William Vu
13da15e434
Add default PAYLOAD again
...
PrependSetreuid doesn't work with generic/shell_reverse_tcp.
2015-04-16 02:07:02 -05:00
William Vu
e114c85044
Land #5127 , x64 OS X prepend stubs 'n' stuff
2015-04-14 01:25:39 -05:00
William Vu
e324819feb
Add Privileged to info hash
...
Also remove default payload. Was set for CMD.
2015-04-13 15:23:30 -05:00
Tod Beardsley
bd3b6514fa
Dubbed. Whump whump.
2015-04-13 10:52:32 -05:00
Tod Beardsley
d87483b28d
Squashed commit of the following:
...
commit 49f480af8b9d27e676c02006ae8873a119e1aae6
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:42:13 2015 -0500
Fix funny punctuation on rootpipe exploit title
See #5119
commit 0b439671efd6dabcf1a69fd0b089c28badf5ccff
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Mon Apr 13 10:37:39 2015 -0500
Fix vendor caps
Trusting the github repo README at
https://github.com/embedthis/goahead
See #5101
2015-04-13 10:46:47 -05:00
joev
c132a3fb0a
Fix OSX prepends and implement x64 setreuid.
2015-04-11 20:04:21 -05:00
William Vu
fc814a17ae
Add admin check
...
Also break out version check.
2015-04-10 11:24:49 -05:00
William Vu
41885133d8
Refactor and clean
...
Finally breaking free of some stubborn old habits. :)
2015-04-10 11:22:27 -05:00
William Vu
a7601c1b9a
Use zsh to avoid dropping privs
...
Also add some configurable options.
2015-04-10 11:22:00 -05:00
William Vu
4cc6ac6eaa
Clarify vulnerable versions
2015-04-10 11:22:00 -05:00
William Vu
c4b7b32745
Add Rootpipe exploit
2015-04-10 11:22:00 -05:00
jvazquez-r7
0372b08d83
Fix mixin usage on modules
2015-02-13 17:17:59 -06:00
Christian Mehlmauer
de88908493
code style
2014-12-11 23:30:20 +01:00
Tod Beardsley
79f2708a6e
Slight fixes to grammar/desc/whitespace
...
Note that the format_all_drives module had a pile of CRLFs that should
have been caught by msftidy. Not sure why it didn't.
2014-12-04 13:11:33 -06:00
jvazquez-r7
b357fd88a7
Add comment
2014-11-30 21:08:38 -06:00
jvazquez-r7
0ab99549bd
Change ranking
2014-11-30 21:08:12 -06:00
jvazquez-r7
7772da5e3f
Change paths, add makefile and compile
2014-11-30 21:06:11 -06:00
jvazquez-r7
d7d1b72bce
Rename local_variables
2014-11-30 20:40:55 -06:00
jvazquez-r7
d77c02fe43
Delete unnecessary metadata
2014-11-30 20:37:34 -06:00
Joe Vennix
3a5de9970f
Update description, rename xnu_ver -> osx_ver.
2014-11-25 12:38:29 -06:00
Joe Vennix
7a3fb12124
Add an OSX privilege escalation from Google's Project Zero.
2014-11-25 12:34:16 -06:00
URI Assassin
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
James Lee
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
William Vu
df44dfb01a
Add OSVDB and EDB references to Shellshock modules
2014-09-29 21:39:07 -05:00
Samuel Huckins
be6552dae7
Clarifying VMware priv esc via bash module name
2014-09-25 14:34:09 -05:00
Rob Fuller
f13289ab65
remove debugging
2014-09-25 02:16:19 -04:00
Rob Fuller
8cb4ed4cb7
re-add quotes -oops
2014-09-25 02:09:12 -04:00
Rob Fuller
6fb587ef96
update to use vmware-vmx-stats
2014-09-25 01:55:04 -04:00
jvazquez-r7
456d731aa3
Fix processes check
2014-09-25 00:24:39 -05:00
Joe Vennix
f6708b4d83
Check for running vmware processes first.
2014-09-24 19:11:38 -05:00
Joe Vennix
99da950734
Adds osx vmware/bash priv escalation.
2014-09-24 17:44:14 -05:00
HD Moore
583dab62b2
Introduce and use OS matching constants
2014-05-28 14:35:22 -05:00
HD Moore
a844b5c30a
Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into feature/recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
2014-05-18 10:50:32 -05:00
Tod Beardsley
3bfdfb5cab
Grammar
2014-04-28 19:49:56 +01:00
Tod Beardsley
a5baea1a8e
Touch up print_ statements
2014-04-28 19:49:23 +01:00
Joe Vennix
143aede19c
Add osx nfs_mount module.
2014-04-23 02:32:42 -05:00
HD Moore
7e227581a7
Rework OS fingerprinting to match Recog changes
...
This commit changes how os_name and os_flavor are handled
for client-side exploits, matching recent changes to the
server-side exploits and scanner fingerprints.
This commit also updates the client-side fingerprinting to
take into account Windows 8.1 and IE 9, 10, and 11.
2014-04-01 08:14:58 -07:00
Tod Beardsley
2086224a4c
Minor fixes. Includes a test module.
2014-03-10 14:49:45 -05:00
Tod Beardsley
26be236896
Pass MSFTidy please
2014-03-10 14:45:56 -05:00
Joe Vennix
9638bc7061
Allow a custom .app bundle.
...
* adds a method to Rex::Zip::Archive to allow recursive packing
2014-03-06 16:11:30 -06:00
Joe Vennix
5abb442757
Adds more descriptive explanation of 10.8+ settings.
2014-03-06 15:15:27 -06:00
Joe Vennix
43d315abd5
Hardcode the platform in the safari exploit.
2014-03-06 13:04:47 -06:00
Joe Vennix
38a2e6e436
Minor fixes.
2014-03-05 19:03:54 -06:00
Joe Vennix
dca807abe9
Tweaks for BES.
2014-03-05 19:00:15 -06:00
Joe Vennix
12cf5a5138
Add BES, change extra_plist -> plist_extra.
2014-03-05 18:51:42 -06:00
Joe Vennix
cd3c2f9979
Move osx-app format to EXE.
2014-03-04 22:54:00 -06:00
Joe Vennix
32c27f6be0
Tweak timeouts.
2014-03-04 17:16:23 -06:00
Joe Vennix
40047f01d3
Adds Safari User Assisted download launch module.
2014-03-04 17:02:51 -06:00
sinn3r
689999c8b8
Saving progress
...
Progress group 3: Making sure these checks comply with the new
guidelines. Please read: "How to write a check() method" found in
the wiki.
2014-01-21 13:03:36 -06:00
jvazquez-r7
7f9f4ba4db
Make gsubs compliant with the new indentation standard
2013-12-31 11:06:53 -06:00