infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
25,369 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

360 Commits (b55f425ec0d332796edf9df2f0b133d9c38fcb22)

Author SHA1 Message Date
Jay Smith b55f425ec0
Merge in changes from @todb-r7. 2014-08-14 17:22:07 -04:00
Jay Smith 042278ed6a
Update code to reflect @OJ code suggestions 2014-07-23 11:01:43 -04:00
Jay Smith 534a5d964b
Add CVE-2014-4971 BthPan local privilege escalation 
Add CVE-2014-4971 BthPan local privilege escalation for Windows XP SP3
 2014-07-22 18:17:06 -04:00
sinn3r 21f6e7bf6c Change description 2014-07-01 10:44:21 -05:00
sinn3r ce5d3b12e7
Land #3403 - MS13-097 Registry Symlink IE Sandbox Escape 2014-06-26 13:48:28 -05:00
sinn3r 0b6f7e4483
Land #3404 - MS14-009 .NET Deployment Service IE Sandbox Escape 2014-06-26 11:45:47 -05:00
jvazquez-r7 a081beacc2 Use Gem::Version for string versions comparison 2014-06-20 09:44:29 -05:00
OJ 5879ca3340
Merge branch 'upstream/master' into meatballs x64_injection 2014-06-18 10:24:33 +10:00
HD Moore d5b32e31f8 Fix a typo where platform was 'windows' not 'win' 
This was reported by dracu on freenode
 2014-06-11 15:10:33 -05:00
jvazquez-r7 43699b1dfb Don't clean env variable before using it 2014-06-03 09:56:19 -05:00
jvazquez-r7 b8a2cf776b Do test 2014-06-03 09:52:01 -05:00
jvazquez-r7 05ed2340dc Use powershell 2014-06-03 09:29:04 -05:00
jvazquez-r7 f918bcc631 Use powershell instead of mshta 2014-06-03 09:01:56 -05:00
jvazquez-r7 9574a327f8 use the new check also in exploit() 2014-06-02 14:38:33 -05:00
jvazquez-r7 3c38c0d87c Dont be confident about string comparision 2014-06-02 14:37:29 -05:00
jvazquez-r7 d0241cf4c1 Add check method 2014-06-02 08:14:40 -05:00
jvazquez-r7 31af8ef07b Check .NET version 2014-06-01 20:58:08 -05:00
Meatballs 3c5fae3706
Use correct include 2014-06-01 11:51:06 +01:00
Meatballs 4801a7fca0
Allow x86->x64 injection 2014-06-01 11:50:13 +01:00
jvazquez-r7 3ae4a16717 Clean environment variables 2014-05-30 12:21:23 -05:00
jvazquez-r7 b99b577705 Clean environment variable 2014-05-30 12:20:00 -05:00
jvazquez-r7 b27a95c008 Delete unused code 2014-05-30 12:08:55 -05:00
jvazquez-r7 e215bd6e39 Delete unnecessary code and use get_env 2014-05-30 12:07:59 -05:00
jvazquez-r7 1dbd36a3dd Check for the .NET dfsvc and use %windir% 2014-05-30 09:02:43 -05:00
jvazquez-r7 ffbcbe8cc1 Use cmd_psh_payload 2014-05-29 18:12:18 -05:00
jvazquez-r7 03889ed31f Use cmd_psh_payload 2014-05-29 18:11:22 -05:00
jvazquez-r7 e145298c13 Add module for CVE-2014-0257 2014-05-29 11:45:19 -05:00
jvazquez-r7 6e122e683a Add module for CVE-2013-5045 2014-05-29 11:42:54 -05:00
Meatballs 52b182d212
Add a small note to bypassuac_injection concerning EXE::Custom 2014-05-19 22:00:35 +01:00
Meatballs b84379ab3b
Note about EXE::Custom 2014-05-19 22:00:09 +01:00
Tod Beardsley c97c827140
Adjust desc and ranking on ms13-053 
Since it's likely to crash winlogin.exe in the normal use case
(eventually), I've kicked this down to Average ranking.
 2014-05-05 13:46:19 -05:00
OJ 7e37939bf2
Land #3090 - Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) 2014-05-04 16:41:17 +10:00
Meatballs 56c5eac823
Message correction 2014-05-02 14:18:18 +01:00
Meatballs 69915c0de5
Message correction 2014-05-02 14:17:27 +01:00
William Vu 8b138b2d37
Fix unquoted path in cleanup script 2014-04-30 16:34:33 -05:00
kaospunk 6b740b727b Changes PATH to proper case 
This changes PATH to Path
 2014-04-30 17:26:36 -04:00
kaospunk fdc81b198f Adds the ability to specify path 
This update allows an explicit path to be set rather
than purely relying on the TEMP environment variable.
 2014-04-30 16:08:48 -04:00
Tod Beardsley 062175128b
Update @Meatballs and @FireFart in authors.rb 2014-04-09 10:46:10 -05:00
sinn3r d7ca537a41 Microsoft module name changes 
So after making changes for MSIE modules (see #3161), I decided to
take a look at all MS modules, and then I ended up changing all of
them. Reason is the same: if you list modules in an ordered list
, this is a little bit easier to see for your eyes.
 2014-03-28 20:56:53 -05:00
OJ 409787346e
Bring build tools up to date, change some project settings 
This commit brings the source into line with the general format/settings
that are used in other exploits.
 2014-03-14 22:57:16 +10:00
kyuzo 41720428e4 Refactoring exploit and adding build files for dll. 2014-03-12 10:25:52 +00:00
OJ 3ea3968d88
Merge branch 'upstream/master' into stop_abusing_expand_path 
Conflicts:
	lib/msf/core/post/windows/shadowcopy.rb
	modules/exploits/windows/local/bypassuac.rb
	modules/post/windows/gather/wmic_command.rb
	modules/post/windows/manage/persistence.rb
 2014-03-11 23:13:39 +10:00
kyuzo 257c121c75 Adding MS013-058 for Windows7 x86 2014-03-06 20:34:01 +00:00
kyuzo 2a1e96165c Adding MS013-058 for Windows7 x86 2014-03-06 18:39:34 +00:00
OJ a1aef92652
Land #2431 - In-memory bypass uac 2014-03-05 11:15:54 +10:00
Meatballs 32d83887d3
Merge remote-tracking branch 'upstream/master' into wmic_post 2014-03-03 21:56:31 +00:00
David Maloney b952b103bd
cleanup tior and .tmp files 
bypassuac module now also cleans
the tior.exe and all the .tmp files so we have a
clean environemnt afterwards
 2014-02-27 13:18:34 -06:00
David Maloney f66709b5bb
make bypassuac module clean itself up 
since the IO redirection hangs our original process
we have the moudle wait for the session then kills
the spawning process and delete the exe we dropped
 2014-02-27 12:54:40 -06:00
David Maloney a8e0c3c255
remove copypasta mistake 2014-02-27 10:05:53 -06:00
David Maloney 96b611104e cleanup methods in bypassuac module 
apply the same sort of method cleanup as in
Meatballs injection based module.
 2014-02-26 11:00:55 -06:00