Commit Graph

4799 Commits (4cdbabdde77c6058bc565e6d2d4f5066e8947440)

Author SHA1 Message Date
Meatballs 6f31183904
Fix VSS Persistance to check integrity level 2015-08-01 23:13:05 +01:00
Meatballs a6a8117e46 Revert "Land #5777, fix #4558 vss_persistence"
This reverts commit ba4b2fbbea, reversing
changes made to affc86bfd9.
2015-08-01 22:35:24 +01:00
wchen-r7 ba4b2fbbea
Land #5777, fix #4558 vss_persistence 2015-07-31 16:46:01 -05:00
jvazquez-r7 1ec960d8f9
Make the time to write flush configurable 2015-07-31 16:43:43 -05:00
wchen-r7 672d83eaae
Land #5789, Heroes of Might and Magic III .h3m Map File Buffer Overflow 2015-07-31 15:43:43 -05:00
aakerblom 7c5e5f0f22 add crc32 forging for Heroes III demo target 2015-08-01 04:53:49 -07:00
aakerblom 7af83a112d fix unreliable address 2015-08-01 04:52:50 -07:00
aakerblom 908d6f946f added target Heroes III Demo 1.0.0.0 2015-07-31 18:19:37 -07:00
aakerblom 16042cd45b fix variable names in comment 2015-07-31 18:16:15 -07:00
aakerblom 66c92aae5d fix documentation 2015-07-31 17:12:50 -07:00
aakerblom 6fdd2f91ce rescue only Errno::ENOENT 2015-07-31 13:54:29 -07:00
aakerblom 6671df6672 add documentation 2015-07-31 13:53:56 -07:00
aakerblom 013201bd99 remove unneeded require 2015-07-31 13:49:27 -07:00
aakerblom 12a6bdb67b Add Heroes of Might and Magic III .h3m map file Buffer Overflow module 2015-07-31 02:06:47 -07:00
aakerblom d4c8d5884c Fix a small typo 2015-07-31 11:47:46 -07:00
jvazquez-r7 bf6975c01a
Fix #4558 by restoring the old wmicexec 2015-07-27 14:04:10 -05:00
HD Moore a7b5890dc5 Fix URIPATH=/ and stack trace on missing ntdll version match 2015-07-25 15:39:20 -07:00
wchen-r7 29defc979b Fix #5740, remove variable ROP for adobe_flashplayer_flash10o 2015-07-17 16:57:37 -05:00
William Vu ea4a7d98b9
Land #5728, Arch specification for psexec 2015-07-15 15:36:27 +00:00
Brent Cook a7d866bc83 specify the 'Arch' values that psexec supports 2015-07-14 15:45:52 -06:00
wchen-r7 e638d85f30
Merge branch 'upstream-master' into bapv2 2015-07-12 02:01:09 -05:00
wchen-r7 c37b60de7b Do some print_status with ms14_064 2015-07-07 00:57:37 -05:00
wchen-r7 8051a99f4a
Merge branch 'upstream-master' into bapv2 2015-07-01 18:45:42 -05:00
William Vu 3632cc44c5 Fix nil error when target not found 2015-06-30 11:48:41 -05:00
wchen-r7 9bd920b169
Merge branch 'upstream-master' into bapv2 2015-06-27 12:19:55 -05:00
jvazquez-r7 7ccc86d338
Use cmd_exec 2015-06-26 11:54:19 -05:00
Spencer McIntyre 2206a6af73 Support older targets x86 for MS15-051 2015-06-25 09:33:15 +10:00
William Vu a149fb5710
Land #5554, @g0tmi1k's persistence improvements
age aborts
age aborts
2015-06-24 14:37:25 -05:00
William Vu e7e8135acd Clean up module 2015-06-24 14:35:10 -05:00
wchen-r7 dedfca163d Change check() 2015-06-22 15:05:12 -05:00
OJ 3686accadd
Merge branch 'upstream/master' into cve-2015-1701 2015-06-22 07:52:17 +10:00
Spencer McIntyre efece12b40 Minor clean ups for ruby strings and check method 2015-06-21 16:07:44 -04:00
jvazquez-r7 74bc9f7a91
Land #5529, @omarix's Windows 2003 SP1 & SP2 French targets for MS08-067 2015-06-19 16:57:07 -05:00
jvazquez-r7 61ad4ada7d
Delete commas 2015-06-19 16:03:16 -05:00
wchen-r7 9da99a8265
Merge branch 'upstream-master' into bapv2 2015-06-19 11:36:27 -05:00
jvazquez-r7 6ec8488929
Land #5560, @wchen-r7 Changes ExcellentRanking to GoodRanking for MS14-064 2015-06-19 11:15:41 -05:00
jvazquez-r7 1c357e6b3c
Land #5478, @wchen-r7 Updates ca_arcserve_rpc_authbypass to use the new cred API 2015-06-19 10:21:14 -05:00
jvazquez-r7 0f17f622c3
Report last_attempted_at 2015-06-19 10:20:47 -05:00
jvazquez-r7 357a3929a3
Trying to report more accurate status 2015-06-19 09:51:36 -05:00
wchen-r7 7e91121afc Change to Metasploit::Model::Login::Status::SUCCESSFUL 2015-06-18 23:44:45 -05:00
g0tmi1k 0b55a889d3 persistence - better ruby/msf fu 2015-06-18 21:10:16 +01:00
wchen-r7 13a3f2781d Change ExcellentRanking to GoodRanking for MS14-064
The ms14_064_ole_code_execution exploit's ranking is being lowered
to GoodRanking because of these two reasons:

1. The vulnerable component isn't in Internet Explorer. And BES can't
   check it so the exploit still fires even if the target is patched.
2. Although rare, we've seen the exploit crashing IE, and since this
   is a memory curruption type of bug, it should not be in Excellent
   ranking anyway.
2015-06-18 13:07:44 -05:00
g0tmi1k a3debe1621 persistence - more options, more verbose
...and less bugs!

+ Able to define the EXE payload filename
+ Able to setup a handler job
+ Able to execute persistence payload after installing
+ Performs various checks (should be more stable now)
+ Will display various warnings if your doing something 'different'
+ Added various verbose messages during the process
2015-06-17 13:57:06 +01:00
William Vu 8d640a0c8f
Land #5527, multi/handler -> exploit/multi/handler 2015-06-15 10:23:26 -05:00
wchen-r7 17b8ddc68a
Land #5524, adobe_flash_pixel_bender_bof in flash renderer 2015-06-15 02:42:16 -05:00
0xFFFFFF c7cda25582 Empty lines removed at line 624 and line 721.
Empty lines removed at line 624 and line 721.
2015-06-13 14:54:10 +01:00
0xFFFFFF 7f0e334d78 Added Windows 2003 SP1 & SP2 French targets
msf exploit(ms08_067_netap) > show targets 

Exploit targets:

   Id  Name
   --  ----
   0   Automatic Targeting
   1   Windows 2000 Universal
   2   Windows XP SP0/SP1 Universal
   3   Windows 2003 SP0 Universal
   4   Windows XP SP2 English (AlwaysOn NX)
   [...]
   62  Windows 2003 SP1 French (NX)
   63  Windows 2003 SP2 English (NO NX)
   [...]
   71  Windows 2003 SP2 French (NO NX)
   72  Windows 2003 SP2 French (NX)
2015-06-13 13:30:02 +01:00
g0tmi1k a53ca53a6a Fix inconstancy - multi/handler 2015-06-12 21:23:51 +01:00
jvazquez-r7 8ed13b1d1b
Add linux support for CVE-2014-0515 2015-06-11 16:18:50 -05:00
wchen-r7 ae21b0c260
Land #5523, adobe_flash_domain_memory_uaf in the flash renderer 2015-06-10 16:59:19 -05:00