819e673b88
Mention about the RSA attack in the description, also add a reference for it
...
git-svn-id: file:///home/svn/framework3/trunk@13697 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-06 17:22:00 +00:00
8a070b81a2
Add the noobfuscation arg to the heaplib call
...
git-svn-id: file:///home/svn/framework3/trunk@13675 4d416f70-5f16-0410-b530-b9f4589650da
2011-09-01 09:00:20 +00:00
22dc0ed551
Fix disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@13670 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-31 00:15:46 +00:00
c5fe6ed503
Reset the target to allow for multiple client connections
...
git-svn-id: file:///home/svn/framework3/trunk@13669 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-30 22:29:14 +00:00
70dffd6afb
Adds Citrix Gateway ActiveX Stack Based Buffer Overflow module
...
git-svn-id: file:///home/svn/framework3/trunk@13666 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-30 22:22:32 +00:00
b331073851
cleaned up some column width issues, added on_new_session clean up code to remove files
...
git-svn-id: file:///home/svn/framework3/trunk@13599 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-20 17:47:03 +00:00
6723c7fb3e
Minor metadata format fix
...
git-svn-id: file:///home/svn/framework3/trunk@13593 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-20 00:11:22 +00:00
8fbd81a0f0
Add HP Easy Printer xmlsimpleaccessor exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13592 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 23:49:45 +00:00
fe53151324
fix tabs
...
git-svn-id: file:///home/svn/framework3/trunk@13590 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 16:58:50 +00:00
056adf7063
Add Win 7 target
...
git-svn-id: file:///home/svn/framework3/trunk@13589 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-19 16:57:19 +00:00
6c58dad979
ugh, why the extra spaces
...
git-svn-id: file:///home/svn/framework3/trunk@13566 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 15:34:49 +00:00
eaa5cf6b5d
Use heaplib on IE 8, allow obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13565 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-15 15:32:17 +00:00
55d60a1af2
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13556 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-13 02:28:49 +00:00
c29a4d5ea3
Specify UUID offset for the custom .Net binary
...
git-svn-id: file:///home/svn/framework3/trunk@13555 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-13 02:15:05 +00:00
f8bf910fbb
missing var
...
git-svn-id: file:///home/svn/framework3/trunk@13554 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-13 02:05:08 +00:00
8bf7a9990b
Improve javascript obfuscation, and allow it as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13553 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 23:03:11 +00:00
20f4280d9f
Exploit is much more reliable than before, it gets a promotion
...
git-svn-id: file:///home/svn/framework3/trunk@13549 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 19:17:23 +00:00
bfc59e4c62
Add MS10-026 exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13547 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-12 19:04:25 +00:00
3b04e7bd9e
Add routine to check target before exploiting it
...
git-svn-id: file:///home/svn/framework3/trunk@13535 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 23:05:45 +00:00
0d9908435a
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13533 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 22:18:25 +00:00
456aeeb90b
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13530 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 18:47:21 +00:00
4ac431948a
Allow JavaScript obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13524 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 15:50:43 +00:00
a1526e86b8
Use heaplib to spray, and use obfuscation as an option
...
git-svn-id: file:///home/svn/framework3/trunk@13523 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 15:25:14 +00:00
a6a444930e
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@13522 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 11:17:30 +00:00
6a89cf5859
Add TeeChart Professional ActiveX exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13520 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-11 08:41:30 +00:00
58198f37ba
Fix reference link
...
git-svn-id: file:///home/svn/framework3/trunk@13513 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 18:58:20 +00:00
8dc4228ee0
Fix very minor typo
...
git-svn-id: file:///home/svn/framework3/trunk@13508 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 17:05:49 +00:00
3b1769d621
Add Mozilla Firefox 3.6.16 mChannel Use After Free exploit by Rh0
...
git-svn-id: file:///home/svn/framework3/trunk@13507 4d416f70-5f16-0410-b530-b9f4589650da
2011-08-10 05:58:02 +00:00
6bf90f884e
Fix debug mode and some extra tabs in JS
...
git-svn-id: file:///home/svn/framework3/trunk@13325 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-24 00:22:29 +00:00
f47a2c7565
Format dictatorship round 2: Fix author e-mail format for all exploit modules
...
git-svn-id: file:///home/svn/framework3/trunk@13297 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-22 20:17:58 +00:00
94aea207d3
Remove extra tabs and spaces
...
git-svn-id: file:///home/svn/framework3/trunk@13148 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 21:10:45 +00:00
9892eb39eb
Syntax fix
...
git-svn-id: file:///home/svn/framework3/trunk@13147 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 20:50:52 +00:00
32a7eb0000
svn propset
...
git-svn-id: file:///home/svn/framework3/trunk@13146 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 19:19:00 +00:00
7958516549
Adds Xeros Firefox nstreerange exploit
...
git-svn-id: file:///home/svn/framework3/trunk@13143 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 17:12:53 +00:00
6448daf571
MS10-018, y u no InitialAutoRunScript
...
git-svn-id: file:///home/svn/framework3/trunk@13141 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-10 07:02:38 +00:00
1058948419
Updated ROP, no more hardcoded ntdll addresses
...
git-svn-id: file:///home/svn/framework3/trunk@13106 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-06 07:22:24 +00:00
1223275330
Change ranking for now until we have a better solution for SP3
...
git-svn-id: file:///home/svn/framework3/trunk@13009 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-23 01:04:29 +00:00
fdbc038bd0
Add BlackIce Cover Page ActiveX downloadimagefileurl exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12992 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-21 02:51:39 +00:00
650762517f
update CVE and OSVDB to match what the author said
...
git-svn-id: file:///home/svn/framework3/trunk@12964 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-17 17:35:57 +00:00
7c47b48f5b
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12962 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-17 01:56:20 +00:00
23cc89482b
CVE correction, thanks Kurt.
...
git-svn-id: file:///home/svn/framework3/trunk@12961 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-17 00:56:11 +00:00
eae350b88b
CVE-2011-1260 seems to be the right one
...
git-svn-id: file:///home/svn/framework3/trunk@12959 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 22:27:10 +00:00
0a04835138
Added MS11-050 by d0c_s4vage
...
git-svn-id: file:///home/svn/framework3/trunk@12956 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-16 21:19:12 +00:00
b9e398c706
adds support for SSL
...
git-svn-id: file:///home/svn/framework3/trunk@12872 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 20:15:51 +00:00
31a659e55a
Fixed this up to use the new JS obfuscation hotness thanks to egyp7s rkelly fu!
...
git-svn-id: file:///home/svn/framework3/trunk@12871 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 19:49:33 +00:00
377a18030a
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12869 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 19:06:18 +00:00
3d7715ce60
Added Cisco AnyConnect VPN Client ActiveX download and execute exploit
...
git-svn-id: file:///home/svn/framework3/trunk@12868 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-06 18:52:26 +00:00
bee19278d7
add a new javascript obfuscation engine using rkelly for parsing. use it in browser_autopwn and ms10_018_ie_behaviors. see #1003
...
git-svn-id: file:///home/svn/framework3/trunk@12839 4d416f70-5f16-0410-b530-b9f4589650da
2011-06-03 00:36:26 +00:00
36983436db
play a little nicer with browser autopwn by not spraying the heap if creating the vulnerable object failed
...
git-svn-id: file:///home/svn/framework3/trunk@12667 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 19:45:14 +00:00
0b88468617
out with the new, in with the old. css_clip is pretty unreliable in my tests, go back to using ie_behaviors in browser autopwn
...
git-svn-id: file:///home/svn/framework3/trunk@12663 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-19 16:33:55 +00:00
f9c49ef9ce
Comment update (this is still for the egghunter fix: bug #4552 )
...
git-svn-id: file:///home/svn/framework3/trunk@12657 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-18 19:50:22 +00:00
6345fec06c
checksum support for egghunter disabled, because not enough room for it. See r4552.
...
git-svn-id: file:///home/svn/framework3/trunk@12656 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-18 19:48:06 +00:00
40894c3726
Moving Iconics webhmi activeX exploit from browser to scada directory
...
git-svn-id: file:///home/svn/framework3/trunk@12584 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-11 20:45:54 +00:00
b84df80983
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12576 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 19:16:07 +00:00
105b5799af
Added ICONICS WebHMI ActiveX SetActiveXGuid bof
...
git-svn-id: file:///home/svn/framework3/trunk@12573 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-10 18:07:15 +00:00
8d78a47e45
get_resource() added to 'src' parameter
...
git-svn-id: file:///home/svn/framework3/trunk@12543 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-05 22:10:30 +00:00
a8b6c43636
reverting the disclosure dates for now need to clean up the patch
...
git-svn-id: file:///home/svn/framework3/trunk@12540 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 20:43:19 +00:00
3b7ea08f6a
Fixes a ton of Disclosure Date discrepencies in various modules, thanks a ton to Michael Baker for spending the time to ensure accuracy
...
git-svn-id: file:///home/svn/framework3/trunk@12539 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-04 19:17:31 +00:00
c5d51cf810
Disclosure date change
...
git-svn-id: file:///home/svn/framework3/trunk@12391 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 15:45:07 +00:00
31f2afc033
fix date
...
git-svn-id: file:///home/svn/framework3/trunk@12388 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 11:12:34 +00:00
cb491e35d2
Changed disclosure date
...
git-svn-id: file:///home/svn/framework3/trunk@12384 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-21 02:10:40 +00:00
458d8cccb8
Modified heap spray routine. Added IE 8 target for XP SP3.
...
git-svn-id: file:///home/svn/framework3/trunk@12383 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-20 21:55:33 +00:00
c28e7259ac
Added CVE-2011-0611 Adobe Flash 0day
...
git-svn-id: file:///home/svn/framework3/trunk@12330 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-16 02:09:33 +00:00
ffe6868d22
Updated vbs stager temp var
...
git-svn-id: file:///home/svn/framework3/trunk@12286 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-09 18:24:43 +00:00
a8947662db
old file hanging around
...
git-svn-id: file:///home/svn/framework3/trunk@12280 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 13:28:57 +00:00
bb26593da7
add osvdb ref. rename file to correct typo
...
git-svn-id: file:///home/svn/framework3/trunk@12279 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 12:41:18 +00:00
717fb83fc9
Added RealNetworks RealGames ActiveX exec arbitrary code execution
...
git-svn-id: file:///home/svn/framework3/trunk@12276 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-08 02:39:11 +00:00
b90d6fc16f
Modified the heap spraying function. Each block size should be more consistent now.
...
git-svn-id: file:///home/svn/framework3/trunk@12264 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-07 07:27:38 +00:00
0882f18ec0
add fix commit diff and fix broken cve reference
...
git-svn-id: file:///home/svn/framework3/trunk@12166 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-28 03:04:54 +00:00
24fd896bfb
add OSVDB reference back, conflict handling fail!
...
git-svn-id: file:///home/svn/framework3/trunk@12165 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-28 03:02:46 +00:00
214751379f
Updated: using get_resource() instead of datastore['URIPATH']
...
git-svn-id: file:///home/svn/framework3/trunk@12156 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-27 03:56:45 +00:00
25ca59b56f
Added Win Vista and debug target
...
git-svn-id: file:///home/svn/framework3/trunk@12153 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 23:22:51 +00:00
349512f48d
Updated exploit ranking and description to reflect the new ranking
...
git-svn-id: file:///home/svn/framework3/trunk@12151 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 19:33:38 +00:00
81fae13258
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12147 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 12:05:48 +00:00
ff3659aa37
Lots of work to make this a lot more reliable =)
...
git-svn-id: file:///home/svn/framework3/trunk@12146 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 06:35:28 +00:00
eb7df0be8e
Updated how the trigger file should be loaded... the proper way.
...
git-svn-id: file:///home/svn/framework3/trunk@12140 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-26 00:07:36 +00:00
77ceadc6ad
Updated description and how the trigger file loads
...
git-svn-id: file:///home/svn/framework3/trunk@12139 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 22:49:11 +00:00
08f210ac52
Added CVE-2010-3275 (VLC AMV vulnerability)
...
git-svn-id: file:///home/svn/framework3/trunk@12137 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-25 21:03:12 +00:00
89ec6ab5da
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12092 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 11:19:45 +00:00
8233030184
opps removed mixin require as well
...
git-svn-id: file:///home/svn/framework3/trunk@12091 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 04:41:48 +00:00
f8534f06dd
opps removed mixin reference =)
...
git-svn-id: file:///home/svn/framework3/trunk@12090 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 04:40:38 +00:00
d7266b6551
Add CVE-2011-0609 exploit for Adobe Flash
...
git-svn-id: file:///home/svn/framework3/trunk@12089 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-23 04:31:48 +00:00
586c1f9305
oops, broke the LIBPATH option
...
git-svn-id: file:///home/svn/framework3/trunk@12015 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-18 01:18:18 +00:00
f4fe3f11b0
enable bind payloads, thx hdm :)
...
git-svn-id: file:///home/svn/framework3/trunk@12014 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-18 00:52:58 +00:00
4992deed21
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@12013 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-18 00:16:06 +00:00
fb6107ffb5
enable java payloads, currently via one-off method
...
git-svn-id: file:///home/svn/framework3/trunk@12012 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 23:57:11 +00:00
36b83cde6f
Added exploit for CVE-2010-3747 RealPlayer CDDA URI Code Execution
...
git-svn-id: file:///home/svn/framework3/trunk@12009 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 15:42:28 +00:00
382e63e16e
fixed a typo in javascript
...
git-svn-id: file:///home/svn/framework3/trunk@12007 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-17 04:40:36 +00:00
4a1e59be8d
oops =D
...
git-svn-id: file:///home/svn/framework3/trunk@11983 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 05:01:29 +00:00
4644110962
add exploit for cve-2010-4452, currently windows only and no payloads :(
...
git-svn-id: file:///home/svn/framework3/trunk@11982 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-16 04:50:25 +00:00
695963dde7
Fixed references
...
git-svn-id: file:///home/svn/framework3/trunk@11888 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-07 02:28:15 +00:00
b51c9f8397
oops forgot a , =)
...
git-svn-id: file:///home/svn/framework3/trunk@11887 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-06 20:42:37 +00:00
6dc0596870
Added Novell iPrint GetDriverSettings <= 5.52 exploit from mr_me thanks
...
git-svn-id: file:///home/svn/framework3/trunk@11886 4d416f70-5f16-0410-b530-b9f4589650da
2011-03-06 20:27:06 +00:00
8ef05017b8
style compliance fixes, naughty naughty
...
git-svn-id: file:///home/svn/framework3/trunk@11796 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-22 20:49:44 +00:00
c322534907
Add exploit for CVE-2010-3765, firefox interleaved document.write and appendChild calls.
...
git-svn-id: file:///home/svn/framework3/trunk@11773 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-18 02:23:10 +00:00
8c8b181ffb
Update ms11_xxx modules to reflect bulletin release, minor style fixes
...
git-svn-id: file:///home/svn/framework3/trunk@11730 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-08 23:31:44 +00:00
e06d4d52fe
convert VLC module to FileFormat, adjust spray
...
git-svn-id: file:///home/svn/framework3/trunk@11705 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-03 18:16:40 +00:00
3ac076c20a
add exploit for VLC media player WebM processing from Dan Rosenburg
...
git-svn-id: file:///home/svn/framework3/trunk@11692 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-01 18:54:24 +00:00
a62f1922b3
fix typos, lol?
...
git-svn-id: file:///home/svn/framework3/trunk@11662 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-28 23:56:35 +00:00
d7cda0f85a
accept a client argument for get_uri()
...
git-svn-id: file:///home/svn/framework3/trunk@11623 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-22 00:16:57 +00:00
f3bda46333
doesn't work on IE8, fixes #3566 , thanks Hauke Mehrtens for the patch
...
git-svn-id: file:///home/svn/framework3/trunk@11610 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-20 19:30:59 +00:00
b6b9b83dd7
add CVE reference
...
git-svn-id: file:///home/svn/framework3/trunk@11579 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-14 16:25:37 +00:00
739604ea12
Fixes #3469 , silly typo
...
git-svn-id: file:///home/svn/framework3/trunk@11520 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 05:58:55 +00:00
d994f595fe
remove unused vars
...
git-svn-id: file:///home/svn/framework3/trunk@11517 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 01:59:10 +00:00
287f4c87fe
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@11516 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 01:13:26 +00:00
19e8a6a5b1
switch AutoRunScript for InitialAutoRunScript, oops
...
git-svn-id: file:///home/svn/framework3/trunk@11513 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-08 00:25:44 +00:00
a206ed8418
clarifying wmi tools are not installed by default
...
git-svn-id: file:///home/svn/framework3/trunk@11481 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-06 05:27:37 +00:00
bc7a8e3b47
fix silly merge conflict data in HTML
...
git-svn-id: file:///home/svn/framework3/trunk@11479 4d416f70-5f16-0410-b530-b9f4589650da
2011-01-05 22:52:54 +00:00
08df4dac3b
randomize import styles, patch from jjarmoc
...
git-svn-id: file:///home/svn/framework3/trunk@11443 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-29 16:49:20 +00:00
b3bfb5834e
change credit to passerby
...
git-svn-id: file:///home/svn/framework3/trunk@11427 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-28 17:10:19 +00:00
5f5d2992ce
add reference to 0x557 slides (for .NET 2.0 rop)
...
git-svn-id: file:///home/svn/framework3/trunk@11405 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-23 01:36:54 +00:00
cdfe03ce43
add MSFT advisory and CVE
...
git-svn-id: file:///home/svn/framework3/trunk@11404 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-23 01:30:43 +00:00
09b00739fb
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@11402 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 22:21:56 +00:00
0f24d1955c
minor corrections, use .NET 2.0 ROP :)
...
git-svn-id: file:///home/svn/framework3/trunk@11398 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 18:26:18 +00:00
44c8a71dcf
minor clean ups
...
git-svn-id: file:///home/svn/framework3/trunk@11397 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 18:23:16 +00:00
1407d7f1d5
revert back. little more reliable.
...
git-svn-id: file:///home/svn/framework3/trunk@11396 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 17:40:13 +00:00
d89c60f2de
add exploit module wmi_admintools.rb
...
git-svn-id: file:///home/svn/framework3/trunk@11395 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-22 14:35:36 +00:00
c4c0cabccb
switch to .NET 2.0 ROP, Merry Xmas!
...
git-svn-id: file:///home/svn/framework3/trunk@11390 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-21 19:24:19 +00:00
5d2f26b41b
add exploit for unpatched IE css import bug
...
git-svn-id: file:///home/svn/framework3/trunk@11383 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-20 16:34:07 +00:00
b8b0e1af97
fix typo
...
git-svn-id: file:///home/svn/framework3/trunk@11380 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-20 09:11:45 +00:00
f15e6e5e62
update autopwn, replace ms10-018 behaviors with ms10-090 css clip.
...
git-svn-id: file:///home/svn/framework3/trunk@11333 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-14 18:53:22 +00:00
af56bebfa1
note ms10-090 bulletin
...
git-svn-id: file:///home/svn/framework3/trunk@11331 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-14 18:41:20 +00:00
e6f640bc17
add cve and osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@11189 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 03:18:05 +00:00
14ea7a85bb
svn keywords
...
git-svn-id: file:///home/svn/framework3/trunk@11188 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 02:03:25 +00:00
5ed387aa38
added exploit module enjoysapgui_comp_download.rb
...
git-svn-id: file:///home/svn/framework3/trunk@11187 4d416f70-5f16-0410-b530-b9f4589650da
2010-12-01 02:01:46 +00:00
e9faf75503
fix some more titles with periods
...
git-svn-id: file:///home/svn/framework3/trunk@11127 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-24 19:35:38 +00:00
52389d28f4
make windows the default target
...
git-svn-id: file:///home/svn/framework3/trunk@11102 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 20:54:25 +00:00
7a3770f87b
don't use java_basicservice_impl in browser autopwn because it doesn't work in an iframe against IE and causes popups in other browsers
...
git-svn-id: file:///home/svn/framework3/trunk@11101 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-22 20:44:16 +00:00
d608db778c
we're not sending an applet, just a jar, clarify the output
...
git-svn-id: file:///home/svn/framework3/trunk@11084 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-21 19:58:04 +00:00
6f7af42667
add an exploit for cve-2010-3563, thanks Matthias Kaiser
...
git-svn-id: file:///home/svn/framework3/trunk@11078 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-19 23:02:35 +00:00
3992eb7ef8
Mass RE-update: fix all framework URL references
...
git-svn-id: file:///home/svn/framework3/trunk@10998 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:43:22 +00:00
9fc6f2f3a3
Mass update: fix all framework URL references
...
git-svn-id: file:///home/svn/framework3/trunk@10996 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 22:25:13 +00:00
eab0a40caa
switch up IE6 target to work on older version
...
git-svn-id: file:///home/svn/framework3/trunk@10978 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-11 02:54:56 +00:00
61e5d00722
switch title, comment out IE8 target for now
...
git-svn-id: file:///home/svn/framework3/trunk@10963 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-09 23:12:48 +00:00
338d6e3693
add osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@10914 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-05 02:58:01 +00:00
b0f64ebba1
add a debug target
...
git-svn-id: file:///home/svn/framework3/trunk@10912 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-05 00:08:55 +00:00
76123e79c1
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10909 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 23:59:56 +00:00
979ddcd8e5
add exploit for cve-2010-3962
...
git-svn-id: file:///home/svn/framework3/trunk@10907 4d416f70-5f16-0410-b530-b9f4589650da
2010-11-04 23:44:23 +00:00
9f5fca12f7
add osvdb ref
...
git-svn-id: file:///home/svn/framework3/trunk@10828 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-26 15:28:04 +00:00
f909b360ba
note tested on 6u11
...
git-svn-id: file:///home/svn/framework3/trunk@10820 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-25 20:22:08 +00:00
3fffd15549
add exploit for cve-2010-3552 (w/dep bypass)
...
git-svn-id: file:///home/svn/framework3/trunk@10819 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-25 20:21:41 +00:00
0251c446f1
add cve, osvdb refs
...
git-svn-id: file:///home/svn/framework3/trunk@10784 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 12:21:30 +00:00
6bd75bb2d5
add shockwave exploit from abysssec/rel1k
...
git-svn-id: file:///home/svn/framework3/trunk@10779 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-22 03:15:22 +00:00
7de96a710f
add trendmicro extsetowner exploit from Trancer
...
git-svn-id: file:///home/svn/framework3/trunk@10538 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 04:26:09 +00:00
279c604015
missed a couple exe generater includes
...
git-svn-id: file:///home/svn/framework3/trunk@10504 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-28 16:19:50 +00:00
b8b21cd53c
handle dirs and index.html specially
...
git-svn-id: file:///home/svn/framework3/trunk@10454 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-24 01:11:05 +00:00
600ec0a848
add two exploits from Trancer! woot!
...
git-svn-id: file:///home/svn/framework3/trunk@10429 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 18:46:29 +00:00
d89004753c
Fixes #2450 by allowing any length extension
...
git-svn-id: file:///home/svn/framework3/trunk@10411 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 02:59:22 +00:00
8e5cf31e9a
big exe/dll update, see #2017
...
NOTE: These changes specifically affect payload encoding via RPC, "use
payload", and msfencode
1. consolidate user-specified exe generation routine (now
Msf::Util::EXE.to_executable_fmt)
2. supported format types are now queried/checked using arrays
3. cleaned up and standardized exe option passing
4. rename data store options for EXE mixin
5. add generate_payload_exe_service for psexec/smb_relay
6. reworked default template handling in Msf::Util::EXE
a. added template search path option (not used if template includes
a path separator)
b. "fallback" flag to enable using default if specified file doesn't
exist
7. added Msf::Util::EXE.to_win64pe_dll
8. improved error messages from exe generation
git-svn-id: file:///home/svn/framework3/trunk@10404 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 00:13:30 +00:00
4590844871
tons of indentation fixes, some other style tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
Wei Chen
David Rude
Steve Tornio
James Lee
Mario Ceballos
Joshua Drake
Matt Weeks
Jonathan Cran
HD Moore