metasploit-framework

bwatters-r7 b4c005c4d4 Land #10561 , Add Windows local privilege escalation - CVE-2018-0824 Merge branch 'land-10561' into upstream-master	2018-10-25 13:22:31 -05:00
..
CVE-2008-5353	add a makefile so i don't forget how to compile this stuff	2010-07-21 07:27:15 +00:00
CVE-2008-5499	Minor fixes	2012-04-19 18:07:35 -05:00
CVE-2008-6508	Module rewrite, included Java support, direct upload, plugin deletion	2012-06-26 11:56:44 -04:00
CVE-2009-3867	compile java applet with 1.3, Fixes #685	2009-12-14 17:26:19 +00:00
CVE-2009-3869	add exploit module for cve-2009-3869	2009-12-17 04:52:40 +00:00
CVE-2010-0094	add an exploit module for cve-2010-0094, thanks Matthias Kaiser.	2010-09-08 08:20:55 +00:00
CVE-2010-0232	Quick fix to x64 kitrap0d project	2013-12-20 09:51:24 +10:00
CVE-2010-0840/vuln	add source code for cve-2010-0840	2010-08-21 07:27:26 +00:00
CVE-2010-0842/MixerMidiApplet	Added CVE-2010-0842	2012-02-15 23:32:31 +01:00
CVE-2010-3563	add an exploit for cve-2010-3563, thanks Matthias Kaiser	2010-11-19 23:02:35 +00:00
CVE-2011-0609	made the shellcode request random to avoid signatures	2011-03-26 16:00:52 +00:00
CVE-2011-2110	added adobe flashplayer array indexing exploit (CVE-2011-2110)	2012-06-20 12:52:37 +10:00
CVE-2011-3544	The more description the better	2011-12-01 03:03:37 -06:00
CVE-2012-0507	Add checks for data being null, too, just in case	2012-03-30 16:46:49 -06:00
CVE-2012-0754	Add CVE-2012-0754 .as source	2012-03-07 19:25:51 -06:00
CVE-2012-0779	changes on openfire_auth_bypass	2012-06-27 23:16:07 +02:00
CVE-2012-1535	Improve CVE-2012-1535	2012-08-21 19:58:21 -05:00
CVE-2012-1723	Last touch-up	2012-07-10 00:37:07 -05:00
CVE-2012-4681	Update source information	2012-08-30 17:48:02 -05:00
CVE-2013-0634	Beautify and fix both ruby an AS	2014-04-17 23:32:29 -05:00
CVE-2013-2171	Fix CVE-2013-2171 with @jlee-r7 feedback	2013-06-25 10:40:55 -05:00
CVE-2013-2465	Fix the makefile to use the right directory	2014-08-03 13:38:15 -05:00
CVE-2013-5331	Add module for CVE-2013-5331	2014-04-27 10:40:46 -05:00
CVE-2013-6282	fix double \n in printf	2016-12-13 17:02:23 +08:00
CVE-2014-0322	Add module for CVE-2014-0322	2014-04-15 17:55:24 -05:00
CVE-2014-0497	Add module for CVE-2014-0497	2014-05-03 20:04:46 -05:00
CVE-2014-0515	Delete debug	2015-06-11 17:39:36 -05:00
CVE-2014-0556	Update AS code	2015-06-04 18:34:08 -05:00
CVE-2014-0569	Really fix indentation	2015-06-09 12:42:32 -05:00
CVE-2014-3153	fork early and use WfsDelay	2016-12-20 00:59:27 +08:00
CVE-2014-4404	Change paths, add makefile and compile	2014-11-30 21:06:11 -06:00
CVE-2014-8440	Make last code cleanup	2015-06-09 16:01:57 -05:00
CVE-2015-0311	Update AS source code	2015-06-04 12:12:49 -05:00
CVE-2015-0313	Fix indentation	2015-06-10 12:27:52 -05:00
CVE-2015-0318	Update Main.as	2015-03-13 11:40:16 -05:00
CVE-2015-0336	Add support for Windows 8.1/Firefox	2015-06-03 22:46:04 -05:00
CVE-2015-0359	Fix exploit indentation	2015-06-10 14:19:36 -05:00
CVE-2015-1328	revamped	2016-10-15 20:57:31 -04:00
CVE-2015-2426	Add exploit source	2015-09-15 14:54:05 -05:00
CVE-2015-3090	Fix one more line indentation	2015-06-18 12:40:30 -05:00
CVE-2015-3105	Fix indentation	2015-06-25 14:12:23 -05:00
CVE-2015-3113	Add module for CVE-2015-3113	2015-07-01 13:13:57 -05:00
CVE-2015-5119	Add build comment	2015-07-15 18:30:05 -05:00
CVE-2015-5122	Improve adobe_flash_opaque_background_uaf	2015-07-16 14:56:32 -05:00
CVE-2015-8103	Add Jenkins CLI Java serialization exploit module	2015-12-11 14:57:10 -06:00
CVE-2015-8660	moved c code to external sources	2016-10-13 20:37:03 -04:00
CVE-2016-0040	We don't need the application.c file	2018-05-03 15:08:42 -05:00
CVE-2016-4655	add binary	2018-05-30 18:02:17 +08:00
CVE-2018-0824	Get everything together finally (still needs cleanup)	2018-10-19 18:15:44 -05:00
CVE-2018-8120	removed original binary, added source	2018-10-11 11:42:51 -05:00
CVE-2018-8440/dll	Inject Payload to Memory First	2018-09-19 21:13:49 -05:00
IE11SandboxEscapes	Land #3403 - MS13-097 Registry Symlink IE Sandbox Escape	2014-06-26 13:48:28 -05:00
batik_svg	Added batik svg java module	2012-05-17 16:48:38 +02:00
bypassuac	remove some dead code paths	2014-02-27 11:45:57 -06:00
bypassuac_injection	Add bypassuac_injection_winsxs.rb module	2017-06-03 12:59:50 +02:00
capcom_sys_exec	Move execute_payload to the kernel lib	2017-01-17 11:19:26 +10:00
cve-2010-4452	enable java payloads, currently via one-off method	2011-03-17 23:57:11 +00:00
cve-2012-5076	fixing bperry comments	2012-11-11 20:18:19 +01:00
cve-2012-5076_2	Update external/source/exploits/cve-2012-5076_2/Makefile	2013-01-23 20:18:24 +01:00
cve-2012-5088	Update external/source/exploits/cve-2012-5088/Makefile	2013-01-23 12:42:33 +01:00
cve-2013-0074	Switch to soft tabs the cs code	2013-11-23 23:06:52 -06:00
cve-2013-0109	Add make script for nvidia nvsvc	2013-12-15 01:12:49 +00:00
cve-2013-0422	cve and references available	2013-01-11 00:54:53 +01:00
cve-2013-0431	makefile updated	2013-02-21 13:44:37 +01:00
cve-2013-1300	Address OJ's comments	2014-05-02 13:33:55 +01:00
cve-2013-1488	Add module for CVE-2013-1488	2013-06-07 13:38:41 -05:00
cve-2013-1493	Added module for CVE-2013-1493	2013-03-26 22:30:18 +01:00
cve-2013-2460	Delete project files	2013-06-25 12:58:39 -05:00
cve-2013-3660	Merge remote-tracking branch 'upstream/master' into submodule	2013-12-08 18:25:03 +00:00
cve-2013-3881	Upgrade toolchain to Visual Studio 2013 v120.	2014-02-10 09:35:07 -05:00
cve-2014-4113	Use PDWORD_PTR and DWORD_PTR	2014-10-31 17:35:50 -05:00
cve-2015-0016	Replace external source	2015-08-26 15:32:50 -05:00
cve-2015-1701	Support older targets x86 for MS15-051	2015-06-25 09:33:15 +10:00
cve-2016-0051/dll	refactor ms16-016 code	2016-07-05 20:50:43 -05:00
cve-2016-0189	add exploit for cve-2016-0189	2016-08-01 13:26:35 -05:00
cve-2017-8464	Refactor GetProcessSid to remove do while FALSE	2017-11-07 19:11:24 -05:00
cve-2018-8897	Update mov_ss and add mov_ss_dll	2018-07-27 09:40:34 -05:00
exec_payload_msi	Move MSI source and binary location	2012-11-27 18:12:49 +00:00
jre17u17	fix small issues	2013-04-20 01:43:14 -05:00
ntapphelpcachecontrol	Not needed anymore	2015-01-09 19:05:44 -06:00
office_word_macro	Support OS X for Microsoft Office macro exploit	2017-02-16 12:28:11 -06:00
rottenpotato	Recompile binaries and prep for VS2013 compiles	2018-10-04 16:21:23 -05:00
splunk/upload_app_exec	Cleanup of #1062	2012-12-07 11:55:48 +01:00
tpwn	Move tpwn source to external/source/exploits	2015-08-17 18:27:47 -05:00
windows-lpe-template	Add a Windows LPE exploit template for x64/x86	2017-01-17 11:20:14 +10:00
make.bat	Add LPE exploit module for the capcom driver flaw	2016-09-27 22:37:45 +10:00

CVE-2008-5353

add a makefile so i don't forget how to compile this stuff

2010-07-21 07:27:15 +00:00

CVE-2008-5499

Minor fixes

2012-04-19 18:07:35 -05:00

CVE-2008-6508

Module rewrite, included Java support, direct upload, plugin deletion

2012-06-26 11:56:44 -04:00

CVE-2009-3867

compile java applet with 1.3, Fixes #685

2009-12-14 17:26:19 +00:00

CVE-2009-3869

add exploit module for cve-2009-3869

2009-12-17 04:52:40 +00:00

CVE-2010-0094

add an exploit module for cve-2010-0094, thanks Matthias Kaiser.

2010-09-08 08:20:55 +00:00

CVE-2010-0232

Quick fix to x64 kitrap0d project

2013-12-20 09:51:24 +10:00

CVE-2010-0840/vuln

add source code for cve-2010-0840

2010-08-21 07:27:26 +00:00

CVE-2010-0842/MixerMidiApplet

Added CVE-2010-0842

2012-02-15 23:32:31 +01:00

CVE-2010-3563

add an exploit for cve-2010-3563, thanks Matthias Kaiser

2010-11-19 23:02:35 +00:00

CVE-2011-0609

made the shellcode request random to avoid signatures

2011-03-26 16:00:52 +00:00

CVE-2011-2110

added adobe flashplayer array indexing exploit (CVE-2011-2110)

2012-06-20 12:52:37 +10:00

CVE-2011-3544

The more description the better

2011-12-01 03:03:37 -06:00

CVE-2012-0507

Add checks for data being null, too, just in case

2012-03-30 16:46:49 -06:00

CVE-2012-0754

Add CVE-2012-0754 .as source

2012-03-07 19:25:51 -06:00

CVE-2012-0779

changes on openfire_auth_bypass

2012-06-27 23:16:07 +02:00

CVE-2012-1535

Improve CVE-2012-1535

2012-08-21 19:58:21 -05:00

CVE-2012-1723

Last touch-up

2012-07-10 00:37:07 -05:00

CVE-2012-4681

Update source information

2012-08-30 17:48:02 -05:00

CVE-2013-0634

Beautify and fix both ruby an AS

2014-04-17 23:32:29 -05:00

CVE-2013-2171

Fix CVE-2013-2171 with @jlee-r7 feedback

2013-06-25 10:40:55 -05:00

CVE-2013-2465

Fix the makefile to use the right directory

2014-08-03 13:38:15 -05:00

CVE-2013-5331

Add module for CVE-2013-5331

2014-04-27 10:40:46 -05:00

CVE-2013-6282

fix double \n in printf

2016-12-13 17:02:23 +08:00

CVE-2014-0322

Add module for CVE-2014-0322

2014-04-15 17:55:24 -05:00

CVE-2014-0497

Add module for CVE-2014-0497

2014-05-03 20:04:46 -05:00

CVE-2014-0515

Delete debug

2015-06-11 17:39:36 -05:00

CVE-2014-0556

Update AS code

2015-06-04 18:34:08 -05:00

CVE-2014-0569

Really fix indentation

2015-06-09 12:42:32 -05:00

CVE-2014-3153

fork early and use WfsDelay

2016-12-20 00:59:27 +08:00

CVE-2014-4404

Change paths, add makefile and compile

2014-11-30 21:06:11 -06:00

CVE-2014-8440

Make last code cleanup

2015-06-09 16:01:57 -05:00

CVE-2015-0311

Update AS source code

2015-06-04 12:12:49 -05:00

CVE-2015-0313

Fix indentation

2015-06-10 12:27:52 -05:00

CVE-2015-0318

Update Main.as

2015-03-13 11:40:16 -05:00

CVE-2015-0336

Add support for Windows 8.1/Firefox

2015-06-03 22:46:04 -05:00

CVE-2015-0359

Fix exploit indentation

2015-06-10 14:19:36 -05:00

CVE-2015-1328

revamped

2016-10-15 20:57:31 -04:00

CVE-2015-2426

Add exploit source

2015-09-15 14:54:05 -05:00

CVE-2015-3090

Fix one more line indentation

2015-06-18 12:40:30 -05:00

CVE-2015-3105

Fix indentation

2015-06-25 14:12:23 -05:00

CVE-2015-3113

Add module for CVE-2015-3113

2015-07-01 13:13:57 -05:00

CVE-2015-5119

Add build comment

2015-07-15 18:30:05 -05:00

CVE-2015-5122

Improve adobe_flash_opaque_background_uaf

2015-07-16 14:56:32 -05:00

CVE-2015-8103

Add Jenkins CLI Java serialization exploit module

2015-12-11 14:57:10 -06:00

CVE-2015-8660

moved c code to external sources

2016-10-13 20:37:03 -04:00

CVE-2016-0040

We don't need the application.c file

2018-05-03 15:08:42 -05:00

CVE-2016-4655

add binary

2018-05-30 18:02:17 +08:00

CVE-2018-0824

Get everything together finally (still needs cleanup)

2018-10-19 18:15:44 -05:00

CVE-2018-8120

removed original binary, added source

2018-10-11 11:42:51 -05:00

CVE-2018-8440/dll

Inject Payload to Memory First

2018-09-19 21:13:49 -05:00

IE11SandboxEscapes

Land #3403 - MS13-097 Registry Symlink IE Sandbox Escape

2014-06-26 13:48:28 -05:00

batik_svg

Added batik svg java module

2012-05-17 16:48:38 +02:00

bypassuac

remove some dead code paths

2014-02-27 11:45:57 -06:00

bypassuac_injection

Add bypassuac_injection_winsxs.rb module

2017-06-03 12:59:50 +02:00

capcom_sys_exec

Move execute_payload to the kernel lib

2017-01-17 11:19:26 +10:00

cve-2010-4452

enable java payloads, currently via one-off method

2011-03-17 23:57:11 +00:00

cve-2012-5076

fixing bperry comments

2012-11-11 20:18:19 +01:00

cve-2012-5076_2

Update external/source/exploits/cve-2012-5076_2/Makefile

2013-01-23 20:18:24 +01:00

cve-2012-5088

Update external/source/exploits/cve-2012-5088/Makefile

2013-01-23 12:42:33 +01:00

cve-2013-0074

Switch to soft tabs the cs code

2013-11-23 23:06:52 -06:00

cve-2013-0109

Add make script for nvidia nvsvc

2013-12-15 01:12:49 +00:00

cve-2013-0422

cve and references available

2013-01-11 00:54:53 +01:00

cve-2013-0431

makefile updated

2013-02-21 13:44:37 +01:00

cve-2013-1300

Address OJ's comments

2014-05-02 13:33:55 +01:00

cve-2013-1488

Add module for CVE-2013-1488

2013-06-07 13:38:41 -05:00

cve-2013-1493

Added module for CVE-2013-1493

2013-03-26 22:30:18 +01:00

cve-2013-2460

Delete project files

2013-06-25 12:58:39 -05:00

cve-2013-3660

Merge remote-tracking branch 'upstream/master' into submodule

2013-12-08 18:25:03 +00:00

cve-2013-3881

Upgrade toolchain to Visual Studio 2013 v120.

2014-02-10 09:35:07 -05:00

cve-2014-4113

Use PDWORD_PTR and DWORD_PTR

2014-10-31 17:35:50 -05:00

cve-2015-0016

Replace external source

2015-08-26 15:32:50 -05:00

cve-2015-1701

Support older targets x86 for MS15-051

2015-06-25 09:33:15 +10:00

cve-2016-0051/dll

refactor ms16-016 code

2016-07-05 20:50:43 -05:00

cve-2016-0189

add exploit for cve-2016-0189

2016-08-01 13:26:35 -05:00

cve-2017-8464

Refactor GetProcessSid to remove do while FALSE

2017-11-07 19:11:24 -05:00

cve-2018-8897

Update mov_ss and add mov_ss_dll

2018-07-27 09:40:34 -05:00

exec_payload_msi

Move MSI source and binary location

2012-11-27 18:12:49 +00:00

jre17u17

fix small issues

2013-04-20 01:43:14 -05:00

ntapphelpcachecontrol

Not needed anymore

2015-01-09 19:05:44 -06:00

office_word_macro

Support OS X for Microsoft Office macro exploit

2017-02-16 12:28:11 -06:00

rottenpotato

Recompile binaries and prep for VS2013 compiles

2018-10-04 16:21:23 -05:00

splunk/upload_app_exec

Cleanup of #1062

2012-12-07 11:55:48 +01:00

tpwn

Move tpwn source to external/source/exploits

2015-08-17 18:27:47 -05:00

windows-lpe-template

Add a Windows LPE exploit template for x64/x86

2017-01-17 11:20:14 +10:00

make.bat

Add LPE exploit module for the capcom driver flaw

2016-09-27 22:37:45 +10:00