa9f9dd2
Credit @joevennix
2015-02-05 17:09:11 -06:00
7585c625fa
Another update
...
Thanks @joevennix
2015-02-05 17:09:11 -06:00
12aadb3132
Another update
2015-02-05 17:09:10 -06:00
17f2d8048d
Another update
2015-02-05 17:09:10 -06:00
01252078ea
Use store_loot to store coookie
2015-02-05 17:09:10 -06:00
6fd38307e7
An update
2015-02-05 17:09:10 -06:00
727fc51c0b
Don't need this line
2015-02-05 17:09:10 -06:00
4924749b96
Try to make the filename more self explanatory
2015-02-05 17:09:09 -06:00
26af10c3b6
Change public ip option name and store cookie to db
2015-02-05 17:09:09 -06:00
bfa7b61663
Final
2015-02-05 17:09:09 -06:00
b90515ae5d
IE UXSS
2015-02-05 17:09:09 -06:00
4fabe85099
Merge pull request #1 from zeroSteiner/land-4664
...
MS14-070 Changes
2015-02-05 17:30:23 -05:00
d16cc843b2
Correct disclosure date
2015-02-05 15:00:13 -06:00
0955e14dad
Final, really, I think
2015-02-05 14:59:24 -06:00
37ef46264a
Pulling in latest MDM and credential versions
...
* Fully removing service uniqueness validation for now, more work to be
done on that to avoid regressions.
2015-02-05 14:05:24 -06:00
3b28b23e2e
Land #4712 , @todb-r7's release fixes
2015-02-05 13:18:09 -06:00
dc13446536
Forgot to comment ret instruction
2015-02-05 14:09:01 -05:00
578423501a
Another update
2015-02-05 13:08:33 -06:00
5a39ba32f6
Make the ret instruction for token stealing optional
2015-02-05 14:00:38 -05:00
dabc163076
Modify the shellcode stub to save the process
2015-02-05 13:54:52 -05:00
c633c710bc
Mostly caps/grammar/spelling, GoodRanking on MBAM
2015-02-05 12:36:47 -06:00
562063c4d5
Rename file again
2015-02-05 12:26:17 -06:00
80ebde4fe1
Credit @joevennix
2015-02-05 12:25:38 -06:00
27b8d1057f
Another update
...
Thanks @joevennix
2015-02-05 12:23:32 -06:00
988b54f594
Another update
2015-02-05 12:01:19 -06:00
53134aeb17
Another update
2015-02-05 11:46:38 -06:00
871c8aa8d0
Use store_loot to store coookie
2015-02-05 11:36:35 -06:00
dbe99014f2
An update
2015-02-05 11:29:52 -06:00
08d796c5e3
Don't need this line
2015-02-05 10:53:29 -06:00
d6fe077f79
Try to make the filename more self explanatory
2015-02-05 09:53:38 -06:00
ed6ee27896
Change public ip option name and store cookie to db
2015-02-05 09:48:45 -06:00
75c697c4dc
Final
2015-02-05 04:36:44 -06:00
1ccfb6cb43
IE UXSS
2015-02-05 03:03:28 -06:00
b43522a2b8
Fix scadapro_cmdexe datastore
2015-02-05 02:54:03 -06:00
a12d1244b9
Fix zenworks_helplauncher_exec datastore
2015-02-05 02:53:47 -06:00
148ffaf55f
Fix real_arcade_installerdlg datastore
2015-02-05 02:53:38 -06:00
a7156cf4a8
Fix zabbix_script_exec datastore
2015-02-05 02:53:22 -06:00
jvazquez-r7
Tod Beardsley
wvu-r7
Spencer McIntyre
sinn3r
KoreLogicSecurity
Samuel Huckins