adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
43,178 Commits 27 Branches 1,043 Tags
0ac19087cd6015e596fff45a4ca1bed65afcc8ef
Commit Graph

103 Commits

Author SHA1 Message Date
Brent Cook da3ca9eb90 update some documentation 2017-08-03 17:09:44 -05:00
Yorick Koster 67dddd2402 Typo reported by @nixawk 2017-08-02 15:47:21 -05:00
Yorick Koster 3229320ba9 Code review feedback from @nixawk 2017-08-02 15:46:51 -05:00
Yorick Koster 565a3355be CVE-2017-8464 LNK Remote Code Execution Vulnerability 
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain a dynamic icon, loaded from a
malicious DLL.

This vulnerability is a variant of MS15-020 (CVE-2015-0096). The
created LNK file is similar except in an additional
SpecialFolderDataBlock is included. The folder ID set in this
SpecialFolderDataBlock is set to the Control Panel. This is enought to
bypass the CPL whitelist. This bypass can be used to trick Windows into
loading an arbitrary DLL file.
 2017-08-02 15:46:30 -05:00
Brent Cook 7c55cdc1c8 fix some module documentation 
3 modules got documentation landed in the wrong spot. This also fixes a few
typos and improves formatting.
 2017-07-23 07:46:52 -07:00
William Webb 6349026134 Land #8442, Exploit module for Backup Exec Windows Agent UaF 2017-06-28 10:39:28 -05:00
Pearce Barry 24d9bec0ae Land #8260, OpManager Version Check 2017-06-20 17:58:10 -05:00
Pearce Barry 700d392106 Add markdown docs. 2017-06-20 17:45:44 -05:00
bwatters-r7 99fa52e660 Land #8434, Add Windows 10 Bypassuac fodhelper module 2017-06-07 11:15:01 -05:00
h00die 1c23be91a7 sample output to scenarios conversion in docs 2017-05-31 21:21:38 -04:00
Matthew Daley d530c49645 Add documentation for CVE-2017-8895 exploit module 2017-05-24 00:28:37 +12:00
amaloteaux 2fbbc98b5d document little trick for those who read :) 2017-05-22 19:50:40 +01:00
amaloteaux 93bb47d546 msftidy fix 2017-05-22 19:27:15 +01:00
amaloteaux 6f1f630b0e add documentation 2017-05-22 19:17:26 +01:00
William Webb 467f1ce0ca Land #8411, Buffer overflow in VXSearch Enterprise v9.5.12 2017-05-22 07:37:31 -05:00
Daniel Teixeira ca6b00161d VX Search Enterprise GET Buffer Overflow Doc 2017-05-18 17:12:10 +01:00
wchen-r7 c0bf2cc6e7 Land #8401, Buffer Overflow on Sync Breeze Enterprise 9.4.28 2017-05-17 23:39:50 -05:00
Daniel Teixeira 57eac49222 Add files via upload 2017-05-17 10:52:36 +01:00
William Webb 7e2dab4ddc Land #8303, Buffer Overflow on Dupscout Enterprise v9.5.14 2017-05-17 01:04:59 -05:00
William Vu 21e741b530 Comment out x86 targets in ms17_010_eternalblue.md 
Still under development.
 2017-05-16 19:52:44 -05:00
wchen-r7 77a9676efb Land #8347, Add Serviio Media Server checkStreamUrl Command Execution 2017-05-16 16:20:39 -05:00
zerosum0x0 e3dcf0ab2d added docs 2017-05-14 19:22:26 -06:00
Brent Cook 96e3d61883 Land #8297, add docs for energizer duo scanner and exploit 2017-05-08 17:14:36 -05:00
Brendan Coles 283a40a279 Add documentation 2017-05-06 12:58:53 +00:00
Daniel Teixeira cd038aed82 Dup Scout Enterprise documentation 2017-04-26 15:19:59 +01:00
h00die c4bb918cca addition of energizer duo docs 2017-04-25 22:05:55 -04:00
h00die 285358e2a4 fix paths 2017-04-25 21:12:55 -04:00
wchen-r7 320898697a Land #8266, Add Buffer Overflow Exploit on Disk Sorter Enterprise 2017-04-24 17:17:30 -05:00
wchen-r7 5bbb4d755a Land #8254, Add CVE-2017-0199 - Office Word HTA Module 2017-04-24 16:05:00 -05:00
wchen-r7 6029a9ee2b Use a built-in HTA server and update doc 2017-04-24 16:04:27 -05:00
Daniel Teixeira a404a1ed04 Rename disksorter_bof.rb.md to disksorter_bof.md 2017-04-24 21:58:37 +01:00
Daniel Teixeira c5b594d928 Disk Sorter Enterprise Documentation 2017-04-24 14:59:47 +01:00
h00die 9f892c56fb land #8244 docs for manageengine_connectionid_write 2017-04-18 21:43:58 -04:00
nixawk 0a085c4e83 add doc for exploit/windows/fileformat/office_word_hta 2017-04-18 03:26:10 -05:00
itsmeroy2012 5f921859f0 adding hotlinks 2017-04-17 23:37:44 +05:30
itsmeroy2012 84220d6617 Minor edits 2017-04-17 23:30:07 +05:30
itsmeroy2012 477b78a75e adding : 2017-04-15 17:37:21 +05:30
itsmeroy2012 aae009a542 missed heading 2017-04-15 17:35:52 +05:30
itsmeroy2012 8ad80ea3d6 fixing whitespaces 2017-04-15 17:34:14 +05:30
itsmeroy2012 39b228bb39 fixing headings 2017-04-15 17:32:35 +05:30
itsmeroy2012 f573d004d2 KB for manageengine_connectionid_write 2017-04-15 17:30:44 +05:30
h00die 6c44edc58c Land #8180 docs for iis_webdav_upload_asp 2017-04-04 16:37:08 -04:00
h00die a0ec93ded8 add newline 2017-04-04 16:35:46 -04:00
Indranil Roy 77d80b1a02 fixing newline 2017-04-03 17:04:45 +05:30
itsmeroy2012 fef10b7be8 fixing minor issues 2017-04-03 16:54:45 +05:30
itsmeroy2012 3ada361357 removing twice exploit 2017-04-02 14:33:23 +05:30
itsmeroy2012 2c75526a12 Fixing white spaces 2017-04-02 14:31:11 +05:30
itsmeroy2012 da14a80e8d Fixing hashes 2017-04-02 14:28:04 +05:30
itsmeroy2012 85a95233c7 Documentation on iis_webdav_upload_asp 2017-04-02 14:26:29 +05:30
Chris Higgins 7a12e446a0 Updated documentation and fixed module header. Whoops, copy/paste fail. 2017-03-16 21:28:24 -05:00