jvazquez-r7
5c8053491f
Add DEP bypass for ntdll ms12-001
2013-06-12 10:41:05 -05:00
jvazquez-r7
a1c7961cbc
Suport js obfuscation for the trigger
2013-06-12 08:06:12 -05:00
jvazquez-r7
5240c6e164
Add module for MS13-037 CVE-2013-2551
2013-06-12 07:37:57 -05:00
Joe Vennix
45da645717
Update ff svg exploit description to be more accurate.
2013-06-11 12:12:18 -05:00
sinn3r
2874aead2e
Land #1938 - Change sevone_enum because it's an Scanner
2013-06-11 11:42:18 -05:00
jvazquez-r7
0578572d98
Change sevone_enum because it's an Scanner
2013-06-11 08:51:15 -05:00
sinn3r
081baad68c
Remove variable 'overflow' because it's not used
...
The 'overflow' variable isn't needed
2013-06-11 02:26:45 -05:00
sinn3r
5b61f99ee6
Land #1933 - Update smart_hashdump Regular Expressions for Win 8 & 2012
2013-06-10 13:28:04 -05:00
jvazquez-r7
0c6dbe9885
Add final cleanup for sevone_enum
2013-06-10 13:16:22 -05:00
jvazquez-r7
6765a911a4
Land #1921 , @juushya brute force login module for SevOne
2013-06-10 13:15:14 -05:00
sinn3r
622dc27d95
Land #1925 - fix SNMP enum module failing to catch some fail cases
...
[FixRM:#7945]
2013-06-10 12:51:02 -05:00
KarnGaneshen
5c988d99fe
more updates to sevone.rb. hopefully all is covered..
2013-06-10 21:59:18 +05:30
sinn3r
0895184e1f
Land #1932 - Actually support OUTPUTPATH datastore option
2013-06-10 11:22:28 -05:00
KarnGaneshen
04171c46ec
more updates to sevone.rb. hopefully all is covered.
2013-06-10 21:47:56 +05:30
Tod Beardsley
f58e279066
Cleanup on module names, descriptions.
2013-06-10 10:52:22 -05:00
jvazquez-r7
3fbbe3e7b3
Make msftidy happy
2013-06-10 08:16:15 -05:00
jvazquez-r7
3c05cf4382
Land #1842 , @viris DoS module for cve-2013-0229
2013-06-10 08:15:45 -05:00
Dejan Lukan
154894bda6
Added comments and merged jvazquez-r7-miniupnp_dos_clean branch.
2013-06-10 10:18:26 +02:00
Carlos Perez
a9df55c27a
Add Windows 2012 to regex matching
2013-06-09 20:46:44 -04:00
Carlos Perez
8e83f0ee30
Add Windows 8 and 2012 to regex matching
2013-06-09 20:41:46 -04:00
Ruslaideemin
cb79aa252a
Fix output path in ms10_004_textbytesatom.rb
...
ms10_004_textbytesatom.rb does not write to the local data directory,
instead it writes to the metasploit path (at least, that's where I
started msfrpcd).
This fixes it by using Msf::Config.local_directory
2013-06-09 07:28:48 +10:00
sinn3r
f55edac0ca
Title and description update
2013-06-07 22:38:53 -05:00
sinn3r
a510084f1c
Description change.
2013-06-07 22:35:46 -05:00
jvazquez-r7
600494817d
Fix typo and target name
2013-06-07 21:08:38 -05:00
jvazquez-r7
9025b52951
make the payload build more clear
2013-06-07 18:05:11 -05:00
jvazquez-r7
d76e14fc9c
Add module for OSVDB 93004 - Exim Dovect exec
2013-06-07 17:59:04 -05:00
Karn Ganeshen
74bddcf339
Update sevone_enum.rb
...
New updates as per review comments
2013-06-08 02:28:09 +05:30
sinn3r
aefcc51704
Land #1924 - Java pwn2own 2013: java_jre17_driver_manager (CVE-2013-1488)
2013-06-07 15:12:09 -05:00
Karn Ganeshen
1ca8fd2cf1
Update sevone_enum.rb
...
Updated as per initial review comments.
2013-06-08 01:14:43 +05:30
jvazquez-r7
79bfdf3ca6
Add comment to explain the applet delivery methods
2013-06-07 14:20:21 -05:00
Thomas Ring
2bb0bd504c
Makign changes recommended in redmine 7945 to fix SNMP enum module failing to catch some fail cases
2013-06-07 13:55:59 -05:00
jvazquez-r7
641fd3c6ce
Add also the msf module
2013-06-07 13:39:19 -05:00
Karn Ganeshen
fcc600aa3e
Create sevone_enum.rb
...
Adding new aux - SevOne Network Performance Management System application version enumeration and brute force login Utility
2013-06-07 23:39:22 +05:30
jvazquez-r7
a157e65802
Land #1916 , @wchen-r7's exploit for Synactics PDF
2013-06-07 12:11:45 -05:00
sinn3r
ea2895ac13
Change to AverageRanking
...
Just to play with the firing order for Browser Autopwn, this one
should fire as late as possible.
2013-06-07 12:08:51 -05:00
sinn3r
9c7b446532
Updates description about default browser setting
2013-06-07 11:58:31 -05:00
James Lee
0302437c2b
Land #1915 , smtp user enumeration enhancements
2013-06-07 11:42:41 -05:00
sinn3r
f3421f2c3a
Fix different landings
2013-06-07 10:26:04 -05:00
sinn3r
da4b18c6a1
[FixRM:#8012] - Fix message data type to int
...
This patch makes sure s.message is actually an int, that way we can
properly stop or enable the service.
2013-06-06 23:49:14 -05:00
sinn3r
e559824dc8
Remove whitespace
2013-06-06 20:08:50 -05:00
sinn3r
d3e57ffc46
Add OSVDB-93754: Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
...
This module exploits a vulnerability found in Synactis' PDF In-The-Box ActiveX
component, specifically PDF_IN_1.ocx. When a long string of data is given
to the ConnectToSynactis function, which is meant to be used for the ldCmdLine
argument of a WinExec call, a strcpy routine can end up overwriting a TRegistry
class pointer saved on the stack, and results in arbitrary code execution under the
context of the user.
2013-06-06 20:05:08 -05:00
Thomas Ring
8cf5b548c3
make recommended changes
2013-06-06 14:23:25 -05:00
Thomas Ring
067899341e
fix a number of issues with the existing module (slowness, false positives, false negatives, stack traces, enumering unix users on windows systems, etc)
2013-06-06 13:26:04 -05:00
jvazquez-r7
ec52795182
Clean for miniupnp_dos.rb
2013-06-06 11:19:26 -05:00
Steve Tornio
4d26299de3
add osvdb ref 93881 and edb ref 21191
2013-06-05 18:57:33 -05:00
William Vu
1596fb478a
Land #1886 , awk bind shell
2013-06-05 09:05:37 -05:00
William Vu
8ffa4ac9ac
Land #1885 , awk reverse shell
2013-06-05 09:04:49 -05:00
Roberto Soares Espreto
f6977c41c3
Modifications done in each PR.
2013-06-05 07:55:05 -03:00
Roberto Soares Espreto
b20401ca8c
Modifications done in each PR.
2013-06-05 07:51:10 -03:00
sinn3r
6d3dcf0cef
Land #1912 - Fixed check for Admins SID in whoami /group output
2013-06-05 02:55:38 -05:00