cc8ab9bcba
Support one line js payload
...
Add missing ';' in `run_cmd_source`
2014-05-05 18:57:15 +10:00
50fb9b247e
Restructure some of the exploit methods.
2014-02-19 02:31:22 -06:00
318ebdb4c8
Clean up // comments.
2014-02-17 15:34:42 -06:00
57449ac719
Adds working shellcode exec local exploit.
2014-02-17 15:31:45 -06:00
7af8fe9cd1
Catch exceptions in an XSS script and return the error.
2014-01-07 16:23:24 -06:00
fb1a038024
Update async API to actually be async in all cases.
...
This avoids zalgo. Also optionally checks the return value
of the compiled Function in XSS to allow you to use send()
or an explicit return, which is maybe more natural for
synchronous xss payloads.
2014-01-07 16:17:34 -06:00
9d3b86ecf4
Add explicit require for JSON, so msfpayload runs.
2014-01-05 14:58:18 -06:00
f2f68a61aa
Use shell primitives instead of resorting to
...
echo hacks.
2014-01-04 19:00:36 -06:00
b9c46cde47
Refactor runCmd, allow js exec.
...
* Updates exec payload to not touch disk
* Adds XSS module that uses hiddenWindow (to avoid X-Frame-Options)
2014-01-04 08:46:57 -06:00
a5ebdce262
Add exec payload. Cleans up a lot of code.
...
Adds some yardocs and whatnot.
2014-01-03 18:23:48 -06:00
8fd517f9ef
Fixes shell escaping errors with nested quotes in windows.
2014-01-03 16:14:28 -06:00
13464d0aae
Minor cleanup of firefox.rb.
2014-01-03 01:34:57 -06:00
7961b3eecd
Rework windows shell to use wscript.
2014-01-03 01:29:34 -06:00
06fb2139b0
Digging around to get shell_command_token to work.
2014-01-02 14:05:06 -06:00
1f9ac12dda
DRYs up firefox payloads.
2014-01-02 10:48:28 -06:00
Brendan Coles
Joe Vennix