Commit Graph

1332 Commits (708ae76cba41f09123c987d48e6e84fab7d023c3)

Author SHA1 Message Date
Brent Cook 5fc7167beb Merge remote-tracking branch 'upstream/master' into land-10812- 2019-02-07 09:31:02 -06:00
Brent Cook cb6d7fa210
Land #11165, Fix intermittent problem with native osx stager 2019-02-06 22:39:07 -06:00
phra e6f89a38e7
chore: update juicy potato reflective DLL source to latest 2019-01-12 04:02:13 +01:00
phra 149f895329
feat: add LOGFILE support for debug 2019-01-11 18:21:54 +01:00
phra 944bda316e
feat: execute shellcode in the dll 2019-01-11 16:28:30 +01:00
phra cb03ffaa28
chore: update juicy potato reflective DLL source to latest 2019-01-10 18:00:34 +01:00
phra f3c40b615e
chore: add juicy potato reflective DLL source code 2019-01-10 17:19:33 +01:00
Tim W 861c286739 fix osx stager compatibility with PluginProcessShim 2018-12-24 19:26:10 +08:00
Tim W d04070c528 fix osx stager when run under debugger 2018-12-18 14:12:36 +08:00
Wei Chen cc7cb7302e
Land #10944, Add macOS Safari exploit from pwn2own2018 2018-12-13 13:50:19 -06:00
Tim W 57bad6b213 move offsets to hash
fix
2018-11-20 17:58:34 +08:00
Tim W 44b1b6fe31 fix forking 2018-11-20 15:58:55 +08:00
Tim W 420be60900 add CVE-2018-4237 2018-11-15 08:48:10 +08:00
Tim W 2c30459a1b add CVE-2018-4233 and CVE-2018-4404 2018-11-15 08:44:18 +08:00
bwatters-r7 b4c005c4d4
Land #10561, Add Windows local privilege escalation - CVE-2018-0824
Merge branch 'land-10561' into upstream-master
2018-10-25 13:22:31 -05:00
Tim W 71bf4ead73 add find_memcmp() offsets 2018-10-22 19:49:34 +08:00
Tim W abdbc89171 fix warnings 2018-10-21 22:02:27 +08:00
Tim W 853f9c3701 add find_memcmp() offset function 2018-10-21 21:17:00 +08:00
Tim W ccd56dd1b1 move offsets to offsets32.c 2018-10-21 20:56:15 +08:00
Tim W f697891332 find amfi memcmp offset 2018-10-21 20:51:55 +08:00
Tim W 83bc1a3854 better error handling 2018-10-21 20:51:07 +08:00
bwatters-r7 47353553e5 Get everything together finally (still needs cleanup) 2018-10-19 18:15:44 -05:00
William Vu cea619aab1 Prefer Git for all the things 2018-10-19 15:40:16 -05:00
William Vu 713f44204d Add PTY-less support to shell_request in patch 2018-10-19 00:47:44 -05:00
William Vu 009980f8ca Add ssh_server_fork.patch to get RCE out of libssh 2018-10-19 00:40:08 -05:00
Wei Chen 3cee96d8ed
Land #10664, add Windows SetImeInfoEx Win32k NULL Pointer Dereference 2018-10-18 14:42:14 -05:00
bwatters-r7 d2c013001d
Update stuff 2018-10-17 17:17:05 -05:00
Tim W 981b527692 fix offset detection 2018-10-16 16:32:26 +08:00
Tim W 57e2dd2192 send payload url to loader 2018-10-16 14:41:34 +08:00
Tim W 1e066df7fd fix debug printing 2018-10-15 17:04:31 +08:00
bwatters-r7 629f4c190d
change encoding so app source no longer appears as binary 2018-10-12 14:44:17 -05:00
bwatters-r7 d1d40115c5
Fix source to not look like binary 2018-10-12 14:39:00 -05:00
Shelby Pace cdc2918c84
removed original binary, added source 2018-10-11 11:42:51 -05:00
Tim W 7fce2bd428 initial commit of 32bit trident exploit 2018-10-10 17:41:28 +08:00
bwatters-r7 28fb27187a
Land #10418, Add DCOM/RPC NTLM Reflection (MS16-075) Via Reflective DLL
Merge branch 'land-10418' into upstream-master
2018-10-04 16:54:53 -05:00
bwatters-r7 ce59964141
Recompile binaries and prep for VS2013 compiles 2018-10-04 16:21:23 -05:00
bwatters-r7 19a5c89b9d Update VS toolset to match VS 2013 2018-10-02 17:00:43 -05:00
Jacob Robles c76f095cd0
Inject Payload to Memory First 2018-09-19 21:13:49 -05:00
Jacob Robles dfa030c2df
Use System Directory 2018-09-19 08:49:12 -05:00
William Vu 6a63feced4 Merge remote-tracking branch 'upstream/master' into pr/10418 2018-09-18 19:54:44 -05:00
7echSec 47afa21b5f
Added Unmarshal visual studio project 2018-09-18 19:59:30 +05:30
Jacob Robles 83af598e6a
Updated VS solution and module 2018-09-17 17:38:19 -05:00
bwatters-r7 f38e6f45ce
Redo dllinjection 2018-09-14 17:47:53 -05:00
asoto-r7 4cf344dd83
WIP: Initial CVE-2018-8440 / ALPC-TaskSched-LPE 2018-09-13 18:00:20 -05:00
Mumbai 48255d6173 add soluition file 2018-08-21 11:07:31 -04:00
Mumbai 4a88d643ba adding reflective Potato 2018-08-03 02:09:24 -04:00
bwatters-r7 eab62c18c6
Update mov_ss and add mov_ss_dll 2018-07-27 09:40:34 -05:00
bwatters-r7 f33d12676f
Added License, make msftidy happy, and include original cve project
readme document.
2018-07-13 10:19:41 -05:00
bwatters-r7 156b822401
First stab at cve-2018-8897 2018-07-12 17:31:53 -05:00
Brent Cook 61a98b94b6
Land #9528, WebKit apple safari trident exploit (CVE-2016-4657) 2018-06-02 21:52:52 -05:00