infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
25,761 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

409 Commits (a523898909fccd560cfa1d0df59a312b7a3bdb7b)

Author SHA1 Message Date
Spencer McIntyre a523898909 Apply rubocop suggestions for ms_ndproxy 2014-08-04 11:49:01 -07:00
Spencer McIntyre 86e2377218 Switch ms_ndproxy to use the new WindowsKernel mixin 2014-08-04 11:49:01 -07:00
Spencer McIntyre 58d29167e8 Refactor MS11-080 to use the mixin and for style 2014-08-04 11:49:01 -07:00
Joshua Smith 6c2b8f54cf rubocop cleanup, long lines, etc 2014-08-03 23:19:08 -05:00
OJ 2b021e647d Minor tidies to conform to standards 2014-08-03 23:19:08 -05:00
OJ 31c51eeb63 Move error messages to `check` 2014-08-03 23:19:08 -05:00
OJ cbf15660bf Add some small fixes to the MQAC local exploit 
* Check for `INVALID_HANDLE_VALUE` when attempting to open the
  device, as this is what is returned when the device doesn't exist.
* Make sure that we only run the exploit against tartgets that we
  support directly to make sure we don't BSOD machines (such as what
  happens with SP1/SP2).
* Add a call to `check` in the exploit code.
 2014-08-03 23:19:08 -05:00
Meatballs 15c1ab64cd Quick rubocop 2014-07-31 23:11:00 +01:00
Meatballs d336c56b99
Merge remote-tracking branch 'upstream/master' into land_2551 2014-07-31 23:06:37 +01:00
Meatballs 53b66f3b4a Land #2075, Powershell Improvements 2014-07-31 00:49:39 +01:00
Spencer McIntyre 7f79e58e7f Lots and cleanups based on PR feed back 2014-07-22 14:45:00 -04:00
Spencer McIntyre 5d9c6bea9d Fix a typo and use the execute_shellcode function 2014-07-22 13:06:57 -04:00
Spencer McIntyre 12904edf83 Remove unnecessary target info and add url reference 2014-07-22 11:20:07 -04:00
Spencer McIntyre ca0dcf23b0 Add a simple check method for cve-2014-4971 2014-07-22 10:54:10 -04:00
Spencer McIntyre 6a545c2642 Clean up the mqac escalation module 2014-07-22 10:39:34 -04:00
Spencer McIntyre da4eb0e08f First commit of MQAC arbitrary write priv escalation 2014-07-22 10:04:12 -04:00
Meatballs b0a596b4a1
Update newer modules 2014-07-20 21:59:10 +01:00
Meatballs 474ee81807
Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-20 21:01:54 +01:00
William Vu 25f74b79b8
Land #3484, bad pack/unpack specifier fix 2014-07-16 14:52:23 -05:00
Meatballs 7583ed4950
Merge remote-tracking branch 'upstream/master' into pr2075 2014-07-16 20:34:34 +01:00
sinn3r 21f6e7bf6c Change description 2014-07-01 10:44:21 -05:00
HD Moore c9b6c05eab Fix improper use of host-endian or signed pack/unpack 
Note that there are some cases of host-endian left, these
are intentional because they operate on host-local memory
or services.

When in doubt, please use:

```
ri pack
```
 2014-06-30 02:50:10 -05:00
sinn3r ce5d3b12e7
Land #3403 - MS13-097 Registry Symlink IE Sandbox Escape 2014-06-26 13:48:28 -05:00
sinn3r 0b6f7e4483
Land #3404 - MS14-009 .NET Deployment Service IE Sandbox Escape 2014-06-26 11:45:47 -05:00
jvazquez-r7 a081beacc2 Use Gem::Version for string versions comparison 2014-06-20 09:44:29 -05:00
OJ 5879ca3340
Merge branch 'upstream/master' into meatballs x64_injection 2014-06-18 10:24:33 +10:00
HD Moore d5b32e31f8 Fix a typo where platform was 'windows' not 'win' 
This was reported by dracu on freenode
 2014-06-11 15:10:33 -05:00
jvazquez-r7 43699b1dfb Don't clean env variable before using it 2014-06-03 09:56:19 -05:00
jvazquez-r7 b8a2cf776b Do test 2014-06-03 09:52:01 -05:00
jvazquez-r7 05ed2340dc Use powershell 2014-06-03 09:29:04 -05:00
jvazquez-r7 f918bcc631 Use powershell instead of mshta 2014-06-03 09:01:56 -05:00
jvazquez-r7 9574a327f8 use the new check also in exploit() 2014-06-02 14:38:33 -05:00
jvazquez-r7 3c38c0d87c Dont be confident about string comparision 2014-06-02 14:37:29 -05:00
jvazquez-r7 d0241cf4c1 Add check method 2014-06-02 08:14:40 -05:00
jvazquez-r7 31af8ef07b Check .NET version 2014-06-01 20:58:08 -05:00
Meatballs 3c5fae3706
Use correct include 2014-06-01 11:51:06 +01:00
Meatballs 4801a7fca0
Allow x86->x64 injection 2014-06-01 11:50:13 +01:00
jvazquez-r7 3ae4a16717 Clean environment variables 2014-05-30 12:21:23 -05:00
jvazquez-r7 b99b577705 Clean environment variable 2014-05-30 12:20:00 -05:00
jvazquez-r7 b27a95c008 Delete unused code 2014-05-30 12:08:55 -05:00
jvazquez-r7 e215bd6e39 Delete unnecessary code and use get_env 2014-05-30 12:07:59 -05:00
jvazquez-r7 1dbd36a3dd Check for the .NET dfsvc and use %windir% 2014-05-30 09:02:43 -05:00
jvazquez-r7 ffbcbe8cc1 Use cmd_psh_payload 2014-05-29 18:12:18 -05:00
jvazquez-r7 03889ed31f Use cmd_psh_payload 2014-05-29 18:11:22 -05:00
jvazquez-r7 e145298c13 Add module for CVE-2014-0257 2014-05-29 11:45:19 -05:00
jvazquez-r7 6e122e683a Add module for CVE-2013-5045 2014-05-29 11:42:54 -05:00
Meatballs 52b182d212
Add a small note to bypassuac_injection concerning EXE::Custom 2014-05-19 22:00:35 +01:00
Meatballs b84379ab3b
Note about EXE::Custom 2014-05-19 22:00:09 +01:00
Tod Beardsley c97c827140
Adjust desc and ranking on ms13-053 
Since it's likely to crash winlogin.exe in the normal use case
(eventually), I've kicked this down to Average ranking.
 2014-05-05 13:46:19 -05:00
OJ 7e37939bf2
Land #3090 - Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) 2014-05-04 16:41:17 +10:00