jvazquez-r7
582372ec3e
Do minor cleanup
2014-02-26 09:32:11 -06:00
jvazquez-r7
0531abb691
Land #3026 , @ribeirux DoS module for CVE-2014-0050
2014-02-26 08:53:55 -06:00
jvazquez-r7
449d0d63d1
Do small clean up
2014-02-26 08:52:51 -06:00
Michael Messner
b79197b8ab
feedback included, cleanup, login check
2014-02-26 13:44:36 +01:00
Fr330wn4g3
b81642d8ad
Update total_video_player_131_ini_bof
2014-02-26 11:37:04 +01:00
OJ
4b924659b2
Adjust project config
...
* Remove editbin usage for console apps
* Remove whole program optimisation
2014-02-26 17:14:14 +10:00
OJ
10829299f5
Add make support for command line builds
2014-02-26 16:40:54 +10:00
OJ
eb3da1ce87
Editbin and post build steps
2014-02-26 16:36:55 +10:00
OJ
712f47cb4e
Remove Palm configuration from bypassuac config
2014-02-26 16:07:22 +10:00
OJ
9159512a3d
Fix VS 2013 build, remove old files, rejig project config
...
This wasn't building cleanly for a few reasons with VS 2013 on my desktop.
This commit fixes this problems with the configuration and makes things fit
with the way we're now doing things (ie. output locations, etc).
Incremental builds are disabled as they were causing problems, but this isn't
a concern for a project as small as this.
2014-02-26 16:05:24 +10:00
William Vu
30fec1af01
Add new CONTRIBUTING.md
2014-02-25 22:11:20 -06:00
jvazquez-r7
75cac284f5
Land #3037 , @wchen-r7's rspec fix
2014-02-25 16:44:56 -06:00
sinn3r
8be99fc299
Fix payload_generator.format_payload rspec
...
The platform should match.
2014-02-25 16:37:21 -06:00
Fr330wn4g3
a7cacec0c3
Add module for EDB 29799
2014-02-25 23:07:28 +01:00
David Maloney
f229932d16
Merge branch 'master' of github.com:rapid7/metasploit-framework
2014-02-25 15:56:24 -06:00
David Maloney
f51cbfffb8
minor fix to payload generator
...
was passing platform string instead of the
platform lsit when formatting the payload
2014-02-25 15:51:06 -06:00
jvazquez-r7
96ffb1db47
Delete extra comma
2014-02-25 15:29:46 -06:00
jvazquez-r7
cb18639b66
Add small fixes and clean up
2014-02-25 15:25:01 -06:00
jvazquez-r7
1d4b2ea60d
Add module for ZDI-14-015
2014-02-25 15:07:09 -06:00
William Vu
63bbe7bef2
Land #3034 , 302 redirect for http_basic
2014-02-25 13:54:58 -06:00
William Vu
4cc91095de
Fix minor formatting issues
2014-02-25 13:48:37 -06:00
jvazquez-r7
a45c8c2b4a
Land #3029 , @xistence Symantec endpoint exploit
2014-02-25 07:59:35 -06:00
jvazquez-r7
bfe0fdb776
Move module
2014-02-25 07:58:00 -06:00
xistence
ab167baf56
Added randomness instead of payload and xxe keywords
2014-02-25 15:23:10 +07:00
jvazquez-r7
4908d80d6c
Clean up module
2014-02-24 16:00:54 -06:00
kn0
6783e31c67
Used the builtin send_redirect method in Msf::Exploit::Remote::HttpServer instead of creating a redirect inline
2014-02-24 15:59:49 -06:00
sinn3r
72da8299a5
Land #3025 - Auto LHOST for reverse shells
2014-02-24 15:53:43 -06:00
sinn3r
17f8cf900a
Add another condition to check if the payload name is a reverse shell
...
Only reverse shells need LHOST
2014-02-24 15:37:01 -06:00
sho-luv
47ae4b470a
added recommendations
2014-02-24 15:24:57 -06:00
ribeirux
ead7cbc692
Author and URI fixed
2014-02-24 22:20:34 +01:00
kn0
f1e71b709c
Added 301 Redirect option to Basic Auth module
2014-02-24 14:59:20 -06:00
William Vu
6f398f374e
Land #3032 , inside_workspace_boundary? typo fix
2014-02-24 14:55:09 -06:00
James Lee
d2945b55c1
Fix typo
...
inside_workspace_boundary() -> inside_workspace_boundary?()
2014-02-24 14:46:08 -06:00
jvazquez-r7
e4a0578813
Land #3031 , @wchen-r7's capitalization fix
2014-02-24 11:49:41 -06:00
sinn3r
a50b4e88be
Fix msftidy warning: Suspect capitalization in module title: 'encoder'
2014-02-24 11:25:46 -06:00
sinn3r
d0780cd1a2
Land #3010 - EXITFUNC as OptEnum
2014-02-24 11:07:10 -06:00
jvazquez-r7
c981bbeab9
Land #3011 , @wchen-r7's fix for Dexter exploit
2014-02-24 10:53:10 -06:00
jvazquez-r7
b2d4048f50
Land #3027 , @OJ's fix for ultraminihttp_bof
2014-02-24 10:50:08 -06:00
jvazquez-r7
c9f0885c54
Apply @jlee-r7's feedback
2014-02-24 10:49:13 -06:00
sinn3r
5cdd9a2ff3
Land #2995 - sqlmap minor cleanup, description & file tests
2014-02-24 10:39:01 -06:00
bcoles
a29c6cd2b4
Add SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write
2014-02-25 02:57:25 +10:30
Joe Vennix
c760d37703
use the actual shellcode length.
2014-02-24 09:55:44 -06:00
jvazquez-r7
9fd635d645
Favor \! vs == false
2014-02-24 08:47:25 -06:00
xistence
5485759353
Added Symantec Endpoint Protection Manager RCE
2014-02-24 15:04:37 +07:00
xistence
8e3f70851d
Added Symantec Endpoint Protection Manager RCE
2014-02-24 15:01:13 +07:00
David Maloney
2e512abd31
put new binaries in place
...
after cleaning up the source a bit and
updateing it for 2013, compiled new BINs.
These BINS avoid almost all current AV detections
and have been tested to ensure they still work.
2014-02-23 15:24:55 -06:00
OJ
fdd0d91817
Updated the Ultra Minit HTTP bof exploit
...
After exploiting this application manually I decided to make this
an MSF exploit, only to find that other people had beaten me to it.
However, the existing exploit was broken in a few ways, and this
commit makes those problems go away. They include:
* Correct use of alpha chars in the buffer leading up to the payload
which results in bad chars being avoided. Bad chars muck with the
offsets because they get expanded.
* Adjustment of the payload so that it runs in another thread instead
of in the thread of the request handler. This prevents the session
from being killed after the hard-coded 60-second timeout that is
baked into the application.
* The handler thread terminates itself so that the process doesn't
crash.
* Extra targets were added based on the machines I had access to.
2014-02-23 21:23:41 +10:00
Meatballs
2f7f344be3
Copy original sleep
2014-02-23 04:53:48 +00:00
Meatballs
7877589537
Delete correctly
2014-02-23 02:47:13 +00:00
Meatballs
6127ff92ce
Fix race condition
...
Wait for Sysprep to ExitProcess before cleaning up the DLLs...
2014-03-03 23:41:25 +00:00