Commit Graph

2526 Commits (874fe643432dfc3498057333bcaecf26517b335c)

Author SHA1 Message Date
jvazquez-r7 874fe64343 Merge branch 'ms11_050_ropdb_update' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ms11_050_ropdb_update 2012-10-06 14:10:36 +02:00
sinn3r e02adc1f35 Merge branch 'mubix-bypassuac_uac_check' 2012-10-06 02:09:16 -05:00
sinn3r 33429c37fd Change print_error to print_debug as a warning 2012-10-06 02:08:19 -05:00
sinn3r 94d5eb7a8c Use RopDb in MS11-050, and correct autopwninfo 2012-10-06 01:45:40 -05:00
Rob Fuller 55474dd8bf add simple UAC checks to bypassuac 2012-10-06 00:59:54 -04:00
Rob Fuller b984d33996 add RunAs ask module 2012-10-06 00:51:44 -04:00
sinn3r 769fa3743e Explain why the user cannot modify the URIPATH 2012-10-05 17:24:06 -05:00
sinn3r 2aa59623d1 Merge branch 'ropdb_for_browsers' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-ropdb_for_browsers 2012-10-05 15:43:18 -05:00
sinn3r 21ea77ff8b Fix spaces 2012-10-05 15:40:37 -05:00
sinn3r 6342c270f4 Merge branch 'bypassuac_localport' of https://github.com/mubix/metasploit-framework into mubix-bypassuac_localport 2012-10-05 14:16:16 -05:00
sinn3r 33db3d9610 RopDb for ntr_activex_check_bof.rb 2012-10-05 14:09:59 -05:00
sinn3r f92843c96e RopDb for ie_execcommand_uaf.rb 2012-10-05 13:49:17 -05:00
sinn3r 9a53a49625 RopDb for vlc_amv.rb 2012-10-05 12:54:16 -05:00
sinn3r d9278d82f8 Adopt RopDb for msxml_get_definition_code_exec.rb 2012-10-05 12:20:41 -05:00
sinn3r 6fc8790dd7 Adopt RopDb for ms12_037_same_id.rb 2012-10-05 12:17:19 -05:00
sinn3r 1268614d54 Adopt RopDb for adobe_flash_mp4_cprt.rb 2012-10-05 11:15:53 -05:00
sinn3r 98931e339a Adopt RopDb for adobe_flash_rtmp.rb 2012-10-05 11:05:19 -05:00
sinn3r 631a06f3bb Adopt RopDb for adobe_flashplayer_flash10o.rb 2012-10-05 10:55:55 -05:00
Rob Fuller 0ae7756d26 fixed missing > on author 2012-10-05 11:13:40 -04:00
sinn3r bcc56cb7cc Merge branch 'bypassuac_localport' of https://github.com/mubix/metasploit-framework into mubix-bypassuac_localport 2012-10-05 01:05:30 -05:00
sinn3r 77438d2fc7 Make URI modification more obvious, and let the user know why 2012-10-04 17:52:04 -05:00
Rob Fuller 8520cbf218 fixes spotted by @jlee-r7 2012-10-04 17:34:35 -04:00
Tod Beardsley 4400cb94b5 Removing trailing spaces 2012-10-04 14:58:53 -05:00
kernelsmith 6ef87d1695 update info to reflect use of webdav
ms10_042_helpctr_xss_cmd_exec.rb doesn't tell you that it's going to
use webdav, and it's options dont' have the (Don't change) warning for
SRVPORT and URIPATH.  This update fixes all that
2012-10-04 14:09:53 -05:00
Rob Fuller 3f2fe8d5b4 port bypassuac from post module to local exploit 2012-10-04 14:31:23 -04:00
sinn3r fbc3709774 Change the title and regex a bit 2012-10-03 12:16:25 -05:00
jvazquez-r7 30846f4190 fix typo in comment 2012-10-03 16:06:00 +02:00
jvazquez-r7 24037ac79a Added module for CVE-2011-4051 2012-10-03 16:03:36 +02:00
sinn3r e36507fc05 Code cleanup and make msftidy happy 2012-10-02 12:00:23 -05:00
Spencer McIntyre 21e832ac1c add call to memory protect to fix DEP environments 2012-10-01 18:49:18 -04:00
Spencer McIntyre c93692b06d add a check to verify session is not already system for MS11-080 2012-09-27 08:36:13 -04:00
Spencer McIntyre 8648953747 added MS11-080 AFD JoinLeaf Windows Local Exploit 2012-09-26 11:01:30 -04:00
sinn3r 2db2c780d6 Additional changes
Updated get_target function, comment for original author, possible
bug in handling page redirection.
2012-09-24 17:38:19 -05:00
jvazquez-r7 2784a5ea2d added js obfuscation for heap spray 2012-09-24 21:28:34 +02:00
sinn3r 57b3aae9c0 Only JRE ROP is used 2012-09-24 10:21:02 -05:00
jvazquez-r7 d476ab75cc fix comment 2012-09-24 10:03:31 +02:00
jvazquez-r7 f3a64432e9 Added module for ZDI-12-170 2012-09-24 10:00:38 +02:00
sinn3r d3611c3f99 Correct the tab 2012-09-21 12:29:24 -05:00
sinn3r 25f4e3ee1f Update patch information for MS12-063 2012-09-21 12:28:41 -05:00
sinn3r 54b98b4175 Merge branch 'ntr_activex_check_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_check_bof 2012-09-20 16:43:20 -05:00
sinn3r 4ead0643a0 Correct target parameters 2012-09-20 16:41:54 -05:00
sinn3r 41449d8379 Merge branch 'ntr_activex_stopmodule' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_stopmodule 2012-09-20 16:33:12 -05:00
Tod Beardsley a5ffe7297f Touching up Kernelsmith's wording.
It is merely the ROP chain, not the vuln, that requires Java.
2012-09-20 14:52:52 -05:00
Tod Beardsley 883dc26d73 Merge remote branch 'kernelsmith/ie_execcommand_uaf_info' 2012-09-20 14:48:36 -05:00
jvazquez-r7 e98e3a1a28 added module for cve-2012-0266 2012-09-20 19:03:46 +02:00
jvazquez-r7 b61c8b85b8 Added module for CVE-2012-02672 2012-09-20 19:02:20 +02:00
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
kernelsmith f1a39c76ed update to ie_execcommand_uaf's info to add ROP info
This module requires the following dependencies on the target for the
ROP chain to function.  For WinXP SP3 with IE8, msvcrt must be present
(which it is on default installs).  For Vista/Win7 with IE8 or Win7
with IE9, ire 1.6.x or below must be installed.
2012-09-19 14:10:02 -05:00
Ramon de C Valle 11f82de098 Update author information 2012-09-19 14:00:51 -03:00
sinn3r cc8102434a CVE assigned for the IE '0day' 2012-09-18 16:13:27 -05:00