Commit Graph

700 Commits (75de792558170171ea69c86fac8307619d5dd610)

Author SHA1 Message Date
Gabor Seljan 0b85a81b01 Use REXML to generate exploit file 2014-12-24 19:23:28 +01:00
Gabor Seljan 9be95eacb8 Use %Q for double-quoted string 2014-12-22 07:37:32 +01:00
sgabe bb33a91110 Update description to be a little more descriptive 2014-12-21 19:31:58 +01:00
sgabe cd02e61a57 Add module for OSVDB-114279 2014-12-21 17:00:45 +01:00
Christian Mehlmauer 0f27c63720
fix msftidy warnings 2014-12-12 13:16:21 +01:00
Christian Mehlmauer 544f75e7be
fix invalid URI scheme, closes #4362 2014-12-11 23:34:10 +01:00
Tod Beardsley dd1920edd6
Minor typos and grammar fixes 2014-11-13 14:48:23 -06:00
jvazquez-r7 31f3aa1f6d Refactor create packager methods 2014-11-13 01:16:15 -06:00
jvazquez-r7 38a96e3cfc Update target info 2014-11-13 00:56:42 -06:00
jvazquez-r7 e25b6145f9 Add module for MS14-064 bypassing UAC through python for windows 2014-11-13 00:56:10 -06:00
jvazquez-r7 c35dc2e6b3 Add module for CVE-2014-6352 2014-11-12 01:10:49 -06:00
sinn3r 1b2554bc0d Add a default template for CVE-2010-1240 PDF exploit 2014-11-05 17:08:38 -06:00
Tod Beardsley 6812b8fa82
Typo and grammar 2014-10-20 11:02:09 -05:00
sinn3r 8b5a33c23f
Land #4044 - MS14-060 "Sandworm" 2014-10-17 16:46:32 -05:00
jvazquez-r7 70f8e8d306 Update description 2014-10-17 16:17:00 -05:00
jvazquez-r7 e52241bfe3 Update target info 2014-10-17 16:14:54 -05:00
sinn3r ef1556eb62 Another update 2014-10-17 13:56:37 -05:00
jvazquez-r7 8fa648744c Add @wchen-r7's unc regex 2014-10-17 13:46:13 -05:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
jvazquez-r7 e5903562ee Delete bad/incomplete validation method 2014-10-17 10:36:01 -05:00
sinn3r a79427a659 I shoulda checked before git commit 2014-10-17 00:54:45 -05:00
sinn3r 4c0048f26a Update description 2014-10-17 00:46:17 -05:00
jvazquez-r7 1d16bd5c77 Fix vulnerability discoverer 2014-10-16 18:01:45 -05:00
jvazquez-r7 807f1e3560 Fix target name 2014-10-16 17:58:45 -05:00
jvazquez-r7 c1f9ccda64 Fix ruby 2014-10-16 17:55:00 -05:00
jvazquez-r7 e40642799e Add sandworm module 2014-10-16 16:37:37 -05:00
William Vu 9f6a40dfd6
Fix bad pack in mswin_tiff_overflow
Reported by @egyjuzer in #3706.
2014-08-26 11:14:44 -05:00
jvazquez-r7 b259e5b464 Update description again 2014-08-07 09:21:25 -05:00
jvazquez-r7 4af0eca330 Update target description 2014-08-07 09:11:01 -05:00
William Vu 25f74b79b8
Land #3484, bad pack/unpack specifier fix 2014-07-16 14:52:23 -05:00
jvazquez-r7 8937fbb2f5 Fix email format 2014-07-11 12:45:23 -05:00
HD Moore c9b6c05eab Fix improper use of host-endian or signed pack/unpack
Note that there are some cases of host-endian left, these
are intentional because they operate on host-local memory
or services.

When in doubt, please use:

```
ri pack
```
2014-06-30 02:50:10 -05:00
Christian Mehlmauer 8e1949f3c8
Added newline at EOF 2014-06-17 21:03:18 +02:00
sinn3r b1ac0cbdc7
Land #3239 - Added target 6.1 to module 2014-04-28 18:28:14 -05:00
Tod Beardsley 1b4fe90003
Fix msftidy warnings on wireshark exploits 2014-04-28 19:51:38 +01:00
sinn3r cde9080a6a Move module to fileformat 2014-04-24 13:17:08 -05:00
Ken Smith 66b1c79da9 Update rop chain for versions 6.2 and 6.1 2014-04-21 13:27:14 -04:00
Ken Smith c99f6654e8 Added target 6.1 to module 2014-04-11 09:59:11 -04:00
Spencer McIntyre 3f6c8afbe3 Fix typo of MSCOMCTL not MCCOMCTL 2014-04-08 14:52:18 -04:00
Spencer McIntyre 85197dffe6 MS14-017 Word RTF listoverridecount memory corruption 2014-04-08 14:44:20 -04:00
Tod Beardsley 7572d6612e
Spelling and grammar on new release modules 2014-04-07 12:18:13 -05:00
jvazquez-r7 56bd35c8ce Add module for WinRAR spoofing vulnerability 2014-04-07 09:21:49 -05:00
sinn3r d7ca537a41 Microsoft module name changes
So after making changes for MSIE modules (see #3161), I decided to
take a look at all MS modules, and then I ended up changing all of
them. Reason is the same: if you list modules in an ordered list
, this is a little bit easier to see for your eyes.
2014-03-28 20:56:53 -05:00
Tod Beardsley 8f2124f5da
Minor updates for release
Fixes some title/desc action.
Adds a print_status on the firefox module so it's not just silent.
Avoids the use of "puts" in the description b/c this freaks out msftidy
(it's a false positive but easily worked around).
2014-03-17 13:26:26 -05:00
sinn3r 243fa4f56a
Land #2910 - MPlayer Lite M3U Buffer Overflow 2014-03-13 14:13:17 -05:00
sinn3r e832be9eeb Update description and change ranking
The exploit requires the targeted user to open the malicious in
specific ways.
2014-03-13 14:09:37 -05:00
William Vu 25ebb05093 Add next chunk of fixes
Going roughly a third at a time.
2014-03-11 12:23:59 -05:00
sgabe 408fedef93 Add module for OSVDB-98283 2014-03-04 00:51:01 +01:00
Tod Beardsley de6be50d64
Minor cleanup and finger-wagging about a for loop 2014-03-03 14:12:22 -06:00
Meatballs 63751c1d1a
Small msftidies 2014-02-28 22:18:59 +00:00