metasploit-framework/external
OJ defc0ebe5c
ppr_flatten_rec update, RDI submodule, and refactor
This commit contains a few changes for the ppr_flatten_rec local windows
exploit. First, the exploit binary itself:

* Updated to use the RDI submodule.
* Updated to build with VS2013.
* Updated to generate a binary called `ppr_flatten_rc.x86.dll`.
* Invocation of the exploit requires address of the payload to run.

Second, the module in MSF behaved a little strange. I expected it to create
a new session with system privs and leave the existing session alone. This
wasn't the case. It used to create an instance of notepad, migrate the
_existing_ session to it, and run the exploit from there. This behaviour
didn't seem to be consistent with other local exploits. The changes
include:

* Existing session is now left alone, only used as a proxy.
* New notepad instance has exploit reflectively loaded.
* New notepad instance has payload directly injected.
* Exploit invocation takes the payload address as a parameter.
* A wait is added as the exploit is slow to run (nature of the exploit).
* Payloads are executed on successful exploit.
2013-11-27 20:44:18 +10:00
..
burp-proxy Added Burp Proxy v1.x support for Wmap by Spinbad 2009-01-12 02:57:19 +00:00
ruby-kissfft Upgrade KissFFT to 1.3.0 and Gemize 2012-10-09 23:57:55 -05:00
ruby-lorcon Copyright updates reflecting the news 2009-10-21 12:58:56 +00:00
ruby-lorcon2 Update for compatibility 2012-03-27 15:29:28 -05:00
serialport Removed Makefile and mkmf.log 2009-01-11 06:34:11 +00:00
source ppr_flatten_rec update, RDI submodule, and refactor 2013-11-27 20:44:18 +10:00