adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

1493 Commits

Author SHA1 Message Date
Tim W 0a1fb600a2 fix source versions and jscell headers 2020-08-27 19:36:45 +08:00
C4ssandre 3336040f2d Adding a new privilege escalation exploit for windows. 
New files and folders:

- metasploit-framework/modules/exploits/windows/local/bits_ntlm_token_impersonation.rb

- metasploit-framework/data/exploits/drunkpotato/

- metasploit-framework/external/source/exploits/drunkpotato/
 2020-08-25 14:27:41 +02:00
Tim W 53b2db78a0 getroot -> make writable 2020-08-18 16:18:38 +08:00
Tim W e65e7e21f2 fix newlines and cleanup 2020-08-18 15:56:05 +08:00
Tim W 0e4fcd7379 CVE-2020-9839 2020-08-18 15:56:01 +08:00
h00die cd41d9c3c9 Land #13911, iphone 4 on ios 7.1.2 safari jit for root 2020-08-14 16:01:14 -04:00
Tim W b5e465641b CVE-2020-9850 external source 2020-08-14 16:10:40 +08:00
Tim W 0b513d6c51 remove debug logging from the kernel exploit 2020-07-30 18:10:26 +08:00
Tim W 79adcf7904 Add module for iOS 7.1.2 2020-07-27 15:05:31 +08:00
Jeffrey Martin 65039a5091 Merge upstream into 6.x 2020-07-15 09:58:07 -05:00
Spencer McIntyre e8ce6cf2f3 Fix up some comments in the x64 block_api source code 2020-07-09 14:02:12 -04:00
Spencer McIntyre 1537d3f193 Update the block_api assembly source files 
This changes the x86 version to the (10 bytes) larger variant that can
handle full 32-bit jumps which is necesary for maximum compatibility
within the framwork.

Additionally, numeric literals are expressed in hex for compatibility
with the keystone assembler allowing these files to be compatitble with
external tools.
 2020-07-08 15:28:41 -04:00
gwillcox-r7 586971428a Recompile everything so we don't have the messagebox calls 2020-06-11 00:18:45 -05:00
gwillcox-r7 93b28e662e Change out template_dll solution files so that it generates the DLL with the correct name and in the correct location 2020-06-10 11:41:34 -05:00
gwillcox-r7 4a9c878132 Finally fix up the hanging issue via new template DLLs and associated code 2020-06-10 11:02:53 -05:00
gwillcox-r7 cb20eaf6f9 Finally fix the issue with the cleanup of the files within the exploit 2020-06-10 11:02:51 -05:00
gwillcox-r7 a5220d3155 One last time to add files cause I messed up last time 2020-06-10 11:02:51 -05:00
gwillcox-r7 06019585e8 Woops forgot source files last time, lets add those in 2020-06-10 11:02:50 -05:00
gwillcox-r7 dc060de7a9 Add initial upload of the source code 2020-06-10 11:02:48 -05:00
Spencer McIntyre 859f0c6f6a Remove the RDLL header template file 2020-05-08 09:32:35 -04:00
Spencer McIntyre 5eff81296c Update the README file with more documentation 2020-05-07 15:38:04 -04:00
Spencer McIntyre 4e8235923c Create the structure for the RDLL Visual Studio structure 2020-05-07 12:20:52 -04:00
Spencer McIntyre 9769e04b6e Land #13322, CVE-2020-0668 Service tracing file junction overwrite 2020-05-07 09:47:20 -04:00
gwillcox-r7 a1275845ec Land #13200, CVE-2019-0808 LPE for Windows 7 x86 SP0 and SP1 2020-05-06 17:23:52 -05:00
gwillcox-r7 1c79674620 Recompile DLL and alter vcxproj file to automatically place generated DLL in right folder 2020-05-06 16:33:01 -05:00
gwillcox-r7 1325c28ebd Fix typo in dllmain.cpp 2020-05-06 15:44:02 -05:00
gwillcox-r7 ea3bba96e2 Apply lots of review fixes to dllmain.cpp 2020-05-06 13:14:50 -05:00
bwatters-r7 a0213a13f0 Land #13279, Some fix for rubocop verification 
Merge branch 'land-13279' into upstream-master
 2020-05-01 13:49:14 -05:00
Tim W 27147aa23b add error checking to VirtualAlloc 2020-05-01 19:02:21 +08:00
Tim W 8e9a162b1b fix 2020-04-30 18:05:00 +08:00
Tim W 8f12e005ea check VirtualAlloc return value 2020-04-30 17:50:20 +08:00
Tim W 3ca0472b18 fix payload size 2020-04-30 17:47:41 +08:00
Tim W 5ed871a110 CVE-2019-0808 2020-04-30 17:19:46 +08:00
Tim W bba9b76d25 fix infinite loop in find_macho 
fix osx loader to work within python macho
 2020-04-24 15:13:57 +08:00
bwatters-r7 7213d379ec Add Uso dll 2020-04-23 15:18:22 -05:00
b4rtik 9be3f1d751 Code cleanup 2020-04-21 00:12:47 +02:00
b4rtik d1a8ac072a Fix Amsi and Etw patching 2020-04-20 23:52:19 +02:00
bwatters-r7 b9e83bd055 Update VS build destination 2020-04-13 18:20:20 -05:00
Jeffrey Martin ba091711b3 add files lost during rebase 
all credit to b4rtik for these files, just restoring here
 2020-04-13 14:13:59 -05:00
b4rtik c252e0affa Update build task 2020-04-10 15:07:07 -05:00
b4rtik e3c8c6b0cc Enabled output from clr loading 2020-04-10 15:06:39 -05:00
b4rtik b4d2dfe753 Added EtwEventWrite patching 2020-04-10 15:06:00 -05:00
b4rtik 8743cdfecc Update and USETHREADTOKEN 2020-04-10 15:05:20 -05:00
b4rtik 82b22f528b Update external/source/HostingCLR_inject/HostingCLR/HostingCLR.cpp 
Co-Authored-By: Brendan <bwatters@rapid7.com>
 2020-04-10 15:05:19 -05:00
b4rtik 4c26fa7a67 Fix arguments managing 2020-04-10 15:05:19 -05:00
b4rtik 1476f08dd0 Fix arguments managing 2020-04-10 15:05:18 -05:00
b4rtik d1c812bb25 Update HostingCLR.vcxproj 2020-04-10 15:05:18 -05:00
b4rtik baf25fb064 Removed dependency on vc runtime 2020-04-10 15:04:51 -05:00
b4rtik a3abfb13da Some fix 2020-04-10 14:57:41 -05:00
b4rtik 33cd725562 Add dynamic size for assembly and args 2020-04-10 14:57:37 -05:00