Commit Graph

10 Commits (ed3c5f06eb3ea16108b9e110779c62b7c769ee11)

Author SHA1 Message Date
sinn3r cc951e3412 Modifies the exploit a little for better stability
This patch makes sure the LFH is enabled before the CGenericElement
object is created.  Triggers is also modified a little.
2013-06-02 03:02:42 -05:00
sinn3r e1111928c2 Adds patch info for ie_cgenericelement_uaf
This one is MS13-038
2013-05-14 14:55:02 -05:00
sinn3r 7fcf20201b Ranking should be the same (to GoodRanking) 2013-05-11 09:19:25 -05:00
sinn3r 9043eeda66 A slight change for stability
While updating ie_cgenericelement_uaf earlier today, I noticed the
changes made it a tiny bit less stable. Juan's test log in #1809
also kinda shows that (with the first attempt failing), so I decided
to go back and move the string crafting part, that way between
CollectGarbage() and the overwrite, there is less noise, and hopefully
more stable.  I did a few tests, seems better.
2013-05-08 20:02:55 -05:00
sinn3r 9a1400a75b Forgot to remove this print_warning 2013-05-08 15:44:04 -05:00
sinn3r 075f6e8d45 Updates ROP chain and mstime_malloc usage 2013-05-08 15:42:45 -05:00
sinn3r c7609ac7d1 Initial update 2013-05-08 14:24:52 -05:00
Tod Beardsley 8239998ada Typo on URL for #1797. Thx @Meatballs1 2013-05-05 12:26:06 -05:00
Tod Beardsley c9ea7e250e Fix disclosure date, ref for #1897 2013-05-05 12:13:02 -05:00
sinn3r a33510e821 Add MS IE8 DoL 0day exploit (CVE-2013-1347)
This module exploits a use-after-free vuln in IE 8, used in the
Department of Labor attack.
2013-05-05 12:04:17 -05:00