Tod Beardsley
|
3d630de353
|
Replace with a real CVE number
|
2015-07-07 14:44:12 -05:00 |
wchen-r7
|
2cdaace42f
|
Land #5678, Land adobe_flash_hacking_team_uaf.r
|
2015-07-07 12:34:59 -05:00 |
jvazquez-r7
|
d9aacf2d41
|
Add module for hacking team flash exploit
|
2015-07-07 11:19:48 -05:00 |
Mo Sadek
|
9e2e64bba1
|
Land #5644, Windows 10 Detection for os.js
|
2015-07-06 16:19:06 -05:00 |
Spencer McIntyre
|
2a89e248d7
|
Pymet fix send uuid logic for Python 3.x
|
2015-07-06 11:20:34 -04:00 |
joev
|
c993c70006
|
Remove sleep(), clean up WritableDir usage.
|
2015-07-05 18:59:00 -05:00 |
|
joev
|
a8b56bb44a
|
Oops, need to include the binary files.
|
2015-07-05 18:24:45 -05:00 |
|
Spencer McIntyre
|
841fbddfc6
|
Pymet fix packet polling interval
|
2015-07-02 11:51:53 -04:00 |
|
Spencer McIntyre
|
0af397217c
|
Merge pymet transport feature into fresh branch
|
2015-07-02 08:43:13 -04:00 |
|
Spencer McIntyre
|
6ab7c314de
|
Pymet fix reverse_tcp transport for IPv6 addresses
|
2015-07-02 08:33:11 -04:00 |
|
Spencer McIntyre
|
dbe239bc75
|
Pymet fix transport next and prev for one transport
|
2015-07-02 08:23:02 -04:00 |
|
wchen-r7
|
482247771d
|
Add a fingerprint for Windows 10 + IE11
|
2015-07-01 18:06:25 -05:00 |
|
wchen-r7
|
cd688437ac
|
Add support for Windows 10 for os.js
Resolves #4248
|
2015-07-01 15:02:22 -05:00 |
|
Spencer McIntyre
|
b1b21c4bef
|
Pymet fixes for Python 3.x
|
2015-07-01 14:32:12 -04:00 |
|
jvazquez-r7
|
1de94a6865
|
Add module for CVE-2015-3113
|
2015-07-01 13:13:57 -05:00 |
|
Spencer McIntyre
|
2a891c50eb
|
Pymet transport stabilty and correction
|
2015-07-01 11:12:30 -04:00 |
|
Spencer McIntyre
|
4b5b7c8a27
|
Pymet support for core_transport_remove
|
2015-06-30 15:46:33 -04:00 |
|
Spencer McIntyre
|
6a45e19636
|
Pymet fix bind and tcp socket cleanup logic
|
2015-06-30 15:25:23 -04:00 |
|
Spencer McIntyre
|
3d49781230
|
Pymet support for core_transport_sleep
|
2015-06-29 18:34:35 -04:00 |
|
Spencer McIntyre
|
9a8ffacfd1
|
Pymet transport changing improvements
|
2015-06-29 14:00:07 -04:00 |
|
Spencer McIntyre
|
00742ea924
|
Pymet cleaner transport switching with responses
|
2015-06-28 13:16:00 -04:00 |
|
Spencer McIntyre
|
f6fa462bdc
|
Pymet support for changing transports
|
2015-06-27 20:57:45 -04:00 |
|
Spencer McIntyre
|
175d9cdcb1
|
Pymet support for creating and listing transports
|
2015-06-26 16:52:55 -04:00 |
|
Spencer McIntyre
|
79185e91c6
|
Refactor the pymet to use transport objects
|
2015-06-26 14:56:31 -04:00 |
|
Spencer McIntyre
|
7aae9b210e
|
Add pymet support for core_enumextcmd
|
2015-06-26 11:32:51 -04:00 |
|
jvazquez-r7
|
ee0377ca16
|
Add module for CVE-2015-3105
|
2015-06-25 13:35:01 -05:00 |
OJ
|
ae41f2bfa0
|
Update exploit binaries for ms15-051
|
2015-06-25 09:33:15 +10:00 |
Brent Cook
|
e75287875b
|
hack android-specific commands back to life
|
2015-06-22 20:41:58 -05:00 |
|
OJ
|
3686accadd
|
Merge branch 'upstream/master' into cve-2015-1701
|
2015-06-22 07:52:17 +10:00 |
|
jvazquez-r7
|
04901baab8
|
Land #5572 @todb-r7's adds snowden's password to unix_passwords.txt
|
2015-06-19 17:01:22 -05:00 |
|
Tod Beardsley
|
b580f93c22
|
New password from Snowden
|
2015-06-19 15:37:48 -05:00 |
|
jvazquez-r7
|
d116f1efd5
|
Land #5566, @wchen-r7 fixes #5565 modifying os.js
|
2015-06-19 11:07:00 -05:00 |
|
wchen-r7
|
308cad8c40
|
Fix #5565, Fix os.js service pack detection
Fix #5565
|
2015-06-18 18:51:16 -05:00 |
|
jvazquez-r7
|
de1542e589
|
Add module for CVE-2015-3090
|
2015-06-18 12:36:14 -05:00 |
|
wchen-r7
|
17b8ddc68a
|
Land #5524, adobe_flash_pixel_bender_bof in flash renderer
|
2015-06-15 02:42:16 -05:00 |
|
jvazquez-r7
|
72672fc8f7
|
Delete debug
|
2015-06-11 17:39:36 -05:00 |
|
jvazquez-r7
|
8ed13b1d1b
|
Add linux support for CVE-2014-0515
|
2015-06-11 16:18:50 -05:00 |
|
wchen-r7
|
ae21b0c260
|
Land #5523, adobe_flash_domain_memory_uaf in the flash renderer
|
2015-06-10 16:59:19 -05:00 |
|
wchen-r7
|
4c5b1fbcef
|
Land #5522, adobe_flash_worker_byte_array_uaf in the flash renderer
|
2015-06-10 14:49:41 -05:00 |
|
jvazquez-r7
|
7527aa4f34
|
Disable debug
|
2015-06-10 14:07:18 -05:00 |
|
jvazquez-r7
|
6c7ee10520
|
Update to use the new flash Exploiter
|
2015-06-10 13:52:43 -05:00 |
|
jvazquez-r7
|
7fba64ed14
|
Allow more search space
|
2015-06-10 12:26:53 -05:00 |
|
jvazquez-r7
|
ecbddc6ef8
|
Play with memory al little bit better
|
2015-06-10 11:54:57 -05:00 |
|
wchen-r7
|
d622c782ef
|
Land #5519, adobe_flash_uncompress_zlib_uninitialized in the flash renderer
|
2015-06-10 11:52:47 -05:00 |
|
jvazquez-r7
|
2b4fe96cfd
|
Tweak Heap Spray
|
2015-06-10 10:56:24 -05:00 |
|
jvazquez-r7
|
a6fe383852
|
Use AS Exploiter
|
2015-06-10 09:32:52 -05:00 |
|
jvazquez-r7
|
e5d6c9a3cb
|
Make last code cleanup
|
2015-06-09 16:01:57 -05:00 |
|
jvazquez-r7
|
cf8c6b510b
|
Debug version working
|
2015-06-09 15:46:21 -05:00 |
|
jvazquez-r7
|
39851d277d
|
Unset debug flag
|
2015-06-09 11:36:09 -05:00 |
|
jvazquez-r7
|
b7f0fad72f
|
Modify CVE-2014-0569 to use the flash exploitation code
|
2015-06-09 11:31:39 -05:00 |
|
Tod Beardsley
|
f29b38b602
|
Add the top 20 keyboard patterns as passwords
See https://wpengine.com/unmasked/ for lots more, but this
covers the gif at
https://wpengine.com/unmasked/assets/images/commonkeyboardpatterns.gif
|
2015-06-05 16:46:08 -05:00 |
|
OJ
|
b291d41b76
|
Quick hack to remove hard-coded offsets
|
2015-06-05 13:19:41 +10:00 |
|
jvazquez-r7
|
02181addc5
|
Update CVE-2014-0556
|
2015-06-04 18:23:50 -05:00 |
|
wchen-r7
|
23df66bf3a
|
Land #5481, no powershell. exec shellcode from the renderer process.
|
2015-06-04 15:45:09 -05:00 |
|
jvazquez-r7
|
ab68d8429b
|
Add more targets
|
2015-06-04 12:11:53 -05:00 |
|
jvazquez-r7
|
80cb70cacf
|
Add support for Windows 8.1/Firefox
|
2015-06-03 22:46:04 -05:00 |
|
jvazquez-r7
|
74117a7a52
|
Allow to execute payload from the flash renderer
|
2015-06-03 16:33:41 -05:00 |
|
OJ
|
455a3b6b9d
|
Add butchered version of CVE-2015-1701
|
2015-06-03 21:48:23 +10:00 |
|
Brent Cook
|
64e86165ef
|
remove android meterpreter bins, update to payloads 1.0.2
This switches us to using the Android payload files from the
metasploit-payloads gem
|
2015-06-01 09:14:31 -05:00 |
|
Brent Cook
|
7d5af66fa0
|
Merge branch 'master' into land-5367-uuid-stagers
|
2015-05-29 13:00:35 -05:00 |
|
wchen-r7
|
737559bcbb
|
Land #5180, VBA Powershell for Office Macro
|
2015-05-28 19:55:27 -05:00 |
|
jvazquez-r7
|
e9714bfc82
|
Solve conflics
|
2015-05-27 23:22:00 -05:00 |
|
wchen-r7
|
e749733eb6
|
Land #5419, Fix Base64 decoding on ActionScript
|
2015-05-27 23:13:51 -05:00 |
|
jvazquez-r7
|
e5d42850c1
|
Add support for Linux to CVE-2015-0336
|
2015-05-27 17:05:10 -05:00 |
|
jvazquez-r7
|
801deeaddf
|
Fix CVE-2015-0336
|
2015-05-27 15:42:06 -05:00 |
|
jvazquez-r7
|
bd1bdf22b5
|
Fix CVE-2015-0359
|
2015-05-26 17:27:20 -05:00 |
|
jvazquez-r7
|
19c7445d9d
|
Fix CVE-2015-0336
|
2015-05-26 17:20:49 -05:00 |
|
jvazquez-r7
|
23d244b1fa
|
Fix CVE-2015-0313
|
2015-05-26 16:11:44 -05:00 |
|
jvazquez-r7
|
5c8c5aef37
|
Fix CVE-2014-8440
|
2015-05-26 16:05:08 -05:00 |
|
jvazquez-r7
|
d78d04e070
|
Fix CVE-2014-0569
|
2015-05-26 15:49:22 -05:00 |
|
jvazquez-r7
|
e0a1fa4ef6
|
Fix indentation
|
2015-05-26 15:38:56 -05:00 |
|
jvazquez-r7
|
1742876757
|
Fix CVE-2014-0556
|
2015-05-26 15:30:39 -05:00 |
|
jvazquez-r7
|
3e122fe87c
|
Fix b64 decoding
|
2015-05-26 15:15:33 -05:00 |
|
jvazquez-r7
|
29ccc8367b
|
Add More messages
|
2015-05-26 14:47:47 -05:00 |
|
jvazquez-r7
|
1bf1c37cfa
|
Add exception handling
|
2015-05-26 14:31:07 -05:00 |
|
jvazquez-r7
|
fb8a927941
|
Hardcode params
|
2015-05-26 14:20:43 -05:00 |
|
jvazquez-r7
|
f119da94ca
|
Add one more message
|
2015-05-26 14:14:38 -05:00 |
|
jvazquez-r7
|
15533fabe6
|
Log messages
|
2015-05-26 14:08:24 -05:00 |
|
jvazquez-r7
|
91357ee45b
|
Improve reliability
|
2015-05-26 13:47:33 -05:00 |
|
OJ
|
9e50114082
|
Merge branch 'upstream/master' into uuid-stagers
|
2015-05-25 11:22:35 +10:00 |
|
OJ
|
1c73c190fc
|
Add machine_id support to windows php meterp
|
2015-05-22 14:55:29 +10:00 |
|
jvazquez-r7
|
f35d7a85d3
|
Adjust numbers
|
2015-05-21 15:56:11 -05:00 |
|
jvazquez-r7
|
80d4f3cfb0
|
Update swf
|
2015-05-21 14:55:00 -05:00 |
|
jvazquez-r7
|
8d6cbf0568
|
Make adobe_flash_uncompress_zlib_af multiplatform
|
2015-05-20 18:57:37 -05:00 |
benpturner
|
c0b995cc97
|
new changes
|
2015-05-19 16:18:06 +01:00 |
|
benpturner
|
b513304756
|
new changes
|
2015-05-19 15:47:30 +01:00 |
|
benpturner
|
0cda746bfb
|
Updated size
|
2015-05-19 14:08:59 +01:00 |
|
benpturner
|
811c45ab90
|
new
|
2015-05-19 14:06:41 +01:00 |
|
OJ
|
24526c2ef9
|
Removed unused data files
|
2015-05-18 21:46:05 +10:00 |
|
OJ
|
9296a024e2
|
PHP meterpreter refactoring in prep for uuid work
|
2015-05-18 17:40:48 +10:00 |
|
OJ
|
0d56b3ee66
|
Stage UUIDs, generation options, php and python meterp uuid
|
2015-05-18 13:29:46 +10:00 |
|
Brent Cook
|
5cf6d28c34
|
Land #5426, use RAW for TLV hash binary data
|
2015-05-15 11:54:45 -05:00 |
|
wchen-r7
|
25099dd877
|
Land #5212, HTA Powershell template
|
2015-05-15 11:49:07 -05:00 |
|
wchen-r7
|
3bc3614be6
|
Do a check for powershell.exe before running it.
|
2015-05-15 11:48:21 -05:00 |
|
Brent Cook
|
c614f6059d
|
Merge branch 'master' into land-5326-
|
2015-05-15 11:29:54 -05:00 |
|
benpturner
|
d4798a2500
|
Fix spacinG
|
2015-05-11 09:04:03 +01:00 |
|
benpturner
|
c916021fc5
|
SSL Support for Powershell Payloads
|
2015-05-10 21:45:59 +01:00 |
Tim
|
d3ba84b378
|
Add TLV_TYPE_FILE_HASH
|
2015-05-10 14:18:16 +01:00 |
|
jvazquez-r7
|
c103779eab
|
Land #5080, @bcook-r7's 'ls' and 'download' meterpreter improvements
|
2015-05-08 18:02:16 -05:00 |
William Vu
|
71518ef613
|
Land #5303, metasploit-payloads Java binaries
|
2015-05-07 22:39:54 -05:00 |
