metasploit-framework/external/source
OJ defc0ebe5c
ppr_flatten_rec update, RDI submodule, and refactor
This commit contains a few changes for the ppr_flatten_rec local windows
exploit. First, the exploit binary itself:

* Updated to use the RDI submodule.
* Updated to build with VS2013.
* Updated to generate a binary called `ppr_flatten_rc.x86.dll`.
* Invocation of the exploit requires address of the payload to run.

Second, the module in MSF behaved a little strange. I expected it to create
a new session with system privs and leave the existing session alone. This
wasn't the case. It used to create an instance of notepad, migrate the
_existing_ session to it, and run the exploit from there. This behaviour
didn't seem to be consistent with other local exploits. The changes
include:

* Existing session is now left alone, only used as a proxy.
* New notepad instance has exploit reflectively loaded.
* New notepad instance has payload directly injected.
* Exploit invocation takes the payload address as a parameter.
* A wait is added as the exploit is slow to run (nature of the exploit).
* Payloads are executed on successful exploit.
2013-11-27 20:44:18 +10:00
..
DLLHijackAuditKit Add a revision 2010-08-25 15:13:06 +00:00
ReflectiveDLLInjection@88e8e5f109 Add RDI submodule, port Kitrap0d 2013-11-27 16:04:41 +10:00
byakugan Fix typo in license text 2013-01-07 23:29:49 -06:00
cmdstager/debug_asm big commit - lots of cmdstager changes 2010-05-26 22:39:56 +00:00
dllinject update comment 2008-05-26 10:27:22 +00:00
exploits ppr_flatten_rec update, RDI submodule, and refactor 2013-11-27 20:44:18 +10:00
ipwn Adds auto-execute support (hex edit the binary and change the # * 8192 to a list of commands, separated by newlines, ending with a NULL byte, keeping the same buffer size). 2007-10-23 23:22:27 +00:00
javapayload Remove javapayload source 2013-06-12 10:57:23 -05:00
meterpreter Remove meterpreter source 2013-06-11 16:42:30 -05:00
metsvc crossing fingers, big cr removal batch 2009-12-30 22:24:22 +00:00
msfJavaToolkit Add empty directories from svn repo. 2011-11-09 18:41:40 -06:00
osx Stop breaking tar on OS X, thanks 2009-12-10 22:25:29 +00:00
passivex Commit the PassiveX DLL updated to build with Visual Studio C++ 2008. Removed some compiler warnings. Use VirtualProtect to make second stage RWX. Use WSASocketA() over socket() for second stage compatibility. Seems to now work with the shell stage (Tested on XPSP2/IE7) but still not working with meterpreter. 2009-11-11 00:39:38 +00:00
pxesploit Adds scriptjunkie's multilingual admin fie for pxexploit 2011-12-23 12:24:45 -06:00
shellcode Merge branch 'master' of https://github.com/geyslan/metasploit-framework 2013-11-11 14:22:00 -03:00
tightvnc Adding TightVNC's java viewer to external/source. vnc.html works, it just needs to have the path set correctly. 2010-02-25 23:18:42 +00:00
unixasm Add BSD license to unixasm, thanks Ramon! 2012-09-04 15:02:00 -05:00
vncdll In with the modified VNC payload which now supports an in memory breakout of session isolation for systems like Vista/2008/7 when the payload is run from a service in session 0 isolation. 2010-03-24 00:00:05 +00:00
DLLHijackAuditKit.zip Remove the duplicate copy 2010-08-25 19:22:02 +00:00