Tim W
88ab836e15
Land #9987 , AF_PACKET chocobo_root exploit
2018-05-21 17:05:53 +08:00
bwatters-r7
294b263159
Land #9966 , Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit
...
Merge branch 'land-9966' into upstream-master
2018-05-18 17:06:04 -05:00
Tim W
6594cbb5cc
Land #9947 , AF_PACKET packet_set_ring exploit
2018-05-17 18:43:52 +08:00
Brendan Coles
4322e56c71
Recompile pre-compiled exploit executable (stripped, no DEBUG)
2018-05-17 09:43:07 +00:00
Tim W
ce5b24eda0
fork early and cleanup files in module
2018-05-17 00:32:01 +08:00
Tim W
ed5f2bffa9
Land #9919 , add libuser roothelper privilege escalation exploit
2018-05-12 17:11:21 +08:00
Brendan Coles
5ae9b0185d
Add AF_PACKET chocobo_root Privilege Escalation exploit
2018-05-07 07:11:07 +00:00
bwatters-r7
ce5be387c4
Land #8795 , Added CVE-2016-0040 Windows Privilege Escalation
...
Merge branch 'land-8795' into upstream-master
2018-05-03 16:33:53 -05:00
bwatters-r7
729461e448
Re-add compiled Binary
2018-05-03 15:50:15 -05:00
bwatters-r7
16432efd8f
Remove binary file
2018-05-03 14:45:58 -05:00
Brendan Coles
3a688451b6
Add Reliable Datagram Sockets (RDS) Privilege Escalation
2018-05-03 12:51:21 +00:00
Brendan Coles
f7504dd9d5
Add AF_PACKET packet_set_ring Privilege Escalation exploit
2018-04-28 01:40:17 +00:00
Brendan Coles
00583caadf
Add Libuser roothelper Privilege Escalation exploit
2018-04-23 17:49:11 +00:00
h00die
285b329ee1
Land #9422 abrt race condition priv esc on linux
2018-02-11 11:58:39 -05:00
h00die
7cb0a118c1
Land #9399 a linux priv esc against apport and abrt
2018-02-01 21:54:54 -05:00
Brent Cook
aae77fc1a4
Land #9349 , GoAhead LD_PRELOAD CGI Module
2018-01-22 23:10:36 -06:00
Brendan Coles
5e11d36351
Add ABRT raceabrt Privilege Escalation module
2018-01-16 14:52:33 +00:00
Brendan Coles
2f3e3b486a
Use cross-compiled exploit
2018-01-13 05:44:42 +00:00
Brendan Coles
8bbffd20cd
Add Apport chroot Privilege Escalation exploit
2018-01-12 07:25:35 +00:00
dmohanty-r7
a5fa63405f
Land #9206 , Add Xplico RCE exploit module
2018-01-03 16:02:51 -06:00
HD Moore
0b9fbe5a63
Resolve a bug in reverse_tcp and segfaults across payloads
2017-12-29 14:18:55 -06:00
HD Moore
ab8886e25c
Updated payloads and addition of payload stubs
2017-12-28 16:21:37 -06:00
William Vu
caae33b417
Land #9170 , Linux UDF for mysql_udf_payload
2017-12-21 20:48:24 -06:00
HD Moore
e73ae9e1a4
Remove the useless findsock wrapper
2017-12-18 22:09:35 -06:00
HD Moore
a44010deb1
WIP for GoAhead LD_PRELOAD
2017-12-18 10:51:47 -06:00
Yorick Koster
942e44ceae
Added local copies of the static content
2017-12-02 10:14:14 +01:00
Mehmet İnce
86e47589b0
Add xplico remote code execution
2017-11-14 09:30:57 +03:00
bwatters-r7
4abe8ff0d9
recompile binaries
2017-11-08 09:33:48 -06:00
bwatters-r7
9b24ed8406
Removed binaries for recompile
2017-11-08 09:26:40 -06:00
Spencer McIntyre
c2578c1487
Refactor GetProcessSid to remove do while FALSE
2017-11-07 19:11:24 -05:00
h00die
697031eb36
mysql UDF now multi
2017-11-03 05:26:05 -04:00
Spencer McIntyre
3f6f70f820
Move the cve-2017-8464 source to external/source
2017-10-08 13:58:51 -04:00
Spencer McIntyre
d0ebfa1950
Change the template technicque to work as an LPE
2017-10-05 10:30:28 -04:00
Spencer McIntyre
949633e816
Cleanup cve-2017-8464 template and build script
2017-10-02 15:18:13 -04:00
Kirk Swidowski
2ee94ca3d9
made changes based on PR feedback.
2017-09-01 16:49:17 -07:00
Kirk Swidowski
b7fc990d17
moved project to the source directory.
2017-09-01 16:09:53 -07:00
h00die
dc358dd087
unknow to unknown
2017-08-18 11:33:48 -04:00
Kirk R. Swidowski
cad266d469
added source code for CVE-2016-0040
2017-08-11 15:54:01 -04:00
Kirk R. Swidowski
33d3fd20a1
added CVE-2016-0040 privilege escalation exploit.
2017-08-03 19:12:32 -04:00
Yorick Koster
81500f7336
Updated Mutex code, reduce the number of times the payload is executed
2017-08-03 10:26:55 -05:00
Yorick Koster
c3bc27385e
Added source code for DLL template
2017-08-02 15:47:22 -05:00
Yorick Koster
46ec04dd15
Removed This PC ItemID & increased timeout in WaitForSingleObject
...
Remove the This PC ItemID to bypass (some) AV.
Timeout for WaitForSingleObject is set to 2,5s. After this timeout a
mutex is released allowed a new payload to be executed.
2017-08-02 15:47:22 -05:00
Yorick Koster
e6e94bad4b
Replace CreateEvent with CreateMutex/WaitForSingleObject
...
Time out is set to 1500 ms to prevent running the payload multiple times
2017-08-02 15:47:22 -05:00
Yorick Koster
e51e1d9638
Added new DLL templates to prevent crashing of Explorer
2017-08-02 15:47:21 -05:00
Brent Cook
a01a2ead1a
Land #8467 , Samba CVE-2017-7494 Improvements
2017-05-30 00:15:03 -05:00
HD Moore
38491fd7ba
Rename payloads with os+libc, shrink array inits
2017-05-27 19:50:31 -05:00
HD Moore
b7b0c26f4a
Reduce minimum GLIBC versions where we can
2017-05-27 19:28:41 -05:00
HD Moore
184c8f50f1
Rework the Samba exploit & payload model to be magic.
2017-05-27 17:03:01 -05:00
wchen-r7
ee13195760
Update office_word_macro exploit to support template injection
2017-05-25 15:53:45 -05:00
HD Moore
afc804fa03
Quick Ghostscript module based on the public PoC
2017-04-28 09:56:52 -05:00