933ac88b44
Missing the file param that's needed to download the mp4
2013-06-14 13:13:48 -05:00
d91b412661
adobe_flash_sps.rb - resource_uri vs get_resource
...
resource_uri will randomize the returned uri unless
datastore['URIPATH"] is set.
get_resource will return the currently used reosurce_uri
Since the incorrect type is used, this exploit is completely broken.
Tested fix with both URIPATH set to / and unset, and it works after
redirect.
2013-06-11 07:13:02 +10:00
f6c88377f4
Fixes #362 by changing the exitfunction arguments to be the correct type
2012-05-07 02:41:08 -05:00
9cdd8912c5
Remove spurious cli.peerhost in output
2012-04-20 13:31:42 -06:00
e3f2610985
Msftidy run through on the easy stuff.
...
Still have some hits, but that requires a little more code contortion to
fix.
2012-03-15 17:06:20 -05:00
6c19466de8
Change output style
2012-03-11 13:59:18 -05:00
3563fe1b36
The encoder "issue" was just a misconfig on my side. Also there's no cli in get_payload.
2012-03-08 16:41:32 -06:00
fee2e1eff9
Minor spray size change
2012-03-08 16:19:51 -06:00
12395c719f
Remove debugging code
2012-03-08 16:16:42 -06:00
87274987c1
Remove the now obsolete text about SWF_PLAYER
2012-03-08 16:16:13 -06:00
1271368b6f
Redirect to a trailing slash to make sure relative resources load
...
properly
2012-03-08 15:37:06 -06:00
b0db18674c
Test out new player code
2012-03-08 15:05:12 -06:00
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
782fcb040d
add osvdb ref
2012-02-10 07:05:26 -06:00
5ea20a332b
Clearly I had the wrong disclosure date. This one is based on Adobe's security bulletin.
2012-02-10 00:13:39 -06:00
e5ea2961f5
Add CVE-2011-2140 Adobe Flash SequenceParameterSetNALUnit (mp4) bof
2012-02-10 00:10:28 -06:00
sinn3r
Ruslaideemin
HD Moore
James Lee
Tod Beardsley
sinn3r
Steve Tornio