infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
32,640 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

278 Commits (832487cad784c01f57684b162b6563204ea41433)

Author SHA1 Message Date
joev 3313dac30f
Land #5119, @wvu's addition of the OSX rootpipe privesc exploit. 
orts
borts
 2015-04-10 12:38:25 -05:00
William Vu c4b7b32745 Add Rootpipe exploit 2015-04-10 11:22:00 -05:00
jvazquez-r7 91f5d0af5a
Add module for CVE-2014-0569 
* Adobe flash, Integer overflow on casi32
 2015-04-09 19:37:26 -05:00
jvazquez-r7 11c6f3fdca
Do reliable resolution of kernel32 2015-03-29 15:52:13 -05:00
jvazquez-r7 f84a46df63
Add module for CVE-2015-0313 2015-03-27 18:51:13 -05:00
Spencer McIntyre 076f15f933
Land #4792 @jakxx Publish It PUI file exploit 2015-03-18 20:59:54 -04:00
jakxx 085e6cc815 Implemented Recommended Changes 
-corrected spelling error
-set only option to required
-dumped header data to included file
-Used Rex for jmp values
 2015-03-17 16:39:56 -04:00
jvazquez-r7 bb81107e51 Land #4927, @wchen-r7's exploit for Flash PCRE CVE-2015-0318 2015-03-13 23:58:05 -05:00
sinn3r 0ee0a0da1c This seems to work 2015-03-13 04:43:06 -05:00
sinn3r 0c3329f69e Back on track 2015-03-12 15:26:55 -05:00
sinn3r 215c209f88
Land #4901, CVE-2014-0311, Flash ByteArray Uncompress UAF 2015-03-11 14:04:17 -05:00
sinn3r 43b90610b1 Temp 2015-03-11 13:53:34 -05:00
sinn3r 2a9d6e64e2 Starting point for CVE-2015-0318 2015-03-11 09:58:41 -05:00
jvazquez-r7 cb72b26874 Add module for CVE-2014-0311 2015-03-09 16:52:23 -05:00
joev d7295959ca Remove open-uri usage in msf. 2015-03-05 23:45:28 -06:00
sinn3r b90639fd66
Land #4726, X360 Software actvx buffer overflow 2015-02-17 11:41:23 -06:00
jvazquez-r7 1f4fdb5d18
Update from master 2015-02-10 10:47:17 -06:00
jvazquez-r7 511f637b31 Call CollectGarbage 2015-02-09 14:44:31 -06:00
Brent Cook af405eeb7d
Land #4287, @timwr's exploit form CVS-2014-3153 2015-02-09 10:33:14 -06:00
Brent Cook 0e4f3b0e80 added built data/exploits/CVE-2014-3153.elf 2015-02-09 09:50:31 -06:00
jvazquez-r7 a46a53acaf Provide more space for the payload 2015-02-06 14:49:49 -06:00
jvazquez-r7 414349972f Fix comment 2015-02-06 11:34:20 -06:00
jvazquez-r7 b5e230f838 Add javascript exploit 2015-02-06 11:04:59 -06:00
jvazquez-r7 aa7f7d4d81 Add DLL source code 2015-02-01 19:59:10 -06:00
jvazquez-r7 d211488e5d Add Initial version 2015-02-01 19:47:58 -06:00
jvazquez-r7 f9dccda75d Delete unused files 2015-01-22 18:00:31 -06:00
sinn3r 74e8e057dd Use RDL 2015-01-09 19:02:08 -06:00
sinn3r fce564cde2 Meh, not the debug build. Should be the release build. 2015-01-08 22:06:07 -06:00
sinn3r 14c54cbc22 Update DLL 2015-01-08 21:36:02 -06:00
sinn3r d3738f0d1a Add DLL 2015-01-08 17:17:55 -06:00
jvazquez-r7 7a2c9c4c0d
Land #4263, @jvennix-r7's OSX Mavericks root privilege escalation 
* Msf module for the Ian Beer exploit
 2014-11-30 21:13:07 -06:00
jvazquez-r7 7772da5e3f Change paths, add makefile and compile 2014-11-30 21:06:11 -06:00
Meatballs f5f32fac06
Add token fiddling from nishang 2014-11-28 23:02:59 +00:00
Meatballs 48a5123607
Merge remote-tracking branch 'upstream/master' into pr4233_powerdump 2014-11-27 20:08:11 +00:00
Joe Vennix 7a3fb12124
Add an OSX privilege escalation from Google's Project Zero. 2014-11-25 12:34:16 -06:00
Peter Marszalik 830af7f95e identified instances of tabs vs spaces in the original 
identified 16 instances in the original code where tab was used vs spaces. updated to keep consistent.
 2014-11-25 12:17:43 -06:00
Peter Marszalik 705bd42b41 tab to space change - line 296 2014-11-22 14:48:44 -06:00
Peter Marszalik 900aa9cd6b powerdump.ps1 bug - corrupt hash fix 
Fixed the bug where the hashes are not being extracted correctly when LM is disabled and history is enabled. 

Rather than relying on length, LM and NT headers are checked. Four bytes at 0xa0 show if LM exists and four bytes at 0xac show if NT exists. Details on this known issue can be found in the following whitepaper from blackhat:
https://media.blackhat.com/bh-us-12/Briefings/Reynolds/BH_US_12_Reynods_Stamp_Out_Hash_WP.pdf
 2014-11-18 23:10:57 -06:00
jvazquez-r7 c35dc2e6b3 Add module for CVE-2014-6352 2014-11-12 01:10:49 -06:00
sinn3r c2391bf011 Add an R in /Info for the trailer dictionary to make it readable 2014-11-05 22:28:37 -06:00
sinn3r 1b2554bc0d Add a default template for CVE-2010-1240 PDF exploit 2014-11-05 17:08:38 -06:00
jvazquez-r7 f43a6e9be0 Use PDWORD_PTR and DWORD_PTR 2014-10-31 17:35:50 -05:00
jvazquez-r7 8e547e27b3 Use correct types 2014-10-31 12:37:21 -05:00
jvazquez-r7 6574db5dbb Fix the 64 bits code 2014-10-30 17:01:59 -05:00
jvazquez-r7 03a84a1de3 Search the AccessToken 2014-10-30 12:17:03 -05:00
OJ 908094c3d3 Remove debug, treat warnings as errors 2014-10-28 09:04:02 +10:00
OJ 0a03b2dd48 Final code tidy 2014-10-28 08:59:33 +10:00
jvazquez-r7 042d29b1d6 Compile binaries in house 2014-10-27 12:18:33 -05:00
jvazquez-r7 4406972b46 Do version checking minor cleanup 2014-10-27 09:32:42 -05:00
jvazquez-r7 0aaebc7872 Make GetPtiCurrent USER32 independent 2014-10-26 18:51:02 -05:00