b8df7cc496
Initialize strings fool
2013-09-27 09:01:00 +01:00
5bd414d4b4
Submodule
2013-09-26 23:19:13 +01:00
fc5e389708
Small changes to proj
2013-09-05 22:27:36 +01:00
81c78efaea
Example submodule
2013-09-05 22:00:04 +01:00
280f78c249
Update source
2013-08-30 10:48:47 +01:00
ff5cf396ab
Remove large file and rename payload.dll
2013-08-27 00:30:27 +01:00
035e97523b
In memory bypassuac
2013-08-27 00:13:19 +01:00
795ad70eab
Change directory names
2013-08-15 22:52:42 -05:00
cc5804f5f3
Add Port for OSVDB 96277
2013-08-15 18:34:51 -05:00
c7361043ae
up to date
2013-07-17 11:47:06 -05:00
2634d33832
Forgot C changes
2013-07-06 09:30:09 +01:00
66c2b79177
Initial commit
2013-07-05 19:48:27 +01:00
a4d353fcb3
Clean a little more the VS project
2013-06-29 15:15:27 -05:00
de245113af
Wrap Reflective DLL Readme.md to 80 columns
2013-06-29 09:29:09 -05:00
6878534d4b
Clean Visual Studio Project
2013-06-29 09:20:40 -05:00
7725937461
Add Module for cve-2013-3660
2013-06-28 18:18:21 -05:00
3c1af8217b
Land #2011 , @matthiaskaiser's exploit for cve-2013-2460
2013-06-26 14:35:22 -05:00
b400c0fb8a
Delete project files
2013-06-25 12:58:39 -05:00
d25e1ba44e
Make fixes proposed by review and clean
2013-06-25 12:58:00 -05:00
b32513b1b8
Fix CVE-2013-2171 with @jlee-r7 feedback
2013-06-25 10:40:55 -05:00
74825af933
Add Makefile
2013-06-24 16:08:22 -05:00
6780566a54
Add CVE-2013-2171: FreeBSD 9 Address Space Manipulation Module
2013-06-24 11:50:21 -05:00
8a96b7f9f2
added Java7u21 RCE module
...
Click2Play bypass doesn't seem to work anymore.
2013-06-24 02:04:38 -04:00
7090d4609b
Add module for CVE-2013-1488
2013-06-07 13:38:41 -05:00
9fca89f70b
fix small issues
2013-04-20 01:43:14 -05:00
c225d8244e
Added module for CVE-2013-1493
2013-03-26 22:30:18 +01:00
f04df6300a
makefile updated
2013-02-21 13:44:37 +01:00
da9e58ef79
Added the java code to get the ser file
2013-02-20 18:14:24 +01:00
d88ad80116
Added first version of cve-2013-0431
2013-02-20 16:39:53 +01:00
ee2fed8335
Merge branch 'master' of https://github.com/booboule/metasploit-framework into booboule-master
2013-01-24 16:18:06 +01:00
afa32c7552
Update external/source/exploits/cve-2012-5076_2/Makefile
...
Wrong directory path
2013-01-23 20:18:24 +01:00
d2b75ad005
Update external/source/exploits/cve-2012-5088/Makefile
2013-01-23 12:42:33 +01:00
807bd6e88a
Merge branch 'java_jre17_glassfish_averagerangestatisticimpl' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-java_jre17_glassfish_averagerangestatisticimpl
2013-01-22 15:33:39 +01:00
ef16a7fd24
cleanup
2013-01-17 21:45:13 +01:00
670b4e8e06
cleanup
2013-01-17 21:39:41 +01:00
78279a0397
Added new module for cve-2012-5076
2013-01-17 21:27:47 +01:00
d0b9808fc7
Added module for CVE-2012-5088
2013-01-17 21:14:49 +01:00
51f3f59d2f
cve and references available
2013-01-11 00:54:53 +01:00
e503d596ed
code indention for exploit.java fixed
2013-01-10 20:34:58 +01:00
876d889d82
added exploit for j7u10 0day
2013-01-10 20:30:43 +01:00
133ad04452
Cleanup of #1062
2012-12-07 11:55:48 +01:00
fd1557b6d2
Merge branch 'msi_elevated' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-msi_elevated
2012-11-28 21:49:36 +01:00
bc9065ad42
Move MSI source and binary location
2012-11-27 18:12:49 +00:00
5076198ba2
fixing bperry comments
2012-11-11 20:18:19 +01:00
08cc6d56ec
updated java source
2012-11-11 20:11:33 +01:00
c07701f61e
Makefile updated
2012-11-11 17:44:27 +01:00
1528ccf423
added Makefile for java code
2012-11-11 17:43:57 +01:00
8619c5291b
Added module for CVE-2012-5076
2012-11-11 17:05:51 +01:00
d37b52c9d3
Update source information
2012-08-30 17:48:02 -05:00
363c0913ae
changed dir names according to CVE
2012-08-28 16:33:01 +02:00
52ca1083c2
Added java_jre17_exec
2012-08-27 11:25:04 +02:00
f715527423
Improve CVE-2012-1535
2012-08-21 19:58:21 -05:00
13df1480c8
Add exploit for CVE-2012-1535
2012-08-17 12:16:54 -05:00
54576a9bbd
Last touch-up
...
The contents of this pull request are very similar to what the msf
dev had in private, so everybody is credited for the effort.
2012-07-10 00:37:07 -05:00
956ec9d1da
added Makefile for CVE-2012-1723
2012-07-10 14:12:07 +10:00
e9ac90f7b0
added CVE-2012-1723
2012-07-10 12:20:37 +10:00
38abeeb235
changes on openfire_auth_bypass
2012-06-27 23:16:07 +02:00
245205c6c9
changes on openfire_auth_bypass
2012-06-27 23:15:40 +02:00
6cc8390da9
Module rewrite, included Java support, direct upload, plugin deletion
2012-06-26 11:56:44 -04:00
65197e79e2
added Exploit for CVE-2008-6508 (Openfire Auth bypass)
2012-06-24 07:35:38 -04:00
b891e868f5
Added actionscript and swf needed
2012-06-23 08:36:35 +02:00
fcf42d3e7b
added adobe flashplayer array indexing exploit (CVE-2011-2110)
2012-06-20 12:52:37 +10:00
14d8ba00af
Added batik svg java module
2012-05-17 16:48:38 +02:00
f5e8f57497
Minor fixes
2012-04-19 18:07:35 -05:00
835d8b209d
clear whitespace
2012-04-12 01:08:22 -05:00
654701f1b2
new file: data/exploits/CVE-2008-5499.swf
...
new file: external/source/exploits/CVE-2008-5499/Exploit.as
new file: modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb
2012-04-10 20:58:22 +01:00
6b996ed9de
Add checks for data being null, too, just in case
2012-03-30 16:46:49 -06:00
b424475774
Add a makefile
...
Compiles with an old -target so it will work on older JVMs
2012-03-30 16:25:47 -06:00
e018c6604f
Modify CVE-2012-0507
2012-03-30 02:06:56 -05:00
791ebdb679
Add CVE-2012-0507 (Java)
2012-03-29 10:31:14 -05:00
befb60217c
Add CVE-2012-0754 .as source
2012-03-07 19:25:51 -06:00
e69037959f
Added CVE-2010-0842
2012-02-15 23:32:31 +01:00
1e811aed02
Adds scriptjunkie's multilingual admin fie for pxexploit
...
Also removes duplicated code between external/source/exploits/pxesploit
and external/source/pxesploit.
[Closes #63 ]
Squashed commit of the following:
commit 325f52527233ded1bf6506c366ec8cb9efdc2610
Author: scriptjunkie <scriptjunkie@scriptjunkie.us>
Date: Fri Dec 16 12:14:18 2011 -0600
Jetzt auf Deutsch! y español! 中國人!
[update pxexploit to resolve administrators' group name rather than assume the English 'Administrators']
Also remove duplicate/old pxexploit source code from the tree.
2011-12-23 12:24:45 -06:00
e7c179d0b5
The more description the better
2011-12-01 03:03:37 -06:00
9e71be8ed0
Add source for CVE-2011-3544
2011-11-29 18:04:31 -06:00
16f45fc894
Add empty directories from svn repo.
2011-11-09 18:41:40 -06:00
971b6f96f6
pxesploit update; compatibility with x64, compatibility with different windows versions.
...
Still no custom payload yet.
git-svn-id: file:///home/svn/framework3/trunk@12430 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-25 02:51:07 +00:00
8c614a9296
made the shellcode request random to avoid signatures
...
git-svn-id: file:///home/svn/framework3/trunk@12148 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 16:00:52 +00:00
ff3659aa37
Lots of work to make this a lot more reliable =)
...
git-svn-id: file:///home/svn/framework3/trunk@12146 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 06:35:28 +00:00
fb6107ffb5
enable java payloads, currently via one-off method
...
git-svn-id: file:///home/svn/framework3/trunk@12012 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 23:57:11 +00:00
4644110962
add exploit for cve-2010-4452, currently windows only and no payloads :(
...
git-svn-id: file:///home/svn/framework3/trunk@11982 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 04:50:25 +00:00
5d23306f01
Add bypassuac source to the tree
...
git-svn-id: file:///home/svn/framework3/trunk@11484 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-06 17:30:20 +00:00
6f7af42667
add an exploit for cve-2010-3563, thanks Matthias Kaiser
...
git-svn-id: file:///home/svn/framework3/trunk@11078 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 23:02:35 +00:00
85126af521
add an exploit module for cve-2010-0094, thanks Matthias Kaiser.
...
git-svn-id: file:///home/svn/framework3/trunk@10255 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-08 08:20:55 +00:00
b35cea94cd
add source code for cve-2010-0840
...
git-svn-id: file:///home/svn/framework3/trunk@10095 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-21 07:27:26 +00:00
50914a1e68
add a makefile so i don't forget how to compile this stuff
...
git-svn-id: file:///home/svn/framework3/trunk@9901 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-21 07:27:15 +00:00
119f9328fc
remove debug prints. =/
...
git-svn-id: file:///home/svn/framework3/trunk@9875 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-20 00:57:03 +00:00
08d705c1db
add java meterpreter and update java_calendar_deserialize to be able to use it, see #406
...
git-svn-id: file:///home/svn/framework3/trunk@9874 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-20 00:53:24 +00:00
b37c34579b
add exploit module for cve-2009-3869
...
NOTE: no policy change is required for this exploit to succeed.
git-svn-id: file:///home/svn/framework3/trunk@7899 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-17 04:52:40 +00:00
255724d640
compile java applet with 1.3, Fixes #685
...
git-svn-id: file:///home/svn/framework3/trunk@7850 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-14 17:26:19 +00:00
34408c5e3e
add exploit module for CVE-2009-3867 (JRE getSoundbank)
...
git-svn-id: file:///home/svn/framework3/trunk@7827 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-11 21:18:31 +00:00
b8efb1bbf9
Add Stephen Fewer's shiny exploit for the Java deserialization flaw
...
git-svn-id: file:///home/svn/framework3/trunk@6664 4d416f70-5f16-0410-b530-b9f4589650da
2009-06-16 17:19:44 +00:00
Meatballs
jvazquez-r7
sinn3r
Matthias Kaiser
booboule
sinn3r
LittleLightLittleFire
h0ng10
Steven Seeley
0a2940
James Lee
juan
scriptjunkie
Matt Buck
David Rude
Joshua Drake
HD Moore
James Lee