Tod Beardsley
|
e3f2610985
|
Msftidy run through on the easy stuff.
Still have some hits, but that requires a little more code contortion to
fix.
|
2012-03-15 17:06:20 -05:00 |
Tod Beardsley
|
9144c33345
|
MSFTidy check for capitalization in modules
And also fixes up a dozen or so failing modules.
|
2012-03-15 16:38:12 -05:00 |
sinn3r
|
ecb1fda682
|
Add OSVDB-79651: NetDecision 4.5 HTTP Server Buffer Overflow
|
2012-03-14 05:13:22 -05:00 |
Jonathan Cran
|
1cf25e58d5
|
merge description change
|
2012-03-12 17:22:01 -05:00 |
sinn3r
|
7d95132eab
|
Use a cleaner way to calculate JRE ROP's NEG value
|
2012-03-11 17:27:47 -05:00 |
sinn3r
|
6c19466de8
|
Change output style
|
2012-03-11 13:59:18 -05:00 |
sinn3r
|
25a1552fbd
|
Dynamic VirtualProtect dwSize. Change output style.
|
2012-03-11 13:49:46 -05:00 |
sinn3r
|
b0e7c048c9
|
This module fits the GoodRanking description
|
2012-03-10 00:50:41 -06:00 |
sinn3r
|
1d5bad469c
|
Add Windows 7 SP1 target
|
2012-03-10 00:11:25 -06:00 |
sinn3r
|
1ae779157d
|
Disable Nops so we don't get an ugly crash after getting a shell
|
2012-03-08 18:56:58 -06:00 |
Tod Beardsley
|
1e4d4a5ba0
|
Removing EncoderType from flash module
Also not very useful
|
2012-03-08 16:57:41 -06:00 |
Tod Beardsley
|
302a42a495
|
Fixing up print statements
Dropping the ROP prints since they're not all that useful.
|
2012-03-08 16:56:44 -06:00 |
Tod Beardsley
|
1396fc19bd
|
Fixup bad merge on flash mp4
|
2012-03-08 16:52:53 -06:00 |
sinn3r
|
cb04e47304
|
Attempt #2: there's no cli in get_payload
|
2012-03-08 16:47:49 -06:00 |
sinn3r
|
3563fe1b36
|
The encoder "issue" was just a misconfig on my side. Also there's no cli in get_payload.
|
2012-03-08 16:41:32 -06:00 |
sinn3r
|
fee2e1eff9
|
Minor spray size change
|
2012-03-08 16:19:51 -06:00 |
HD Moore
|
12395c719f
|
Remove debugging code
|
2012-03-08 16:16:42 -06:00 |
HD Moore
|
87274987c1
|
Remove the now obsolete text about SWF_PLAYER
|
2012-03-08 16:16:13 -06:00 |
sinn3r
|
181fdb7365
|
A small title change
|
2012-03-08 16:10:16 -06:00 |
HD Moore
|
1271368b6f
|
Redirect to a trailing slash to make sure relative resources load
properly
|
2012-03-08 15:37:06 -06:00 |
HD Moore
|
b0db18674c
|
Test out new player code
|
2012-03-08 15:05:12 -06:00 |
HD Moore
|
eb847a3dfb
|
Add a nicer prefix to the target selection message
|
2012-03-08 13:46:14 -06:00 |
Tod Beardsley
|
5b566b43b4
|
Catching an update from @hdmoore-r7
wrt the nuclear option.
|
2012-03-08 12:08:39 -06:00 |
sinn3r
|
edb3f19c12
|
A little more padding for Win Vista target
|
2012-03-08 12:04:04 -06:00 |
Tod Beardsley
|
18962e1180
|
Checking in the new Flash exploit to the release
Using the checkout master directly:
git checkout master external/source/exploits/CVE-2012-0754/Exploit.as
git checkout master
modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb
|
2012-03-08 11:55:01 -06:00 |
HD Moore
|
86fc45810b
|
Remove the resource during cleanup
|
2012-03-07 23:04:53 -06:00 |
HD Moore
|
b4e0daf3ca
|
Small tweaks to the adobe mp4 exploit
|
2012-03-07 22:53:47 -06:00 |
sinn3r
|
9ece7b08fc
|
Add vendor's advisory as a reference
|
2012-03-08 00:46:34 -06:00 |
sinn3r
|
5f92bff697
|
Make sure no encoder will break the exploit again
|
2012-03-08 00:44:57 -06:00 |
sinn3r
|
2e94b97c82
|
Fix description
|
2012-03-07 23:59:51 -06:00 |
Tod Beardsley
|
57376a976d
|
Fixes descriptions on new modules.
Fixing up grammar and removing some editorial verbiage.
|
2012-03-07 09:18:47 -06:00 |
sinn3r
|
0550b77522
|
Merge branch 'master' of github.com:rapid7/metasploit-framework
|
2012-03-07 20:04:04 -06:00 |
sinn3r
|
3b4ed13aee
|
Fix typo
|
2012-03-07 20:03:46 -06:00 |
Tod Beardsley
|
33460b6bf4
|
Fixups on the Adobe Flash exploit description
Massaged the lines about the phishing campagin use in the wild.
|
2012-03-07 19:37:49 -06:00 |
sinn3r
|
c76f43c066
|
Add CVE-2012-0754: Adobe Flash Player MP4 cprt overflow
|
2012-03-07 19:24:00 -06:00 |
Tod Beardsley
|
f97dc8dee7
|
Fix spelling of the IBM product iSeries
Was I-Series.
|
2012-03-07 15:24:15 -06:00 |
sinn3r
|
7dfba9c00d
|
Merge branch 'master' of github.com:rapid7/metasploit-framework
|
2012-03-07 14:51:39 -06:00 |
sinn3r
|
0ee7788028
|
Add a check to detect the vulnerable version of Sysax SSH
|
2012-03-07 14:51:21 -06:00 |
Tod Beardsley
|
ba2bf194fd
|
Fixes descriptions on new modules.
Fixing up grammar and removing some editorial verbiage.
|
2012-03-07 09:17:22 -06:00 |
James Lee
|
2b9acb61ad
|
Clean up some incosistent verbosity
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
|
2012-03-06 12:01:20 -07:00 |
HD Moore
|
99177e9d5e
|
Small commit to fix bad reference and old comment
|
2012-03-06 01:44:26 -06:00 |
James Lee
|
70162fde73
|
A few more author typos
|
2012-03-05 13:28:46 -07:00 |
sinn3r
|
4b1e67f94f
|
Add ROP target for Win2k3 SP1 and SP2
|
2012-03-04 17:18:34 -06:00 |
Steve Tornio
|
8f93a5abbb
|
add osvdb ref
|
2012-03-03 12:28:30 -06:00 |
sinn3r
|
fa916d863d
|
Add Sysax SSH buffer overflow exploit
|
2012-03-03 10:11:51 -06:00 |
sinn3r
|
67f788768d
|
Fix tabs
|
2012-03-01 22:31:08 -06:00 |
sinn3r
|
fd2d9ae0ea
|
Add MP4 file generating function. Update the description regarding exploit usage.
|
2012-03-01 22:24:35 -06:00 |
sinn3r
|
b1b2ec2c7d
|
Merge branch 'CVE-2008-5036_vlc_realtext' of https://github.com/juanvazquez/metasploit-framework into juanvazquez-CVE-2008-5036_vlc_realtext
|
2012-03-01 21:13:33 -06:00 |
sinn3r
|
8bad0033d3
|
Update description
|
2012-03-01 19:16:29 -06:00 |
sinn3r
|
0bc26c1665
|
Add CVE-2009-4656: DJ Studio .pls buffer overflow
|
2012-03-01 19:09:25 -06:00 |