infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
32,633 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

1303 Commits (6977a12dd83089041cf79b49649858381508c8b4)

Author SHA1 Message Date
jvazquez-r7 91f5d0af5a
Add module for CVE-2014-0569 
* Adobe flash, Integer overflow on casi32
 2015-04-09 19:37:26 -05:00
William Vu e1af495d21 Add extra release fixes 2015-04-06 13:08:40 -05:00
Tod Beardsley 5be5b6097c
Minor grammar on #5030, Adobe Flash 
[See #5030]
 2015-04-06 12:36:25 -05:00
Tod Beardsley 3ff91d74ca
More cleanup, mostly abysssec 
[See #5012]
 2015-04-02 16:16:38 -05:00
Tod Beardsley 4bbec88882
Various other one-off nonhuman author credits 
[See #5012]
 2015-04-02 15:25:47 -05:00
sinn3r 8ea1ffc6ff
Land #5030, CVE-2015-0313 Flash Exploit 2015-03-30 11:31:53 -05:00
jvazquez-r7 f84a46df63
Add module for CVE-2015-0313 2015-03-27 18:51:13 -05:00
C-P 5ba614a325 payloda vs payload 2015-03-27 11:53:20 -07:00
sinn3r 955c0557e0
Land #4988, Relative URL for ms14_064_ole_code_execution 2015-03-26 13:36:37 -05:00
jvazquez-r7 d84c48cb7d
Use newer hash syntax 2015-03-25 13:39:34 -05:00
sinn3r db243a8225 x360_video_player_set_text_bof actually uses SetText for ActiveX 2015-03-23 23:36:20 -05:00
sinn3r 3248f02c2c These exploits use :activex, so I update the usage for them 2015-03-23 19:34:24 -05:00
andygoblins 89e27d98ab Use relative URL to GET payload for WinXP 
Relative URLs are simpler, and allow the exploit to work on attack machines in NAT environments. Example: attack machine is NATed and does not have a DNS hostname. SRVHOST must be 0.0.0.0 but the victim cannot access the attacker from Rex::Socket.source_address
 2015-03-23 14:40:06 -05:00
sinn3r 156520338d Making some changes to how BES handles ActiveX 2015-03-23 12:21:27 -05:00
jvazquez-r7 bb81107e51 Land #4927, @wchen-r7's exploit for Flash PCRE CVE-2015-0318 2015-03-13 23:58:05 -05:00
sinn3r 3bfdfbc987 Small changes 2015-03-13 18:55:11 -05:00
sinn3r 182850df30 Stick to Win 7 2015-03-13 12:41:05 -05:00
sinn3r 2b199315d4 Final 2015-03-13 12:30:41 -05:00
sinn3r 43b90610b1 Temp 2015-03-11 13:53:34 -05:00
sinn3r 2a9d6e64e2 Starting point for CVE-2015-0318 2015-03-11 09:58:41 -05:00
jvazquez-r7 78167c3bb8 Use single quotes when possible 2015-03-09 16:55:21 -05:00
jvazquez-r7 cb72b26874 Add module for CVE-2014-0311 2015-03-09 16:52:23 -05:00
jvazquez-r7 80b76436bb
Land #4831, @wchen-r7's update for MS14-064 exploit 
* Support Windows XP with VBScript technique
 2015-03-03 19:19:49 -06:00
sinn3r 7591e9ece3 Unbreak the comment 2015-03-03 19:14:18 -06:00
sinn3r 79e7bf7f9c Update comments and description 2015-03-03 19:13:15 -06:00
William Vu f2c96b4fdd Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/ntr_activex_stopmodule.rb.
 2015-02-24 05:19:54 -06:00
William Vu b671c9b496 Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/oracle_autovue_setmarkupmode.rb.
 2015-02-24 05:19:53 -06:00
William Vu 2e90f266fa Fix duplicate hash key "massage_array" 
In modules/exploits/windows/browser/ms13_090_cardspacesigninhelper.rb.
 2015-02-24 05:19:52 -06:00
William Vu e618c2f112 Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/cisco_playerpt_setsource_surl.rb.
 2015-02-24 05:19:51 -06:00
William Vu 2ffa368c18 Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/ntr_activex_check_bof.rb.
 2015-02-24 05:19:50 -06:00
William Vu a8f0af4409 Fix duplicate hash key "DefaultOptions" 
In modules/exploits/windows/browser/cisco_playerpt_setsource.rb.
 2015-02-24 05:19:49 -06:00
sinn3r 8d17aa04ee Update the title too 2015-02-24 00:46:35 -06:00
sinn3r 578a545b22 Update MS14-064 for Windows XP 2015-02-23 23:08:13 -06:00
jvazquez-r7 ef990223d5 Move arch out of target 2015-02-21 01:10:35 -06:00
sinn3r 036a6089eb Drop ungenuine x64 support in ms13_022_silverlight_script_object 
The MS13-022 exploit does not actually run as x64. IE by default
still runs x86 so BES will always automatically select that target.

If IE forces x64 (which can be done manually), the BES detection
code will see it as ARCH_X86_64, and the payload generator will
still end up generating a x86 payload anyway.

If the user actually chooses a x64 payload, such as
windows/x64/meterpreter/reverse_tcp, the exploit is going to crash
because you can't run x64 shellcode on an x86 architecture.
 2015-02-19 10:39:43 -06:00
sinn3r 6acbe64dbd The MSB reference in the title is wrong 
It should be MS13-022.

MS12-022 is MSFT Expression Design.
 2015-02-17 14:56:14 -06:00
sinn3r b90639fd66
Land #4726, X360 Software actvx buffer overflow 2015-02-17 11:41:23 -06:00
sinn3r 05d2703a98 Explain why obfuscation is disabled 2015-02-12 14:00:01 -06:00
sinn3r 50c72125a4 ::Errno::EINVAL, disable obfuscation, revoke ms14-064 2015-02-12 11:54:01 -06:00
sinn3r d23c9b552f Trade MS12-004 for MS13-090 against Windows XP BrowserAutoPwn 2015-02-10 18:58:56 -06:00
jvazquez-r7 831a1494ac Keep default behavior for modules forcing Msf::Encoder::Type::AlphanumUpper 2015-02-08 18:29:25 -06:00
jvazquez-r7 3e7e9ae99b Keep default behavior for modules forcing Msf::Encoder::Type::AlphanumMixed 2015-02-08 18:22:11 -06:00
jvazquez-r7 87775c6ee4 Fix description 2015-02-06 23:55:27 -06:00
jvazquez-r7 76387eebe0 Use File.open 2015-02-06 21:35:07 -06:00
jvazquez-r7 f6933ed02c Add module for EDB-35948 2015-02-06 11:05:29 -06:00
Tod Beardsley 036cb77dd0
Land #4709, fixed up some datastore mangling 2015-02-05 21:22:38 -06:00
Tod Beardsley c633c710bc
Mostly caps/grammar/spelling, GoodRanking on MBAM 2015-02-05 12:36:47 -06:00
William Vu a12d1244b9
Fix zenworks_helplauncher_exec datastore 2015-02-05 02:53:47 -06:00
William Vu 148ffaf55f
Fix real_arcade_installerdlg datastore 2015-02-05 02:53:38 -06:00
Tod Beardsley 47d4acd91d
Land #4605, Malwarebytes fake update exploit 2015-02-04 10:28:17 -06:00