Commit Graph

93 Commits (f584d5c1c55cc433d3d85b49096270e7eb237db5)

Author SHA1 Message Date
Brent Cook 2585c8c8b5
Land #7461, convert futex_requeue (towelroot) module to use targetting and core_loadlib 2017-01-11 13:24:25 -06:00
Tim 25a8283af3
fork early and use WfsDelay 2016-12-20 00:59:27 +08:00
Tim f1efa760df
more fixes 2016-12-20 00:52:11 +08:00
Tim 7ac3859393
convert futex_requeue module to use targetting and core_loadlib 2016-12-20 00:52:11 +08:00
Tim c2dc350378
better fix for session compatibility 2016-12-15 17:41:44 +08:00
Tim fe9972cc25
fork early and use WfsDelay 2016-12-13 17:02:23 +08:00
Tim 7b7deb0588
better library cleanup 2016-12-13 17:02:23 +08:00
Tim 96b01effa7
cleanup library after use 2016-12-13 17:02:23 +08:00
Tim 909773120c
typos 2016-12-13 17:02:23 +08:00
Tim ebf7ae0739
add CVE-2013-6282, put_user/get_user exploit for Android 2016-12-13 17:02:23 +08:00
OJ 1d617ae389
Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
Joshua J. Drake dbf66f27d5 Add a browser-based exploit module for CVE-2015-3864 2016-09-23 11:14:31 -05:00
Brent Cook b08d1ad8d8
Revert "Land #6812, remove broken OSVDB references"
This reverts commit 2b016e0216, reversing
changes made to 7b1d9596c7.
2016-07-15 12:00:31 -05:00
wchen-r7 816bc91e45 Resolve #6807, remove all OSVDB references.
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.

Resolve #6807
2016-04-23 12:32:34 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00
Brent Cook 44990e9721 Revert "change Metasploit4 class names"
This reverts commit 3da9535e22.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer 3da9535e22
change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
wchen-r7 51efb2daee
Land #6422, Add support for native target in Android webview exploit 2016-01-27 14:27:41 -06:00
William Vu 1b386fa7f1 Add targets to avoid ARCH_ALL payload confusion 2016-01-22 16:45:10 -06:00
joev 22a0d970da Don't delete the payload after running. 2016-01-07 02:26:01 -06:00
joev fb99c61089 Remove print_status statement. 2016-01-07 01:17:49 -06:00
joev 210f065427 Add a background option for the echo cmdstager. 2016-01-07 01:16:08 -06:00
joev 00dc6364b5 Add support for native target in addjsif exploit. 2016-01-03 01:07:36 -06:00
joev 0436375c6f Change require to module level. 2016-01-02 23:06:23 -06:00
joev 3a14620dba Update linemax to match max packet size. 2016-01-02 23:00:46 -06:00
joev d64048cd48 Rename to match gdb_server_exec module. 2016-01-02 22:45:27 -06:00
joev dcd36b74db Last mile polish and tweaks. 2016-01-02 22:41:38 -06:00
joev 22aae81006 Rename to exec_payload. 2016-01-02 14:13:54 -06:00
joev 6575f4fe4a Use the cmdstager mixin. 2016-01-02 14:09:56 -06:00
joev a88471dc8d Add ADB client and module for obtaining shell. 2016-01-02 01:13:53 -06:00
jvazquez-r7 4224008709
Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
sinn3r aca93cc86e Add missing Rank 2015-04-14 13:33:37 -05:00
Tod Beardsley e35f603888
Comma fascism 2015-02-12 12:49:45 -06:00
Tod Beardsley e78d08e20d
Fix up titles, descriptions 2015-02-12 12:11:40 -06:00
Brent Cook f99ef5c0f5 fix msftidy warnings about towelroot module 2015-02-11 11:17:44 -06:00
Brent Cook af405eeb7d
Land #4287, @timwr's exploit form CVS-2014-3153 2015-02-09 10:33:14 -06:00
Tim c959d42a29 minor tweak 2015-01-03 10:15:52 +00:00
Christian Mehlmauer 0f27c63720
fix msftidy warnings 2014-12-12 13:16:21 +01:00
Tim 5c50a07c0f futex_requeue 2014-12-01 03:49:22 +00:00
Joe Vennix a9cb6e0d2f
Add jduck as an author on samsung_knox_smdm_url 2014-11-19 10:18:08 -06:00
Tod Beardsley 39980c7e87
Fix up KNOX caps, descriptive description 2014-11-17 13:29:00 -06:00
Tod Beardsley 0f41bdc8b8
Add an OSVDB ref 2014-11-17 13:26:21 -06:00
Joe Vennix cd61975966
Change puts to vprint_debug. 2014-11-17 10:13:13 -06:00
Joe Vennix 2a24151fa8
Remove BAP target, payload is flaky. Add warning. 2014-11-17 02:02:37 -06:00
Joe Vennix 5de69ab6a6
minor syntax fixes. 2014-11-15 21:39:37 -06:00
Joe Vennix 3fb6ee4f7d
Remove dead constant. 2014-11-15 21:38:11 -06:00
Joe Vennix 7a62b71839
Some URL fixes from @jduck and exploit ideas from Andre Moulu.
The exploit works with the URLs fixed, installs the APK, but hangs at the Installing...
screen and never actually launches. We tried opening the APK in a setTimeout() intent
URI, but the previously launched intent seemed unresponsive. Andre had the bright
idea of re-opening the previously launched intent with invalid args, crashing it and
allow us to launch the payload.
2014-11-15 21:33:16 -06:00
Joe Vennix ea6d8860a1
Not root, just arbitrary permissions. 2014-11-12 21:51:55 -06:00