Wei Chen
06e8cc49f5
Land #10297 , Add priv escalation mod for CVE-2018-8897
2018-07-13 08:57:19 -07:00
Brent Cook
31ce48502c
Land #9528 , WebKit apple safari trident exploit (CVE-2016-4657)
2018-06-04 15:37:57 -07:00
bwatters-r7
38465e69a8
Land #8795 , Added CVE-2016-0040 Windows Privilege Escalation
...
Merge branch 'land-8795' into upstream-master
2018-05-04 09:38:28 -05:00
bwatters-r7
5a07be9b96
Land #9041 , Add LPE on Windows using CVE-2017-8464
2017-11-08 10:09:03 -06:00
Spencer McIntyre
c2578c1487
Refactor GetProcessSid to remove do while FALSE
2017-11-07 19:11:24 -05:00
Spencer McIntyre
3f6f70f820
Move the cve-2017-8464 source to external/source
2017-10-08 13:58:51 -04:00
L3cr0f
6a3fc618a4
Add bypassuac_injection_winsxs.rb module
2017-06-03 12:59:50 +02:00
Brent Cook
176e88f293
Land #7835 , Add Windows Local Privilege Escalation exploit stub
2017-03-08 06:20:58 -05:00
wchen-r7
3d269b46ad
Support OS X for Microsoft Office macro exploit
2017-02-16 12:28:11 -06:00
wchen-r7
ccaa783a31
Add Microsoft Office Word Macro exploit
2017-02-02 17:44:55 -06:00
OJ
b6e882c8eb
Add a Windows LPE exploit template for x64/x86
2017-01-17 11:20:14 +10:00
OJ
32173b9701
Move execute_payload to the kernel lib
2017-01-17 11:19:26 +10:00
Brent Cook
2585c8c8b5
Land #7461 , convert futex_requeue (towelroot) module to use targetting and core_loadlib
2017-01-11 13:24:25 -06:00
Tim
25a8283af3
fork early and use WfsDelay
2016-12-20 00:59:27 +08:00
Tim
f1efa760df
more fixes
2016-12-20 00:52:11 +08:00
Tim
e6d4c0001c
hide debug printing
2016-12-20 00:52:11 +08:00
Tim
7ac3859393
convert futex_requeue module to use targetting and core_loadlib
2016-12-20 00:52:11 +08:00
Tim
3afa20a1af
fix double \n in printf
2016-12-13 17:02:23 +08:00
Tim
fe9972cc25
fork early and use WfsDelay
2016-12-13 17:02:23 +08:00
Tim
891fccb4e2
add pattern for GT-S7392
2016-12-13 17:02:23 +08:00
Tim
07ce7f3aed
fix make run
2016-12-13 17:02:23 +08:00
Tim
9ece45a180
dont exit(0) when exploit fails
2016-12-13 17:02:23 +08:00
Tim
ebf7ae0739
add CVE-2013-6282, put_user/get_user exploit for Android
2016-12-13 17:02:23 +08:00
h00die
0d1fe20ae5
revamped
2016-10-15 20:57:31 -04:00
h00die
12493d5c06
moved c code to external sources
2016-10-13 20:37:03 -04:00
OJ
0e82ced082
Add LPE exploit module for the capcom driver flaw
...
This commit includes:
* RDI binary that abuses the SMEP bypass and userland function pointer
invocation that is provided by the driver.
* Related metasploit module.
* Associated make.build to build from command line.
* Updated command line build file.
This also includes the beginnings of a new set of functions that help
with the management/automation of kernel-related work on Windows for
local priv esc exploits.
2016-09-27 22:37:45 +10:00
William Webb
21e6211e8d
add exploit for cve-2016-0189
2016-08-01 13:26:35 -05:00
William Webb
b4b3a84fa5
refactor ms16-016 code
2016-07-05 20:50:43 -05:00
dmohanty-r7
eb4611642d
Add Jenkins CLI Java serialization exploit module
...
CVE-2015-8103
2015-12-11 14:57:10 -06:00
jvazquez-r7
2c9734f178
Add exploit source
2015-09-15 14:54:05 -05:00
jvazquez-r7
6e857568e0
Delete comments
2015-09-03 13:33:40 -05:00
jvazquez-r7
b39575928e
Update reflective exploit
2015-09-03 11:01:41 -05:00
jvazquez-r7
ecf3fb61d6
Replace external source
2015-08-26 15:32:50 -05:00
William Vu
d54249370b
Move tpwn source to external/source/exploits
2015-08-17 18:27:47 -05:00
wchen-r7
7113c801b1
Land #5732 , reliability update for adobe_flash_hacking_team_uaf
2015-07-17 16:43:39 -05:00
jvazquez-r7
255d8ed096
Improve adobe_flash_opaque_background_uaf
2015-07-16 14:56:32 -05:00
jvazquez-r7
bd5d372436
Add build comment
2015-07-15 18:30:05 -05:00
jvazquez-r7
138789b77c
Fix indentation
2015-07-15 18:29:28 -05:00
jvazquez-r7
b504f0be8e
Update adobe_flash_hacking_team_uaf
2015-07-15 18:18:04 -05:00
jvazquez-r7
299978d0e2
Put again old exploiter
2015-07-11 00:36:32 -05:00
jvazquez-r7
63005a3b92
Add module for flash CVE-2015-5122
...
* Just a fast port for the exploit leaked
* Just tested on win7sp1 / IE11
2015-07-11 00:28:55 -05:00
Tod Beardsley
3d630de353
Replace with a real CVE number
2015-07-07 14:44:12 -05:00
jvazquez-r7
d9aacf2d41
Add module for hacking team flash exploit
2015-07-07 11:19:48 -05:00
jvazquez-r7
1de94a6865
Add module for CVE-2015-3113
2015-07-01 13:13:57 -05:00
jvazquez-r7
e49c36998c
Fix indentation
2015-06-25 14:12:23 -05:00
jvazquez-r7
ee0377ca16
Add module for CVE-2015-3105
2015-06-25 13:35:01 -05:00
Spencer McIntyre
2206a6af73
Support older targets x86 for MS15-051
2015-06-25 09:33:15 +10:00
OJ
3686accadd
Merge branch 'upstream/master' into cve-2015-1701
2015-06-22 07:52:17 +10:00
OJ
b78ba55c25
Merge minor CVE-2015-1701 from zeroSteiner
2015-06-22 07:50:26 +10:00
Spencer McIntyre
d73a3a4a5f
Dont call ExitProcess because it might kill the shell
2015-06-21 16:16:33 -04:00