metasploit-framework/data/exploits
Brent Cook 4c2772a5fc
Land #10994, Added exploit for CVE-2018-18955
2018-11-27 14:27:50 -08:00
..
CVE-2008-6508 Permissions. 2012-06-28 11:42:37 -05:00
CVE-2010-0232 Remove genericity, x64 and renamed stuff 2013-11-14 12:22:53 +10:00
CVE-2010-0842 Fix my screwup in winscp for servicename 2012-02-21 20:31:52 -06:00
CVE-2010-1240 Add an R in /Info for the trailer dictionary to make it readable 2014-11-05 22:28:37 -06:00
CVE-2011-2882 Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2011-3400 Permissions 2012-06-12 15:20:25 -05:00
CVE-2012-0013 Permissions 2012-06-12 15:20:25 -05:00
CVE-2012-1535 Add Main.swf from 593363c 2013-07-29 21:53:40 -05:00
CVE-2012-2516 added chm templates 2012-10-10 19:21:47 +02:00
CVE-2012-4681 changed dir names according to CVE 2012-08-28 16:33:01 +02:00
CVE-2012-6636 Land #10851, add ndkstager to data/exploits 2018-10-23 14:48:43 -07:00
CVE-2013-0109 Final changes before PR 2013-12-15 01:12:49 +00:00
CVE-2013-0634 Beautify and fix both ruby an AS 2014-04-17 23:32:29 -05:00
CVE-2013-2465 Change directory names 2013-08-15 22:52:42 -05:00
CVE-2013-3906 Initial commit of CVE-2013-3906 2013-11-19 23:10:32 -06:00
CVE-2013-5045 Use powershell instead of mshta 2014-06-03 09:01:56 -05:00
CVE-2013-5331 Add module for CVE-2013-5331 2014-04-27 10:40:46 -05:00
CVE-2014-0038 Land #10092, Cleanup linux/local/recvmmsg_priv_esc 2018-06-04 15:37:57 -07:00
CVE-2014-0257 Do test 2014-06-03 09:52:01 -05:00
CVE-2014-0322 Add module for CVE-2014-0322 2014-04-15 17:55:24 -05:00
CVE-2014-0497 Add module for CVE-2014-0497 2014-05-03 20:04:46 -05:00
CVE-2014-0515 Delete debug 2015-06-11 17:39:36 -05:00
CVE-2014-0556 Update CVE-2014-0556 2015-06-04 18:23:50 -05:00
CVE-2014-0569 Unset debug flag 2015-06-09 11:36:09 -05:00
CVE-2014-4113 Use PDWORD_PTR and DWORD_PTR 2014-10-31 17:35:50 -05:00
CVE-2014-4114/template Add ppsx template 2014-10-16 17:55:22 -05:00
CVE-2014-4404 Change paths, add makefile and compile 2014-11-30 21:06:11 -06:00
CVE-2014-6352/template_run_as_admin Add module for CVE-2014-6352 2014-11-12 01:10:49 -06:00
CVE-2014-8440 Make last code cleanup 2015-06-09 16:01:57 -05:00
CVE-2015-0016 Update DLL 2015-08-26 15:15:32 -05:00
CVE-2015-0311 Add more targets 2015-06-04 12:11:53 -05:00
CVE-2015-0313 Allow more search space 2015-06-10 12:26:53 -05:00
CVE-2015-0318 This seems to work 2015-03-13 04:43:06 -05:00
CVE-2015-0336 Add support for Windows 8.1/Firefox 2015-06-03 22:46:04 -05:00
CVE-2015-0359 Disable debug 2015-06-10 14:07:18 -05:00
CVE-2015-1130 Add Rootpipe exploit 2015-04-10 11:22:00 -05:00
CVE-2015-1328 revamped 2016-10-15 20:57:31 -04:00
CVE-2015-1701 Update exploit binaries for ms15-051 2015-06-25 09:33:15 +10:00
CVE-2015-2426 Clean template code 2015-09-12 13:43:05 -05:00
CVE-2015-3090 Add module for CVE-2015-3090 2015-06-18 12:36:14 -05:00
CVE-2015-3105 Add module for CVE-2015-3105 2015-06-25 13:35:01 -05:00
CVE-2015-3113 Add module for CVE-2015-3113 2015-07-01 13:13:57 -05:00
CVE-2015-3673 Remove sleep(), clean up WritableDir usage. 2015-07-05 18:59:00 -05:00
CVE-2015-5119 Update swf 2015-07-15 18:35:41 -05:00
CVE-2015-5122 Improve adobe_flash_opaque_background_uaf 2015-07-16 14:56:32 -05:00
CVE-2015-8103 Add Jenkins CLI Java serialization exploit module 2015-12-11 14:57:10 -06:00
CVE-2015-8660 working module 2016-10-04 23:21:53 -04:00
CVE-2016-0040 Land #8795, Added CVE-2016-0040 Windows Privilege Escalation 2018-05-04 09:38:28 -05:00
CVE-2016-0099 Fix whitespace 2016-07-27 12:37:14 -05:00
CVE-2016-4557 cve-2016-4557 2016-09-29 05:23:12 -04:00
CVE-2016-4655 Land #9528, WebKit apple safari trident exploit (CVE-2016-4657) 2018-06-04 15:37:57 -07:00
CVE-2016-4997 binary drops work! 2016-09-24 21:31:00 -04:00
CVE-2016-8655 Land #9987, AF_PACKET chocobo_root exploit 2018-05-21 15:22:51 -07:00
CVE-2017-0358 move sploit.c out to data folder 2017-03-31 20:51:33 -04:00
CVE-2017-7494 Rename payloads with os+libc, shrink array inits 2017-05-27 19:50:31 -05:00
CVE-2017-8291 Quick Ghostscript module based on the public PoC 2017-04-28 09:56:52 -05:00
CVE-2017-16666 Add xplico remote code execution 2017-11-14 09:30:57 +03:00
CVE-2017-17562 Land #9349, GoAhead LD_PRELOAD CGI Module 2018-01-24 17:12:47 -06:00
CVE-2018-0824 Land #10561, Add Windows local privilege escalation - CVE-2018-0824 2018-10-25 12:33:06 -07:00
CVE-2018-4237 Land #10965, Add the macOS LPE from pwn2own2018 (CVE-2018-4237) 2018-11-27 12:02:49 -08:00
CVE-2018-8120 Land #10664, add Windows SetImeInfoEx Win32k NULL Pointer Dereference 2018-10-18 21:02:13 -07:00
CVE-2018-8440 Land #10643, CVE-2018-8440 ALPC Scheduler 2018-09-24 10:48:41 -07:00
CVE-2018-9948 Land #10592, support ERB for foxit_reader_uaf.rb 2018-09-05 19:50:30 -07:00
R7_2015_17 Add missing stream.raw for hp_sitescope_dns_tool 2016-03-15 11:06:06 -05:00
badodt Land #10067, Added `auxiliary/fileformat/odt_badodt` 2018-06-06 09:29:34 -07:00
batik_svg Permissions 2012-06-06 20:05:29 -05:00
capcom_sys_exec Add LPE exploit module for the capcom driver flaw 2016-09-27 22:37:45 +10:00
capture/http File.exists? must die 2016-04-21 00:47:07 -04:00
cve-2010-0094 Permission changes (to sync) 2011-11-10 19:48:32 -06:00
cve-2010-0840/vuln Permission changes (to sync) 2011-11-10 19:48:32 -06:00
cve-2010-3563 Permission changes (to sync) 2011-11-10 19:48:32 -06:00
cve-2010-3904 Land #9966, Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit 2018-05-21 17:01:36 -05:00
cve-2010-4452 Permission changes (to sync) 2011-11-10 19:48:32 -06:00
cve-2011-3544 Allows for Loot and Tasks to be imported from an MSF ZIP. 2011-12-05 22:30:34 -05:00
cve-2012-5076 fixing bperry comments 2012-11-11 20:18:19 +01:00
cve-2012-5076_2 Added new module for cve-2012-5076 2013-01-17 21:27:47 +01:00
cve-2012-5088 Added module for CVE-2012-5088 2013-01-17 21:14:49 +01:00
cve-2013-0074 Small fix to interface 2013-11-22 17:02:08 -06:00
cve-2013-0422 cve and references available 2013-01-11 00:54:53 +01:00
cve-2013-0431 added security level bypass 2013-02-20 17:50:47 +01:00
cve-2013-1300 Use signed binary 2014-05-02 14:45:14 +01:00
cve-2013-1488 Add module for CVE-2013-1488 2013-06-07 13:38:41 -05:00
cve-2013-1493 Added module for CVE-2013-1493 2013-03-26 22:30:18 +01:00
cve-2013-2460 Make fixes proposed by review and clean 2013-06-25 12:58:00 -05:00
cve-2013-3660 ppr_flatten_rec update, RDI submodule, and refactor 2013-11-27 20:44:18 +10:00
cve-2013-3881 Add binary compiled on vs2013 2014-02-10 13:52:27 -06:00
cve-2014-1610 Use msf branded djvu 2014-02-01 00:37:28 +00:00
cve-2015-1318 Land #9399 a linux priv esc against apport and abrt 2018-02-02 11:32:29 -06:00
cve-2015-3315 Land #9422 abrt race condition priv esc on linux 2018-02-12 11:55:21 -06:00
cve-2016-0051 refactor ms16-016 code 2016-07-05 20:50:43 -05:00
cve-2016-0189 add exploit for cve-2016-0189 2016-08-01 13:26:35 -05:00
cve-2016-6415 CVE-2016-6415 Cisco - sendpacket.raw 2016-09-29 22:24:55 -05:00
cve-2017-7308 Land #9947, AF_PACKET packet_set_ring exploit 2018-05-17 08:16:34 -07:00
cve-2017-8464 recompile binaries 2017-11-08 09:33:48 -06:00
cve-2017-16995 Land #9753, Linux BPF sign extension local privesc 2018-07-18 11:05:32 -07:00
cve-2017-1000112 Land #9884, add linux ufo priv esc module 2018-08-02 02:56:27 -07:00
cve-2018-8897 Land #10387, Update mov_ss and add mov_ss_dll 2018-07-27 12:55:43 -07:00
cve-2018-18955 Land #10994, Added exploit for CVE-2018-18955 2018-11-27 14:27:50 -08:00
cve-2018-1000001 Land #10101, Add glibc 'realpath()' Privilege Escalation exploit 2018-06-12 14:43:57 -07:00
docx Data files moved. Updated to use Rex::zip and Msf::Exploit::FILEFORMAT 2013-02-04 13:37:09 +01:00
edb-35948 Call CollectGarbage 2015-02-09 14:44:31 -06:00
firefox_smil_uaf initial commit of finished product 2017-01-20 11:01:36 -06:00
ghostscript Land #10564, Add Ghostscript exploit from taviso 2018-09-05 19:09:11 -07:00
imagemagick Add PS template 2016-10-13 17:40:15 -05:00
java_signed_applet Permission changes (to sync) 2011-11-10 19:48:32 -06:00
jre7u17 Added module for Java 7u17 sandboxy bypass 2013-04-20 01:43:13 -05:00
mssql Permission changes (to sync) 2011-11-10 19:48:32 -06:00
mysql Land #10428, Update Windows MySQL UDF files, add docs 2018-09-24 19:13:53 -07:00
ntapphelpcachecontrol Use RDL 2015-01-09 19:02:08 -06:00
office_word_macro Update office_word_macro exploit to support template injection 2017-05-25 15:53:45 -05:00
openoffice_document_macro Completed version of openoffice_document_macro 2017-02-08 16:29:40 -06:00
osx Add auto-accept to osx/enum_keychain. 2015-09-07 21:17:49 -05:00
pfsense_clickjacking Added local copies of the static content 2017-12-02 10:14:14 +01:00
php Revert "Land #6812, remove broken OSVDB references" 2016-07-15 12:00:31 -05:00
poison_ivy_c2 Modifications based on suggestions by @wchen-r7 2016-06-08 01:17:15 +02:00
postgres Fixes #3988. Adds a command execution module for PostgreSQL by uploading a UDF library and adding sys_exec() as a temporary function. Requires the target to be Windows, uses Bernardo Damele A. G.'s binaries. 2011-03-23 19:36:07 +00:00
powershell new changes 2015-05-19 16:18:06 +01:00
psnuffle Land #10315, pSnuffle POST and basic auth 2018-07-17 11:01:34 -07:00
pxexploit Adds scriptjunkie's multilingual admin fie for pxexploit 2011-12-23 12:24:45 -06:00
roothelper Land #9919, add libuser roothelper privilege escalation exploit 2018-05-15 11:58:14 -07:00
rottenpotato Land #10418, Add DCOM/RPC NTLM Reflection (MS16-075) Via Reflective DLL 2018-10-04 14:57:20 -07:00
scripthost_uac_bypass Initial working scripthost bypass uac 2015-08-23 20:16:15 +01:00
splunk Cleanup of #1062 2012-12-07 11:55:48 +01:00
tpwn Move tpwn source to external/source/exploits 2015-08-17 18:27:47 -05:00
uxss Add some common UXSS scripts. 2014-09-09 02:31:27 -05:00
wifi Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2007-3314.dat Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2008-0320.doc Permissions 2012-06-06 20:05:29 -05:00
CVE-2008-5353.jar Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2008-5499.swf Permission change, ignore 2012-04-23 13:42:18 -05:00
CVE-2009-3867.jar Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2009-3869.jar Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2010-0480.avi Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2010-0822.xls Consolidation of the Axis2 Deployer Exploits 2011-11-22 08:47:53 -08:00
CVE-2010-1297.swf Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2010-3275.amv Added Crash file for CVE-2010-3275 (VLC AMV file) 2011-03-25 21:01:30 +00:00
CVE-2010-3654.swf Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2011-0105.xlb Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2011-0257.mov Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2011-0609.swf Permission changes (to sync) 2011-11-10 19:48:32 -06:00
CVE-2011-0611.swf Added swf trigger file 2011-04-16 02:08:03 +00:00
CVE-2011-2110.swf Permissions fix 2012-06-21 15:39:17 -05:00
CVE-2012-0507.jar Permissions fix for exploit jar file 2012-04-02 09:27:35 -05:00
CVE-2012-0754.swf Permisssions (ignore) 2012-03-08 16:16:13 -06:00
CVE-2012-0779.swf Permissions 2012-06-25 00:36:39 -05:00
CVE-2012-1723.jar Better handle of module cache when db_connect is run manually 2012-07-10 23:56:48 -05:00
CVE-2013-2171.bin Fix CVE-2013-2171 with @jlee-r7 feedback 2013-06-25 10:40:55 -05:00
CVE-2013-6282.so add module binary 2016-12-22 03:25:10 -06:00
CVE-2014-0980.pui Implemented Recommended Changes 2015-03-17 16:39:56 -04:00
CVE-2014-3153.so add binary for futex_requeue 2017-01-11 13:25:30 -06:00
QTJavaExploit.class Permission changes (to sync) 2011-11-10 19:48:32 -06:00
cve-2010-2883.ttf Permission changes (to sync) 2011-11-10 19:48:32 -06:00
cve-2013-0758.swf Initial commit, works on three OSes, but automatic mode fails. 2013-05-15 23:32:02 -05:00
cve-2014-1761.rtf MS14-017 Word RTF listoverridecount memory corruption 2014-04-08 14:44:20 -04:00
cve-2017-0199.rtf Fix rtf info author 2017-04-14 21:16:39 -05:00
exec_payload.msi added build exec_payload.msi 2012-11-28 21:51:01 +01:00
google_proxystylesheet.xml Permission changes (to sync) 2011-11-10 19:48:32 -06:00
iceweasel_macosx.icns Permission changes (to sync) 2011-11-10 19:48:32 -06:00
iphone_libtiff.bin Permission changes (to sync) 2011-11-10 19:48:32 -06:00
modicon_ladder.apx Permissions fix for modicon_ladder.apx 2012-04-12 14:26:27 -05:00
mp4player.as Permisssions (ignore) 2012-03-08 16:16:13 -06:00
mp4player.fla Add source code to the player 2012-03-08 15:23:10 -06:00
mp4player.swf Test out new player code 2012-03-08 15:05:12 -06:00
msfJavaToolkit.jar Permission changes (to sync) 2011-11-10 19:48:32 -06:00
office_ole_multiple_dll_hijack.ppsx Moved PPSX to data/exploits folder 2016-11-08 16:04:46 +01:00
pricedown.eot Permission changes (to sync) 2011-11-10 19:48:32 -06:00
runcalc.hlp Permission changes (to sync) 2011-11-10 19:48:32 -06:00
s4u_persistence.xml rename the xml template for s4u 2013-02-18 15:25:03 +01:00
shockwave_rcsl.dir Permission changes (to sync) 2011-11-10 19:48:32 -06:00