9c484dd0a3
Land #2786 - HP SiteScope issueSiebelCmd Remote Code Execution
2013-12-23 02:34:01 -06:00
ed838d73a6
Allow targets to specify Compat[ible] payloads
2013-12-19 17:48:15 -06:00
ca23b32161
Add support for Procs in browserexploit requirements.
2013-12-19 12:49:05 -06:00
cb390bee7d
Move comment.
2013-12-18 20:37:33 -06:00
f411313505
Tidy whitespace.
2013-12-18 20:31:31 -06:00
9ff82b5422
Move datastore options to mixin.
2013-12-18 14:52:41 -06:00
64273fe41d
Move addon datastore options into mixin.
2013-12-18 14:42:01 -06:00
1235615f5f
Add firefox 15 chrome privilege exploit.
...
* Moves the logic for generating a firefox addon into its own mixin
* Updates the firefox_xpi_bootstrapped_addon module to use the mixin
* Module only works if you move your mouse 1px in any direction.
2013-12-18 14:30:35 -06:00
252909a609
Land #2448 , @OJ's ReverseListenerBindPort :)
2013-12-17 11:24:09 -06:00
6ee1a9c6e1
Fix duplicate error
2013-12-17 00:11:37 +00:00
06b399ee30
Remove ERROR_
...
To access as Error::NO_ACCESS
2013-12-16 19:52:11 +00:00
08a44fdfb7
Filename match module
2013-12-16 19:48:17 +00:00
57f2027e51
Move to module
2013-12-16 19:45:52 +00:00
c9084bd2d5
Remove errant fullstops
2013-12-16 18:53:37 +00:00
75c87faaf8
Add Windows Error Codes to Windows Post Mixin
2013-12-16 18:50:18 +00:00
ca1c887e68
Add missing ]
2013-12-15 01:12:50 +00:00
819ba30a33
msftidy
...
Conflicts:
lib/msf/core/post/windows/services.rb
2013-12-15 01:12:46 +00:00
a930056d7f
Added service status checks to Post::Windows::Services
...
Added QueryServiceStatus to Railgun Advapi32 Definitions
Added Checks to module
Conflicts:
lib/msf/core/post/windows/services.rb
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb
2013-12-15 01:12:45 +00:00
f3ce1c10db
Land #2758 , @zeroSteiner's additions to railgun
2013-12-13 15:50:34 -06:00
a08c420862
Add railgun definitions for local exploit relevant functions.
2013-12-12 10:26:08 -05:00
83e448f4ae
Restore vprint_error message
2013-12-12 09:06:29 -06:00
5c1ca97e21
Create a new process to host the final payload
2013-12-12 08:26:44 -06:00
ff9cb481fb
Land #2464 , fixes for llmnr_response and friends
...
Fixed conflict in lib/msf/core/exploit/http/server.rb.
2013-12-10 13:41:45 -06:00
45a0ac9e68
Land #2602 , Windows Extended API
...
Retrieve clipboard data
Retrieve window handles
Retrieve service information
2013-12-08 19:01:35 +00:00
e5a92a18a5
and expand path
2013-12-08 19:01:03 +00:00
3c67f1c6a9
Fix file download
2013-12-08 18:57:10 +00:00
f4636c46a6
Removing unused endjunk, sections_end, cert_entry
2013-12-07 20:55:51 -06:00
77e9996501
Mitigate metasm relocation error by disabling ASLR
...
Deal with import error by actually using the GetProcAddress code.
2013-12-07 20:54:13 -06:00
8d33138489
Support silent shellcode injection into DLLs
...
Only run code on DLL_PROCESS_ATTACH, preventing infinite loop otherwise:
Added code would create thread -> calls DLL entry point -> calling added code...
2013-12-07 19:44:17 -06:00
3aebe968bb
Land #2721 Reflective DLL Mixin
...
Adds support to load a dll and identify the ReflectiveLoader offset.
Adds support to inject dll into process and execute it.
Updates kitrap0d, ppr_flatten_rec, reflective_dll_inject modules and
payload modules to use above features.
2013-12-06 12:26:51 +00:00
e90b7641ca
Allow self-destruct via "kill -s"
...
HTTP(s) payloads don't exit cleanly at the moment. This is an issue that's
being addressed through other work. However, there's a need to be able to
terminate the current HTTP(s) session forcably.
This commit add a -s option to kill, which (when specified) will kill
the current session.
2013-12-06 14:56:19 +10:00
4ca48308c1
Fix downloading of files
2013-12-06 13:40:20 +10:00
155836ddf9
Adjusted style as per egypt's points
2013-12-06 10:08:38 +10:00
ccbf305de1
Remove exception stuff from the payloads
2013-12-06 09:26:46 +10:00
5a0a2217dc
Add exception if DLL isn't RDI enabled
2013-12-06 09:18:08 +10:00
2cb991cace
Shuffle RDI stuff into more appropriate structure
...
Now broken into two modules, one for loading RDI DLLs off disk and
finding the loader function offset, and another for doing the process
specific stuff of loading into the target.
2013-12-06 08:25:24 +10:00
fb84d7e7fe
Update to yardoc conventions
2013-12-06 07:54:25 +10:00
c7bb80c1d7
Add wvu as an author to author.rb
2013-12-05 00:33:07 -06:00
b936831125
Renamed the mixin module
2013-12-05 08:13:54 +10:00
7b24f815ee
Missed a single module in rename
2013-12-04 22:54:07 +10:00
7e8db8662e
Update name of the mixin
...
Changed `RdiMixin` to `ReflectiveDLLInjection`.
2013-12-04 22:18:29 +10:00
f79af4c30e
Add RDI mixin module
...
MSF was starting to see more modules using RDI to load binaries into
remote processes, so it made sense to create a mixin which contained
the functionality that was being used in various locations.
This commit contains the new mixin, and adjustments to all the existing
exploits and modules which use RDI.
2013-12-04 16:09:41 +10:00
1d757c40db
Remove empty parens
2013-12-04 07:10:23 +10:00
8b77da4ef7
Fix non-rubyisms
2013-12-04 07:06:32 +10:00
18e1d9ce17
Revert "Start clipboard monitor functionality"
...
This reverts commit ecbdfd3502
2013-12-04 07:03:12 +10:00
4d3d02ae01
Land #2667 - Add num and dword output format
2013-12-02 13:52:17 -06:00
474a03475f
sorted out the sorts without .sort
2013-12-02 11:57:52 +01:00
8254c0bae2
this site is down
2013-12-01 14:26:03 +08:00
77b036ce5d
Land #2703 , uninit const fix for MSSQL_SQLI
2013-11-27 13:50:48 -06:00
a5aca618e2
fix fail_with usage on Exploit::Remote::MSSQL_SQLI
2013-11-27 11:33:19 -06:00
sinn3r
jvazquez-r7
Joe Vennix
William Vu
Meatballs
Spencer McIntyre
scriptjunkie
OJ
corelanc0d3r
yehualiu