Tod Beardsley
|
23c9c51014
|
Fixing CVE format on sit_file_upload.
|
2012-03-21 09:59:20 -05:00 |
Tod Beardsley
|
da963fc8b2
|
Adding OSVDB for dell_webcam_crazytalk.rb
|
2012-03-20 07:52:50 -05:00 |
Tod Beardsley
|
e325469f6e
|
Grammar fix for dell_webcam_crazytalk module
|
2012-03-20 07:43:02 -05:00 |
sinn3r
|
f4dac59894
|
Add Dell Webcam CrazyTalk component BackImage overflow exploit
|
2012-03-20 03:46:37 -05:00 |
sinn3r
|
cdd7a16603
|
Apply egypt's fix for "\n"
|
2012-03-19 10:19:10 -05:00 |
sinn3r
|
aeb691bbee
|
Massive whitespace cleanup
|
2012-03-18 00:07:27 -05:00 |
sinn3r
|
7c77fe20cc
|
Some variables don't need to be in a double-quote.
|
2012-03-17 20:37:42 -05:00 |
Tod Beardsley
|
e3f2610985
|
Msftidy run through on the easy stuff.
Still have some hits, but that requires a little more code contortion to
fix.
|
2012-03-15 17:06:20 -05:00 |
Tod Beardsley
|
9144c33345
|
MSFTidy check for capitalization in modules
And also fixes up a dozen or so failing modules.
|
2012-03-15 16:38:12 -05:00 |
sinn3r
|
5250b179c8
|
Add CVE and OSVDB ref
|
2012-03-15 04:40:27 -05:00 |
sinn3r
|
ecb1fda682
|
Add OSVDB-79651: NetDecision 4.5 HTTP Server Buffer Overflow
|
2012-03-14 05:13:22 -05:00 |
Jonathan Cran
|
1cf25e58d5
|
merge description change
|
2012-03-12 17:22:01 -05:00 |
sinn3r
|
7d95132eab
|
Use a cleaner way to calculate JRE ROP's NEG value
|
2012-03-11 17:27:47 -05:00 |
sinn3r
|
6c19466de8
|
Change output style
|
2012-03-11 13:59:18 -05:00 |
sinn3r
|
25a1552fbd
|
Dynamic VirtualProtect dwSize. Change output style.
|
2012-03-11 13:49:46 -05:00 |
sinn3r
|
b0e7c048c9
|
This module fits the GoodRanking description
|
2012-03-10 00:50:41 -06:00 |
sinn3r
|
1d5bad469c
|
Add Windows 7 SP1 target
|
2012-03-10 00:11:25 -06:00 |
sinn3r
|
1ae779157d
|
Disable Nops so we don't get an ugly crash after getting a shell
|
2012-03-08 18:56:58 -06:00 |
Tod Beardsley
|
1e4d4a5ba0
|
Removing EncoderType from flash module
Also not very useful
|
2012-03-08 16:57:41 -06:00 |
Tod Beardsley
|
302a42a495
|
Fixing up print statements
Dropping the ROP prints since they're not all that useful.
|
2012-03-08 16:56:44 -06:00 |
Tod Beardsley
|
1396fc19bd
|
Fixup bad merge on flash mp4
|
2012-03-08 16:52:53 -06:00 |
sinn3r
|
cb04e47304
|
Attempt #2: there's no cli in get_payload
|
2012-03-08 16:47:49 -06:00 |
sinn3r
|
3563fe1b36
|
The encoder "issue" was just a misconfig on my side. Also there's no cli in get_payload.
|
2012-03-08 16:41:32 -06:00 |
sinn3r
|
fee2e1eff9
|
Minor spray size change
|
2012-03-08 16:19:51 -06:00 |
HD Moore
|
12395c719f
|
Remove debugging code
|
2012-03-08 16:16:42 -06:00 |
HD Moore
|
87274987c1
|
Remove the now obsolete text about SWF_PLAYER
|
2012-03-08 16:16:13 -06:00 |
sinn3r
|
181fdb7365
|
A small title change
|
2012-03-08 16:10:16 -06:00 |
HD Moore
|
1271368b6f
|
Redirect to a trailing slash to make sure relative resources load
properly
|
2012-03-08 15:37:06 -06:00 |
HD Moore
|
b0db18674c
|
Test out new player code
|
2012-03-08 15:05:12 -06:00 |
HD Moore
|
eb847a3dfb
|
Add a nicer prefix to the target selection message
|
2012-03-08 13:46:14 -06:00 |
Tod Beardsley
|
5b566b43b4
|
Catching an update from @hdmoore-r7
wrt the nuclear option.
|
2012-03-08 12:08:39 -06:00 |
sinn3r
|
edb3f19c12
|
A little more padding for Win Vista target
|
2012-03-08 12:04:04 -06:00 |
Tod Beardsley
|
18962e1180
|
Checking in the new Flash exploit to the release
Using the checkout master directly:
git checkout master external/source/exploits/CVE-2012-0754/Exploit.as
git checkout master
modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb
|
2012-03-08 11:55:01 -06:00 |
HD Moore
|
86fc45810b
|
Remove the resource during cleanup
|
2012-03-07 23:04:53 -06:00 |
HD Moore
|
b4e0daf3ca
|
Small tweaks to the adobe mp4 exploit
|
2012-03-07 22:53:47 -06:00 |
James Lee
|
8d93e3ad44
|
Actually use the password we were given...
|
2012-03-08 10:17:39 -07:00 |
sinn3r
|
9ece7b08fc
|
Add vendor's advisory as a reference
|
2012-03-08 00:46:34 -06:00 |
sinn3r
|
5f92bff697
|
Make sure no encoder will break the exploit again
|
2012-03-08 00:44:57 -06:00 |
sinn3r
|
2e94b97c82
|
Fix description
|
2012-03-07 23:59:51 -06:00 |
Tod Beardsley
|
57376a976d
|
Fixes descriptions on new modules.
Fixing up grammar and removing some editorial verbiage.
|
2012-03-07 09:18:47 -06:00 |
sinn3r
|
0550b77522
|
Merge branch 'master' of github.com:rapid7/metasploit-framework
|
2012-03-07 20:04:04 -06:00 |
sinn3r
|
3b4ed13aee
|
Fix typo
|
2012-03-07 20:03:46 -06:00 |
Tod Beardsley
|
33460b6bf4
|
Fixups on the Adobe Flash exploit description
Massaged the lines about the phishing campagin use in the wild.
|
2012-03-07 19:37:49 -06:00 |
sinn3r
|
c76f43c066
|
Add CVE-2012-0754: Adobe Flash Player MP4 cprt overflow
|
2012-03-07 19:24:00 -06:00 |
Tod Beardsley
|
f97dc8dee7
|
Fix spelling of the IBM product iSeries
Was I-Series.
|
2012-03-07 15:24:15 -06:00 |
sinn3r
|
7dfba9c00d
|
Merge branch 'master' of github.com:rapid7/metasploit-framework
|
2012-03-07 14:51:39 -06:00 |
sinn3r
|
0ee7788028
|
Add a check to detect the vulnerable version of Sysax SSH
|
2012-03-07 14:51:21 -06:00 |
Tod Beardsley
|
ba2bf194fd
|
Fixes descriptions on new modules.
Fixing up grammar and removing some editorial verbiage.
|
2012-03-07 09:17:22 -06:00 |
James Lee
|
02ea38516f
|
Add a check method for tomcat_mgr_deploy
|
2012-03-06 23:22:44 -07:00 |
James Lee
|
2b9acb61ad
|
Clean up some incosistent verbosity
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
|
2012-03-06 12:01:20 -07:00 |