jvazquez-r7
51bb4b5a9b
Add module for CVE-2015-0359
2015-05-07 17:00:00 -05:00
jvazquez-r7
582919acac
Add module for CVE-2015-0336
2015-05-05 17:25:19 -05:00
jvazquez-r7
dbba466b5b
Add module for CVE-2014-8440
2015-04-29 17:52:04 -05:00
benpturner
76e68fcf4c
session info
2015-04-26 20:13:18 +01:00
benpturner
aa4dc78cba
updates to author comments in powershell script
2015-04-25 08:47:17 +01:00
benpturner
19aa668f99
updates to include reverse and bind
2015-04-22 20:41:19 +01:00
Meatballs
b0d50dc2be
Create our own Rex connection to the endpoint
...
Ensure powershell process closes when module completes
Add a windows cmd interact payload
2015-04-19 23:41:28 +01:00
Meatballs
8bd0da580d
Move script out of module
2015-04-19 21:12:44 +01:00
jvazquez-r7
28fac60c81
Add module for CVE-2015-0556
2015-04-15 14:08:16 -05:00
joev
3313dac30f
Land #5119 , @wvu's addition of the OSX rootpipe privesc exploit.
...
orts
borts
2015-04-10 12:38:25 -05:00
William Vu
c4b7b32745
Add Rootpipe exploit
2015-04-10 11:22:00 -05:00
jvazquez-r7
91f5d0af5a
Add module for CVE-2014-0569
...
* Adobe flash, Integer overflow on casi32
2015-04-09 19:37:26 -05:00
jvazquez-r7
11c6f3fdca
Do reliable resolution of kernel32
2015-03-29 15:52:13 -05:00
jvazquez-r7
f84a46df63
Add module for CVE-2015-0313
2015-03-27 18:51:13 -05:00
Spencer McIntyre
076f15f933
Land #4792 @jakxx Publish It PUI file exploit
2015-03-18 20:59:54 -04:00
jakxx
085e6cc815
Implemented Recommended Changes
...
-corrected spelling error
-set only option to required
-dumped header data to included file
-Used Rex for jmp values
2015-03-17 16:39:56 -04:00
jvazquez-r7
bb81107e51
Land #4927 , @wchen-r7's exploit for Flash PCRE CVE-2015-0318
2015-03-13 23:58:05 -05:00
sinn3r
0ee0a0da1c
This seems to work
2015-03-13 04:43:06 -05:00
sinn3r
0c3329f69e
Back on track
2015-03-12 15:26:55 -05:00
sinn3r
215c209f88
Land #4901 , CVE-2014-0311, Flash ByteArray Uncompress UAF
2015-03-11 14:04:17 -05:00
sinn3r
43b90610b1
Temp
2015-03-11 13:53:34 -05:00
sinn3r
2a9d6e64e2
Starting point for CVE-2015-0318
2015-03-11 09:58:41 -05:00
jvazquez-r7
cb72b26874
Add module for CVE-2014-0311
2015-03-09 16:52:23 -05:00
joev
d7295959ca
Remove open-uri usage in msf.
2015-03-05 23:45:28 -06:00
sinn3r
b90639fd66
Land #4726 , X360 Software actvx buffer overflow
2015-02-17 11:41:23 -06:00
jvazquez-r7
1f4fdb5d18
Update from master
2015-02-10 10:47:17 -06:00
jvazquez-r7
511f637b31
Call CollectGarbage
2015-02-09 14:44:31 -06:00
Brent Cook
af405eeb7d
Land #4287 , @timwr's exploit form CVS-2014-3153
2015-02-09 10:33:14 -06:00
Brent Cook
0e4f3b0e80
added built data/exploits/CVE-2014-3153.elf
2015-02-09 09:50:31 -06:00
jvazquez-r7
a46a53acaf
Provide more space for the payload
2015-02-06 14:49:49 -06:00
jvazquez-r7
414349972f
Fix comment
2015-02-06 11:34:20 -06:00
jvazquez-r7
b5e230f838
Add javascript exploit
2015-02-06 11:04:59 -06:00
jvazquez-r7
aa7f7d4d81
Add DLL source code
2015-02-01 19:59:10 -06:00
jvazquez-r7
d211488e5d
Add Initial version
2015-02-01 19:47:58 -06:00
jvazquez-r7
f9dccda75d
Delete unused files
2015-01-22 18:00:31 -06:00
sinn3r
74e8e057dd
Use RDL
2015-01-09 19:02:08 -06:00
sinn3r
fce564cde2
Meh, not the debug build. Should be the release build.
2015-01-08 22:06:07 -06:00
sinn3r
14c54cbc22
Update DLL
2015-01-08 21:36:02 -06:00
sinn3r
d3738f0d1a
Add DLL
2015-01-08 17:17:55 -06:00
jvazquez-r7
7a2c9c4c0d
Land #4263 , @jvennix-r7's OSX Mavericks root privilege escalation
...
* Msf module for the Ian Beer exploit
2014-11-30 21:13:07 -06:00
jvazquez-r7
7772da5e3f
Change paths, add makefile and compile
2014-11-30 21:06:11 -06:00
Meatballs
f5f32fac06
Add token fiddling from nishang
2014-11-28 23:02:59 +00:00
Meatballs
48a5123607
Merge remote-tracking branch 'upstream/master' into pr4233_powerdump
2014-11-27 20:08:11 +00:00
Joe Vennix
7a3fb12124
Add an OSX privilege escalation from Google's Project Zero.
2014-11-25 12:34:16 -06:00
Peter Marszalik
830af7f95e
identified instances of tabs vs spaces in the original
...
identified 16 instances in the original code where tab was used vs spaces. updated to keep consistent.
2014-11-25 12:17:43 -06:00
Peter Marszalik
705bd42b41
tab to space change - line 296
2014-11-22 14:48:44 -06:00
Peter Marszalik
900aa9cd6b
powerdump.ps1 bug - corrupt hash fix
...
Fixed the bug where the hashes are not being extracted correctly when LM is disabled and history is enabled.
Rather than relying on length, LM and NT headers are checked. Four bytes at 0xa0 show if LM exists and four bytes at 0xac show if NT exists. Details on this known issue can be found in the following whitepaper from blackhat:
https://media.blackhat.com/bh-us-12/Briefings/Reynolds/BH_US_12_Reynods_Stamp_Out_Hash_WP.pdf
2014-11-18 23:10:57 -06:00
jvazquez-r7
c35dc2e6b3
Add module for CVE-2014-6352
2014-11-12 01:10:49 -06:00
sinn3r
c2391bf011
Add an R in /Info for the trailer dictionary to make it readable
2014-11-05 22:28:37 -06:00
sinn3r
1b2554bc0d
Add a default template for CVE-2010-1240 PDF exploit
2014-11-05 17:08:38 -06:00
jvazquez-r7
f43a6e9be0
Use PDWORD_PTR and DWORD_PTR
2014-10-31 17:35:50 -05:00
jvazquez-r7
8e547e27b3
Use correct types
2014-10-31 12:37:21 -05:00
jvazquez-r7
6574db5dbb
Fix the 64 bits code
2014-10-30 17:01:59 -05:00
jvazquez-r7
03a84a1de3
Search the AccessToken
2014-10-30 12:17:03 -05:00
OJ
908094c3d3
Remove debug, treat warnings as errors
2014-10-28 09:04:02 +10:00
OJ
0a03b2dd48
Final code tidy
2014-10-28 08:59:33 +10:00
jvazquez-r7
042d29b1d6
Compile binaries in house
2014-10-27 12:18:33 -05:00
jvazquez-r7
4406972b46
Do version checking minor cleanup
2014-10-27 09:32:42 -05:00
jvazquez-r7
0aaebc7872
Make GetPtiCurrent USER32 independent
2014-10-26 18:51:02 -05:00
jvazquez-r7
34697a2240
Delete 'callback3' also from 32 bits version
2014-10-26 17:28:35 -05:00
Spencer McIntyre
7416c00416
Initial addition of x64 target for cve-2014-4113
2014-10-26 16:54:42 -04:00
jvazquez-r7
a75186d770
Add module for CVE-2014-4113
2014-10-23 18:51:30 -05:00
jvazquez-r7
bf8dce574a
Add ppsx template
2014-10-16 17:55:22 -05:00
Joe Vennix
7793ed4fea
Add some common UXSS scripts.
2014-09-09 02:31:27 -05:00
sinn3r
ce5d3b12e7
Land #3403 - MS13-097 Registry Symlink IE Sandbox Escape
2014-06-26 13:48:28 -05:00
jvazquez-r7
b8a2cf776b
Do test
2014-06-03 09:52:01 -05:00
jvazquez-r7
05ed2340dc
Use powershell
2014-06-03 09:29:04 -05:00
jvazquez-r7
f918bcc631
Use powershell instead of mshta
2014-06-03 09:01:56 -05:00
jvazquez-r7
1dbd36a3dd
Check for the .NET dfsvc and use %windir%
2014-05-30 09:02:43 -05:00
jvazquez-r7
e145298c13
Add module for CVE-2014-0257
2014-05-29 11:45:19 -05:00
jvazquez-r7
6e122e683a
Add module for CVE-2013-5045
2014-05-29 11:42:54 -05:00
jvazquez-r7
5fd732d24a
Add module for CVE-2014-0515
2014-05-07 17:13:16 -05:00
sinn3r
6bfc9a8aa0
Land #3333 - Adobe Flash Player Integer Underflow Remote Code Execution
2014-05-05 10:39:26 -05:00
OJ
7e37939bf2
Land #3090 - Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
2014-05-04 16:41:17 +10:00
jvazquez-r7
b4c7c5ed1f
Add module for CVE-2014-0497
2014-05-03 20:04:46 -05:00
Meatballs
06c8082187
Use signed binary
2014-05-02 14:45:14 +01:00
jvazquez-r7
60e7e9f515
Add module for CVE-2013-5331
2014-04-27 10:40:46 -05:00
sinn3r
5c0664fb3b
Land #3292 - Mac OS X NFS Mount Privilege Escalation Exploit
2014-04-24 13:43:20 -05:00
Joe Vennix
143aede19c
Add osx nfs_mount module.
2014-04-23 02:32:42 -05:00
jvazquez-r7
acb12a8bef
Beautify and fix both ruby an AS
2014-04-17 23:32:29 -05:00
jvazquez-r7
91d9f9ea7f
Update from master
2014-04-17 15:32:49 -05:00
jvazquez-r7
749e141fc8
Do first clean up
2014-04-17 15:31:56 -05:00
jvazquez-r7
abd76c5000
Add module for CVE-2014-0322
2014-04-15 17:55:24 -05:00
Spencer McIntyre
85197dffe6
MS14-017 Word RTF listoverridecount memory corruption
2014-04-08 14:44:20 -04:00
OJ
409787346e
Bring build tools up to date, change some project settings
...
This commit brings the source into line with the general format/settings
that are used in other exploits.
2014-03-14 22:57:16 +10:00
Tod Beardsley
6309c4a193
Metasploit LLC transferred assets to Rapid7
...
The license texts should reflect this.
2014-03-13 09:47:52 -05:00
kyuzo
2a1e96165c
Adding MS013-058 for Windows7 x86
2014-03-06 18:39:34 +00:00
Meatballs
a87f604c98
Merge remote-tracking branch 'upstream/master' into mediawiki
2014-02-10 21:43:56 +00:00
jvazquez-r7
78e1683f2d
Add binary compiled on vs2013
2014-02-10 13:52:27 -06:00
Spencer McIntyre
01f41a209c
Remove the DLL and add make.msbuild for easier compiling.
2014-02-07 10:05:05 -05:00
Spencer McIntyre
cc32c877a9
Add CVE-2013-3881 win32k Null Page exploit
2014-02-06 17:23:38 -05:00
Meatballs
486a9d5e19
Use msf branded djvu
2014-02-01 00:37:28 +00:00
dukeBarman
766c408d86
Add CVE-2013-0634: Adobe Flash Player 11.5 memory corruption
2014-01-18 11:07:11 -05:00
OJ
0c82817445
Final changes before PR
2013-12-15 01:12:49 +00:00
OJ
db29af0f97
First batch of submodule refactorings
2013-12-15 01:12:48 +00:00
Meatballs
3d1646d18e
Exit process when complete
2013-12-15 01:12:47 +00:00
Meatballs
c6623b380a
Initial commit
2013-12-15 01:12:45 +00:00
OJ
defc0ebe5c
ppr_flatten_rec update, RDI submodule, and refactor
...
This commit contains a few changes for the ppr_flatten_rec local windows
exploit. First, the exploit binary itself:
* Updated to use the RDI submodule.
* Updated to build with VS2013.
* Updated to generate a binary called `ppr_flatten_rc.x86.dll`.
* Invocation of the exploit requires address of the payload to run.
Second, the module in MSF behaved a little strange. I expected it to create
a new session with system privs and leave the existing session alone. This
wasn't the case. It used to create an instance of notepad, migrate the
_existing_ session to it, and run the exploit from there. This behaviour
didn't seem to be consistent with other local exploits. The changes
include:
* Existing session is now left alone, only used as a proxy.
* New notepad instance has exploit reflectively loaded.
* New notepad instance has payload directly injected.
* Exploit invocation takes the payload address as a parameter.
* A wait is added as the exploit is slow to run (nature of the exploit).
* Payloads are executed on successful exploit.
2013-11-27 20:44:18 +10:00
jvazquez-r7
6cb63cdad6
Land #2679 , @wchen-r7's exploit for cve-2013-3906
2013-11-25 22:04:26 -06:00
jvazquez-r7
25eb13cb3c
Small fix to interface
2013-11-22 17:02:08 -06:00
jvazquez-r7
136c18c070
Add binary objects for MS13-022
2013-11-22 16:45:07 -06:00
sinn3r
94e13a0b8a
Initial commit of CVE-2013-3906
2013-11-19 23:10:32 -06:00
OJ
506a4d9e67
Remove genericity, x64 and renamed stuff
...
As per discussion on the github issue, the following changes were made:
* Project renamed from elevate to kitrap0d, implying that this is not
intended to be a generic local priv esc exploit container.
* Container DLL no longer generic, always calls the kitrap0d exploit.
* Removal of all x64 code and project configurations.
* Invocation of the exploit changed so that the address of the payload
is passed in to the exploit entry point. The exploit is now responsible
for executing the payload if the exploit is successful. This removes
the possibility of the payload getting executed when the exploit fails.
* Source moved to the appropriate CVE folder.
* Binary moved to the appropriate CVE folder.
* Little bit of source rejigging to tidy things up.
2013-11-14 12:22:53 +10:00
Tab Assassin
2e8d19edcf
Retab all the things (except external/)
2013-09-30 13:47:53 -05:00
jvazquez-r7
94125a434b
Add module for ZDI-13-205
2013-09-04 15:57:22 -05:00
jvazquez-r7
795ad70eab
Change directory names
2013-08-15 22:52:42 -05:00
jvazquez-r7
cc5804f5f3
Add Port for OSVDB 96277
2013-08-15 18:34:51 -05:00
Tod Beardsley
9f5f191a6b
Add Main.swf from 593363c
2013-07-29 21:53:40 -05:00
jvazquez-r7
c7361043ae
up to date
2013-07-17 11:47:06 -05:00
jvazquez-r7
11f8b351c0
Merge branch 'nvidia' of https://github.com/Meatballs1/metasploit-framework
2013-07-17 11:44:42 -05:00
Meatballs
22601e6cc7
Exit process when complete
2013-07-06 09:27:27 +01:00
Meatballs
66c2b79177
Initial commit
2013-07-05 19:48:27 +01:00
jvazquez-r7
72f19181d1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-01 16:38:19 -05:00
jvazquez-r7
a4d353fcb3
Clean a little more the VS project
2013-06-29 15:15:27 -05:00
jvazquez-r7
6878534d4b
Clean Visual Studio Project
2013-06-29 09:20:40 -05:00
jvazquez-r7
7725937461
Add Module for cve-2013-3660
2013-06-28 18:18:21 -05:00
jvazquez-r7
3c1af8217b
Land #2011 , @matthiaskaiser's exploit for cve-2013-2460
2013-06-26 14:35:22 -05:00
jvazquez-r7
81a2d9d1d5
Merge branch 'module_java_jre17_provider_skeleton' of https://github.com/matthiaskaiser/metasploit-framework
2013-06-26 14:32:59 -05:00
jvazquez-r7
d25e1ba44e
Make fixes proposed by review and clean
2013-06-25 12:58:00 -05:00
jvazquez-r7
1ade467ac9
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 11:10:43 -05:00
jvazquez-r7
b32513b1b8
Fix CVE-2013-2171 with @jlee-r7 feedback
2013-06-25 10:40:55 -05:00
jvazquez-r7
3244013b1f
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-25 09:48:20 -05:00
sinn3r
6780566a54
Add CVE-2013-2171: FreeBSD 9 Address Space Manipulation Module
2013-06-24 11:50:21 -05:00
Matthias Kaiser
8a96b7f9f2
added Java7u21 RCE module
...
Click2Play bypass doesn't seem to work anymore.
2013-06-24 02:04:38 -04:00
jvazquez-r7
9d0047ff74
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-07 16:44:52 -05:00
jvazquez-r7
7090d4609b
Add module for CVE-2013-1488
2013-06-07 13:38:41 -05:00
jvazquez-r7
d5cf6c1fbc
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-05-23 12:37:54 -05:00
sinn3r
81ad280107
Landing #1856 - CVE-2013-0758 Firefox <= 17.0.1 + Flash RCE
...
Chained exploit using CVE-2013-0758 and CVE-2013-0757
2013-05-23 12:21:10 -05:00
Joe Vennix
4d5c4f68cb
Initial commit, works on three OSes, but automatic mode fails.
2013-05-15 23:32:02 -05:00
jvazquez-r7
b6365db0b5
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-04-22 09:38:32 -05:00
jvazquez-r7
19f2e72dbb
Added module for Java 7u17 sandboxy bypass
2013-04-20 01:43:13 -05:00
jvazquez-r7
6cd6a7d6b9
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-03-28 12:16:18 +01:00
jvazquez-r7
c225d8244e
Added module for CVE-2013-1493
2013-03-26 22:30:18 +01:00
jvazquez-r7
74b58185cd
up to date
2013-03-12 16:48:11 +01:00
jvazquez-r7
d7b89a2228
added security level bypass
2013-02-20 17:50:47 +01:00
jvazquez-r7
d88ad80116
Added first version of cve-2013-0431
2013-02-20 16:39:53 +01:00
jvazquez-r7
c8778587f5
rename the xml template for s4u
2013-02-18 15:25:03 +01:00
jvazquez-r7
be0feecf8f
Merge branch 's4u_persistence' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-s4u_persistence
2013-02-18 15:22:37 +01:00
smilingraccoon
3a499b1a6d
added s4u_persistence.rb
2013-02-10 14:22:36 -05:00
SphaZ
24de0d2274
Data files moved. Updated to use Rex::zip and Msf::Exploit::FILEFORMAT
2013-02-04 13:37:09 +01:00
jvazquez-r7
807bd6e88a
Merge branch 'java_jre17_glassfish_averagerangestatisticimpl' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_glassfish_averagerangestatisticimpl
2013-01-22 15:33:39 +01:00
jvazquez-r7
78279a0397
Added new module for cve-2012-5076
2013-01-17 21:27:47 +01:00
jvazquez-r7
d0b9808fc7
Added module for CVE-2012-5088
2013-01-17 21:14:49 +01:00
jvazquez-r7
51f3f59d2f
cve and references available
2013-01-11 00:54:53 +01:00
jvazquez-r7
876d889d82
added exploit for j7u10 0day
2013-01-10 20:30:43 +01:00
jvazquez-r7
133ad04452
Cleanup of #1062
2012-12-07 11:55:48 +01:00
jvazquez-r7
b7f304f0db
added build exec_payload.msi
2012-11-28 21:51:01 +01:00
jvazquez-r7
5076198ba2
fixing bperry comments
2012-11-11 20:18:19 +01:00
jvazquez-r7
8619c5291b
Added module for CVE-2012-5076
2012-11-11 17:05:51 +01:00
David Maloney
c30ada5eac
Adds temp vbs mod and tweaked decoder stub
2012-11-04 12:49:15 -06:00
jvazquez-r7
b4485fdb2b
added chm templates
2012-10-10 19:21:47 +02:00
h0ng10
2b6aa6bbdb
Added Exploit for deployfilerepository via JMX
2012-09-03 13:50:16 -04:00
jvazquez-r7
363c0913ae
changed dir names according to CVE
2012-08-28 16:33:01 +02:00
jvazquez-r7
52ca1083c2
Added java_jre17_exec
2012-08-27 11:25:04 +02:00
sinn3r
f715527423
Improve CVE-2012-1535
2012-08-21 19:58:21 -05:00
sinn3r
13df1480c8
Add exploit for CVE-2012-1535
2012-08-17 12:16:54 -05:00
HD Moore
430351fe79
Better handle of module cache when db_connect is run manually
2012-07-10 23:56:48 -05:00
LittleLightLittleFire
e9ac90f7b0
added CVE-2012-1723
2012-07-10 12:20:37 +10:00
Tod Beardsley
414214eb9d
Permissions.
2012-06-28 11:42:37 -05:00
jvazquez-r7
6ec990ed85
Merge branch 'Openfire-auth-bypass' of https://github.com/h0ng10/metasploit-framework into h0ng10-Openfire-auth-bypass
2012-06-27 23:09:26 +02:00
h0ng10
428ae21928
Changed readme.html file (was from the statistics plugin)
2012-06-26 12:03:52 -04:00
h0ng10
6cc8390da9
Module rewrite, included Java support, direct upload, plugin deletion
2012-06-26 11:56:44 -04:00
HD Moore
6a91626d94
Permissions
2012-06-25 00:36:39 -05:00
h0ng10
65197e79e2
added Exploit for CVE-2008-6508 (Openfire Auth bypass)
2012-06-24 07:35:38 -04:00
jvazquez-r7
b891e868f5
Added actionscript and swf needed
2012-06-23 08:36:35 +02:00
sinn3r
d7d314862f
Need the trigger to actually make it work, duh!
2012-06-22 23:16:12 -05:00
Tod Beardsley
572fb4cb0c
Permissions fix
2012-06-21 15:39:17 -05:00
Steven Seeley
fcf42d3e7b
added adobe flashplayer array indexing exploit (CVE-2011-2110)
2012-06-20 12:52:37 +10:00
HD Moore
5922ec1f7a
Permissions
2012-06-12 15:20:25 -05:00
sinn3r
4743c9fb33
Add MS12-005 (CVE-2012-0013) exploit
2012-06-10 01:08:28 -05:00
HD Moore
e8af6882eb
Permissions
2012-06-06 20:05:29 -05:00
jvazquez-r7
93741770e2
Added module for CVE-2011-3400
2012-06-05 18:21:55 +02:00
jvazquez-r7
287d68f304
added module for CVE-2008-0320
2012-05-23 17:14:11 +02:00
jvazquez-r7
14d8ba00af
Added batik svg java module
2012-05-17 16:48:38 +02:00
James Lee
7a05f3eab4
Mark failed logins as inactive
2012-05-08 16:51:22 -06:00
James Lee
318b14af4c
Fix improper reporting and stack traces when we missed a banner
...
Also makes sure we delete the session if we got a 221 response, even if
we haven't seen a login yet.
2012-05-08 16:40:56 -06:00
James Lee
1eec1cebb5
Fix improper reporting
...
:proto is always tcp, udp, etc., name is the higher layer name
2012-05-08 16:39:32 -06:00
James Lee
536fa39ae8
Keep the client and the server on tracked tcp sessions
2012-05-08 16:38:12 -06:00
Alexandre Maloteaux
452cead1e9
Merge psnuffle ntlmv2 support from Alex Malateaux
...
Testing this with smbclient requires setting "client ntlmv2 auth = yes"
in /etc/samba/smb.conf
Squashed commit of the following:
commit 7acc32f5f00914fed355a080ca237543448f80ca
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date: Thu Apr 12 01:52:49 2012 +0100
psnuffle : move protocol filtering in load function
commit 9c9ae9711c760b4f072271b7e5993f9bf8366671
Author: Alexandre Maloteaux <a.maloteaux@gmail.com>
Date: Thu Apr 12 01:50:48 2012 +0100
psnuffle : add hash exctratiopn from smbv2 session
[Closes #327 ]
2012-05-08 13:41:42 -06:00
HD Moore
f6005ba06e
Permission change, ignore
2012-04-23 13:42:18 -05:00
sinn3r
9a00823828
Merge branch '0a2940-CVE-2008-5499_adobe_flashplayer_aslaunch'
2012-04-19 18:08:22 -05:00
Tod Beardsley
18d83ee6c1
Permissions fix for modicon_ladder.apx
2012-04-12 14:26:27 -05:00
0a2940
654701f1b2
new file: data/exploits/CVE-2008-5499.swf
...
new file: external/source/exploits/CVE-2008-5499/Exploit.as
new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 20:58:22 +01:00
Tod Beardsley
14d9953634
Adding DigitalBond SCADA modules
2012-04-05 12:35:48 -05:00
Tod Beardsley
ab269ac4ec
Permissions fix for exploit jar file
2012-04-02 09:27:35 -05:00
James Lee
025d905c01
Compiled jar with -target 1.2 so it works on older JVMs
2012-03-30 17:05:20 -06:00
sinn3r
e018c6604f
Modify CVE-2012-0507
2012-03-30 02:06:56 -05:00
Tod Beardsley
bec8d40a6c
File permissions fix
2012-03-29 16:24:31 -05:00
sinn3r
791ebdb679
Add CVE-2012-0507 (Java)
2012-03-29 10:31:14 -05:00
HD Moore
c8c73b076d
Permisssions (ignore)
2012-03-08 16:16:13 -06:00
HD Moore
3e6cbe9486
Add source code to the player
2012-03-08 15:23:10 -06:00
HD Moore
b0db18674c
Test out new player code
2012-03-08 15:05:12 -06:00
sinn3r
f2eab70c3f
Add swf file for CVE-2012-0754
2012-03-07 19:23:11 -06:00
David Maloney
d3fad51f3a
Fix my screwup in winscp for servicename
2012-02-21 20:31:52 -06:00
juan
e69037959f
Added CVE-2010-0842
2012-02-15 23:32:31 +01:00
scriptjunkie
1e811aed02
Adds scriptjunkie's multilingual admin fie for pxexploit
...
Also removes duplicated code between external/source/exploits/pxesploit
and external/source/pxesploit.
[Closes #63 ]
Squashed commit of the following:
commit 325f52527233ded1bf6506c366ec8cb9efdc2610
Author: scriptjunkie <scriptjunkie@scriptjunkie.us>
Date: Fri Dec 16 12:14:18 2011 -0600
Jetzt auf Deutsch! y español! 中國人!
[update pxexploit to resolve administrators' group name rather than assume the English 'Administrators']
Also remove duplicate/old pxexploit source code from the tree.
2011-12-23 12:24:45 -06:00
David Maloney
d939e33f1e
Allows for Loot and Tasks to be imported from an MSF ZIP.
...
This should bring any loots and tasks along with
everything else when doing an improt from an MSF ZIP file.
2011-12-05 22:30:34 -05:00
sinn3r
c5302e13ac
Slight changes
2011-12-01 03:02:08 -06:00
sinn3r
f64f0eefda
Add class file for CVE-2011-3544
2011-11-29 18:06:20 -06:00
David Maloney
30d1451159
Consolidation of the Axis2 Deployer Exploits
...
Fixes #5276
2011-11-22 08:47:53 -08:00