infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
29,150 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

248 Commits (d1e8b160c7021529451cda3086ae03fa5ca012f1)

Author SHA1 Message Date
jvazquez-r7 7a2c9c4c0d
Land #4263, @jvennix-r7's OSX Mavericks root privilege escalation 
* Msf module for the Ian Beer exploit
 2014-11-30 21:13:07 -06:00
jvazquez-r7 7772da5e3f Change paths, add makefile and compile 2014-11-30 21:06:11 -06:00
Meatballs f5f32fac06
Add token fiddling from nishang 2014-11-28 23:02:59 +00:00
Meatballs 48a5123607
Merge remote-tracking branch 'upstream/master' into pr4233_powerdump 2014-11-27 20:08:11 +00:00
Joe Vennix 7a3fb12124
Add an OSX privilege escalation from Google's Project Zero. 2014-11-25 12:34:16 -06:00
Peter Marszalik 830af7f95e identified instances of tabs vs spaces in the original 
identified 16 instances in the original code where tab was used vs spaces. updated to keep consistent.
 2014-11-25 12:17:43 -06:00
Peter Marszalik 705bd42b41 tab to space change - line 296 2014-11-22 14:48:44 -06:00
Peter Marszalik 900aa9cd6b powerdump.ps1 bug - corrupt hash fix 
Fixed the bug where the hashes are not being extracted correctly when LM is disabled and history is enabled. 

Rather than relying on length, LM and NT headers are checked. Four bytes at 0xa0 show if LM exists and four bytes at 0xac show if NT exists. Details on this known issue can be found in the following whitepaper from blackhat:
https://media.blackhat.com/bh-us-12/Briefings/Reynolds/BH_US_12_Reynods_Stamp_Out_Hash_WP.pdf
 2014-11-18 23:10:57 -06:00
jvazquez-r7 c35dc2e6b3 Add module for CVE-2014-6352 2014-11-12 01:10:49 -06:00
sinn3r c2391bf011 Add an R in /Info for the trailer dictionary to make it readable 2014-11-05 22:28:37 -06:00
sinn3r 1b2554bc0d Add a default template for CVE-2010-1240 PDF exploit 2014-11-05 17:08:38 -06:00
jvazquez-r7 f43a6e9be0 Use PDWORD_PTR and DWORD_PTR 2014-10-31 17:35:50 -05:00
jvazquez-r7 8e547e27b3 Use correct types 2014-10-31 12:37:21 -05:00
jvazquez-r7 6574db5dbb Fix the 64 bits code 2014-10-30 17:01:59 -05:00
jvazquez-r7 03a84a1de3 Search the AccessToken 2014-10-30 12:17:03 -05:00
OJ 908094c3d3 Remove debug, treat warnings as errors 2014-10-28 09:04:02 +10:00
OJ 0a03b2dd48 Final code tidy 2014-10-28 08:59:33 +10:00
jvazquez-r7 042d29b1d6 Compile binaries in house 2014-10-27 12:18:33 -05:00
jvazquez-r7 4406972b46 Do version checking minor cleanup 2014-10-27 09:32:42 -05:00
jvazquez-r7 0aaebc7872 Make GetPtiCurrent USER32 independent 2014-10-26 18:51:02 -05:00
jvazquez-r7 34697a2240 Delete 'callback3' also from 32 bits version 2014-10-26 17:28:35 -05:00
Spencer McIntyre 7416c00416 Initial addition of x64 target for cve-2014-4113 2014-10-26 16:54:42 -04:00
jvazquez-r7 a75186d770 Add module for CVE-2014-4113 2014-10-23 18:51:30 -05:00
jvazquez-r7 bf8dce574a Add ppsx template 2014-10-16 17:55:22 -05:00
Joe Vennix 7793ed4fea
Add some common UXSS scripts. 2014-09-09 02:31:27 -05:00
sinn3r ce5d3b12e7
Land #3403 - MS13-097 Registry Symlink IE Sandbox Escape 2014-06-26 13:48:28 -05:00
jvazquez-r7 b8a2cf776b Do test 2014-06-03 09:52:01 -05:00
jvazquez-r7 05ed2340dc Use powershell 2014-06-03 09:29:04 -05:00
jvazquez-r7 f918bcc631 Use powershell instead of mshta 2014-06-03 09:01:56 -05:00
jvazquez-r7 1dbd36a3dd Check for the .NET dfsvc and use %windir% 2014-05-30 09:02:43 -05:00
jvazquez-r7 e145298c13 Add module for CVE-2014-0257 2014-05-29 11:45:19 -05:00
jvazquez-r7 6e122e683a Add module for CVE-2013-5045 2014-05-29 11:42:54 -05:00
jvazquez-r7 5fd732d24a Add module for CVE-2014-0515 2014-05-07 17:13:16 -05:00
sinn3r 6bfc9a8aa0
Land #3333 - Adobe Flash Player Integer Underflow Remote Code Execution 2014-05-05 10:39:26 -05:00
OJ 7e37939bf2
Land #3090 - Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) 2014-05-04 16:41:17 +10:00
jvazquez-r7 b4c7c5ed1f Add module for CVE-2014-0497 2014-05-03 20:04:46 -05:00
Meatballs 06c8082187
Use signed binary 2014-05-02 14:45:14 +01:00
jvazquez-r7 60e7e9f515 Add module for CVE-2013-5331 2014-04-27 10:40:46 -05:00
sinn3r 5c0664fb3b
Land #3292 - Mac OS X NFS Mount Privilege Escalation Exploit 2014-04-24 13:43:20 -05:00
Joe Vennix 143aede19c
Add osx nfs_mount module. 2014-04-23 02:32:42 -05:00
jvazquez-r7 acb12a8bef Beautify and fix both ruby an AS 2014-04-17 23:32:29 -05:00
jvazquez-r7 91d9f9ea7f Update from master 2014-04-17 15:32:49 -05:00
jvazquez-r7 749e141fc8 Do first clean up 2014-04-17 15:31:56 -05:00
jvazquez-r7 abd76c5000 Add module for CVE-2014-0322 2014-04-15 17:55:24 -05:00
Spencer McIntyre 85197dffe6 MS14-017 Word RTF listoverridecount memory corruption 2014-04-08 14:44:20 -04:00
OJ 409787346e
Bring build tools up to date, change some project settings 
This commit brings the source into line with the general format/settings
that are used in other exploits.
 2014-03-14 22:57:16 +10:00
Tod Beardsley 6309c4a193
Metasploit LLC transferred assets to Rapid7 
The license texts should reflect this.
 2014-03-13 09:47:52 -05:00
kyuzo 2a1e96165c Adding MS013-058 for Windows7 x86 2014-03-06 18:39:34 +00:00
Meatballs a87f604c98
Merge remote-tracking branch 'upstream/master' into mediawiki 2014-02-10 21:43:56 +00:00
jvazquez-r7 78e1683f2d Add binary compiled on vs2013 2014-02-10 13:52:27 -06:00