Commit Graph

39 Commits (eb6cff77bca72b396b67309d15fc747574126c69)

Author SHA1 Message Date
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
HD Moore 583dab62b2 Introduce and use OS matching constants 2014-05-28 14:35:22 -05:00
HD Moore 7e227581a7 Rework OS fingerprinting to match Recog changes
This commit changes how os_name and os_flavor are handled
for client-side exploits, matching recent changes to the
server-side exploits and scanner fingerprints.

This commit also updates the client-side fingerprinting to
take into account Windows 8.1 and IE 9, 10, and 11.
2014-04-01 08:14:58 -07:00
jvazquez-r7 7f9f4ba4db Make gsubs compliant with the new indentation standard 2013-12-31 11:06:53 -06:00
sinn3r 032da9be10
Land #2426 - make use of Msf::Config.data_directory 2013-10-21 13:07:33 -05:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
Meatballs 7ba846ca24 Find and replace 2013-09-26 20:34:48 +01:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
James Lee 2c12a43e77 Add a method for dealing with hardcoded URIs 2013-06-21 15:48:02 -05:00
sinn3r cae30bec23 Clean up all the whitespace found 2013-04-23 18:27:11 -05:00
Nathan Einwechter 89c0e8c27e Fix add_resource call in adobe_flas_mp5_cprt 2013-03-22 19:27:02 -04:00
sinn3r 1268614d54 Adopt RopDb for adobe_flash_mp4_cprt.rb 2012-10-05 11:15:53 -05:00
James Lee 1f577b24b2 Merge branch 'rapid7' into http-print-standardization 2012-04-18 08:51:42 -06:00
James Lee f9a48ace48 Switch to using :method, see previous commit 2012-04-17 18:48:14 -06:00
James Lee d0eb383655 Un-standardize printing in browser modules
This is now handled by the HttpServer mixin
2012-04-11 00:26:25 -06:00
James Lee 2de0c801d9 Add vulnerable version numbers to the description 2012-04-09 14:41:42 -06:00
James Lee 037fbf655e Standardize the print format for modules used by browser autopwn 2012-04-09 01:57:50 -06:00
James Lee 0547369966 Add bap support for flash mp4 and new java bug
Also fixes a silly issue where adobe_flash_mp4_cprt was adding the
/test.mp4 resource after every request instead of just once at startup.
2012-03-30 12:59:07 -06:00
Tod Beardsley e3f2610985 Msftidy run through on the easy stuff.
Still have some hits, but that requires a little more code contortion to
fix.
2012-03-15 17:06:20 -05:00
sinn3r 7d95132eab Use a cleaner way to calculate JRE ROP's NEG value 2012-03-11 17:27:47 -05:00
sinn3r 25a1552fbd Dynamic VirtualProtect dwSize. Change output style. 2012-03-11 13:49:46 -05:00
sinn3r 1d5bad469c Add Windows 7 SP1 target 2012-03-10 00:11:25 -06:00
sinn3r 1ae779157d Disable Nops so we don't get an ugly crash after getting a shell 2012-03-08 18:56:58 -06:00
Tod Beardsley 1e4d4a5ba0 Removing EncoderType from flash module
Also not very useful
2012-03-08 16:57:41 -06:00
Tod Beardsley 302a42a495 Fixing up print statements
Dropping the ROP prints since they're not all that useful.
2012-03-08 16:56:44 -06:00
Tod Beardsley 1396fc19bd Fixup bad merge on flash mp4 2012-03-08 16:52:53 -06:00
sinn3r cb04e47304 Attempt #2: there's no cli in get_payload 2012-03-08 16:47:49 -06:00
sinn3r 181fdb7365 A small title change 2012-03-08 16:10:16 -06:00
HD Moore eb847a3dfb Add a nicer prefix to the target selection message 2012-03-08 13:46:14 -06:00
sinn3r edb3f19c12 A little more padding for Win Vista target 2012-03-08 12:04:04 -06:00
HD Moore 86fc45810b Remove the resource during cleanup 2012-03-07 23:04:53 -06:00
HD Moore b4e0daf3ca Small tweaks to the adobe mp4 exploit 2012-03-07 22:53:47 -06:00
sinn3r 9ece7b08fc Add vendor's advisory as a reference 2012-03-08 00:46:34 -06:00
sinn3r 5f92bff697 Make sure no encoder will break the exploit again 2012-03-08 00:44:57 -06:00
sinn3r 2e94b97c82 Fix description 2012-03-07 23:59:51 -06:00
sinn3r 0550b77522 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-03-07 20:04:04 -06:00
sinn3r 3b4ed13aee Fix typo 2012-03-07 20:03:46 -06:00
Tod Beardsley 33460b6bf4 Fixups on the Adobe Flash exploit description
Massaged the lines about the phishing campagin use in the wild.
2012-03-07 19:37:49 -06:00
sinn3r c76f43c066 Add CVE-2012-0754: Adobe Flash Player MP4 cprt overflow 2012-03-07 19:24:00 -06:00