Tab Assassin
84aaf2334a
Retab new material
2013-09-03 11:47:26 -05:00
Tab Assassin
0c1e6546af
Update from master
2013-09-03 11:45:39 -05:00
Tod Beardsley
ca8dacb93b
Minor module description updates for grammar.
2013-09-03 10:31:45 -05:00
sinn3r
ac0b14e793
Add the missing CVE reference
...
Was looking at all the 2013 exploit modules for missing CVE references
2013-08-31 18:54:16 -05:00
sinn3r
0736677a01
Land #2299 - Add powershell support & removes ADODB.Stream requirement
2013-08-31 00:32:23 -05:00
sinn3r
c4aa557364
Land #2292 - Fix the way to get a session over a telnet connection
2013-08-31 00:29:25 -05:00
Tab Assassin
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
jvazquez-r7
5b32c63a42
Land #2308 , @wchen-r7's exploit for MS13-059
2013-08-30 10:59:36 -05:00
jvazquez-r7
ea8cd2dc46
Update authors list
2013-08-30 10:52:39 -05:00
sinn3r
a283f1d4fa
Correct module title
2013-08-30 10:50:35 -05:00
sinn3r
f4e09100bd
Correct file name
2013-08-30 10:50:05 -05:00
sinn3r
38dbab9dd0
Fix typos
2013-08-30 10:43:26 -05:00
sinn3r
7401f83d8e
Land #2305 - HP LoadRunner lrFileIOService ActiveX WriteFileString Bug
2013-08-30 03:23:47 -05:00
sinn3r
0a1b078bd8
Add CVE-2013-3184 (MS13-058) CFlatMarkupPointer Use After Free
...
Please see module description for more info.
2013-08-30 03:16:28 -05:00
jvazquez-r7
657be3a3d9
Fix typo
2013-08-29 14:42:59 -05:00
jvazquez-r7
4a6bf1da7f
Add module for ZDI-13-207
2013-08-29 14:09:45 -05:00
Tod Beardsley
7b9314763c
Add the require boilerplate
...
Fixes a bug that sometimes comes up with load order on this module. I
know @jlee-r7 is working on a better overall solution but this should
solve for the short term.
Note, since the problem is practically machine-specific. @jlee-r7
suggested rm'ing all modules but the one under test. Doing that exposes
the bug, and I've verified this fix in that way.
2013-08-29 13:03:11 -05:00
Meatballs
a12f5092dd
Encode the powershell cmd
2013-08-28 22:37:11 +01:00
Meatballs
aa0563244b
Update unsafe scripting module
2013-08-28 22:30:46 +01:00
James Lee
feae4a41e7
I don't like end-of-line comments
2013-08-28 12:42:26 -05:00
sinn3r
57c7d0679a
Land #2295 - Add platform info
2013-08-28 10:38:50 -05:00
jvazquez-r7
26531dbaa7
Land #2100 , @ddouhine's exploit for OSVDB 83543
2013-08-28 08:55:59 -05:00
jvazquez-r7
ab572d7d72
Fix Authors metadata section
2013-08-28 08:53:48 -05:00
Vlatko Kosturjak
b702a0d353
Fix "A payload has not been selected."
...
Since platform definition is missing, exploitation fails.
2013-08-28 12:53:08 +02:00
jvazquez-r7
0bfc12ada1
Fix the way to get a session over a telnet connection
2013-08-27 11:38:49 -05:00
sinn3r
b0226cab79
Land #2290 - HP LoadRunner lrFileIOService ActiveX Vulnerability
2013-08-27 11:19:43 -05:00
sinn3r
2e4e3fdbe6
Land #2237 - Fix check function
2013-08-27 11:11:54 -05:00
jvazquez-r7
997c5e5516
Land #2291 , @todb-r7's patch for oracle_endeca_exec's requires
2013-08-27 11:01:21 -05:00
Tod Beardsley
15b741bb5f
Require the powershell mixin explicitly
2013-08-27 10:36:51 -05:00
jvazquez-r7
f59f57e148
Randomize object id
2013-08-27 10:35:06 -05:00
jvazquez-r7
66fa1b41aa
Fix logic to spray correctly IE9
2013-08-27 09:57:55 -05:00
g0tmi1k
7efe85dbd6
php_include - added @wchen-r7's code improvements
2013-08-27 14:00:13 +01:00
jvazquez-r7
93c46c4be5
Complete the Author metadata
2013-08-26 23:29:16 -05:00
jvazquez-r7
8efe2d9206
Land #2289 , @jlee-r7's exploit for CVE-2013-1662
2013-08-26 23:27:19 -05:00
jvazquez-r7
e1e889131b
Add references and comments
2013-08-26 23:26:13 -05:00
James Lee
63786f9e86
Add local exploit for taviso's vmware privesc
2013-08-26 21:06:40 -05:00
sinn3r
7a4d781538
Land #2274 - Firefox XMLSerializer Use After Free
2013-08-26 20:53:42 -05:00
violet
4cbdf38377
updated contact info
...
MASTER OF DISASTER
ULTRA LASER
:::::::-. :::::::.. :::::::-. ... ... . :
;;, `';,;;;;``;;;; ;;, `';, .;;;;;;;. .;;;;;;;. ;;,. ;;;
`[[ [[ [[[,/[[[' `[[ [[,[[ \[[,,[[ \[[,[[[[, ,[[[[,
$$, $$ $$$$$$c $$, $$$$$, $$$$$$, $$$$$$$$$$$"$$$
888_,o8P' 888b "88bo,d8b 888_,o8P'"888,_ _,88P"888,_ _,88P888 Y88" 888o
MMMMP"` MMMM "W" YMP MMMMP"` "YMMMMMP" "YMMMMMP" MMM M' "MMM
2013-08-26 16:14:49 -07:00
Tod Beardsley
6b15a079ea
Update for grammar in descriptions on new modules.
2013-08-26 14:52:51 -05:00
jvazquez-r7
252f48aeee
Land #2272 , @jvennix-r7's exploit for CVE-2013-1775
2013-08-26 13:21:58 -05:00
jvazquez-r7
0baaf989fb
Delete on_new_session cleanup, as discusses with @jlee-r7
2013-08-26 13:20:43 -05:00
jvazquez-r7
f8d1d29648
Add module for ZDI-13-182
2013-08-25 23:07:08 -05:00
Joe Vennix
757886bece
Remove some extra wip files.
2013-08-24 14:52:52 -05:00
Joe Vennix
29320f5b7f
Fix vn refs. Add juan as an @author.
2013-08-24 13:07:35 -05:00
jvazquez-r7
5b812b0c22
Add references
2013-08-24 12:12:21 -05:00
jvazquez-r7
b4ad8c8867
Beautify module
2013-08-24 12:08:38 -05:00
Joe Vennix
0e116730a1
Polishing module. Tested on 10.8, 10.8.2, and 10.8.4.
2013-08-24 12:01:38 -05:00
jvazquez-r7
b13d357000
Add ranking
2013-08-24 11:35:35 -05:00
jvazquez-r7
3ce23ffb49
Make a test before running the payload
2013-08-24 11:20:47 -05:00
jvazquez-r7
ab293d2ad9
Make msftidy happy
2013-08-24 10:51:19 -05:00