adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

1450 Commits

Author SHA1 Message Date
jvazquez-r7 d1beb313f6 Add module for 2013-1690 2013-08-07 15:36:54 -05:00
Tod Beardsley 7e539332db Reverting disaster merge to 593363c5f with diff 
There was a disaster of a merge at 6f37cf22eb that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).

What this commit does is simulate a hard reset, by doing thing:

 git checkout -b reset-hard-ohmu
 git reset --hard 593363c5f9
 git checkout upstream-master
 git checkout -b revert-via-diff
 git diff --no-prefix upstream-master..reset-hard-ohmy > patch
 patch -p0 < patch

Since there was one binary change, also did this:

 git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf

Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
 2013-07-29 21:47:52 -05:00
jvazquez-r7 05be76ecb7 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-29 16:41:22 -05:00
Tod Beardsley 37312f2aa9 Module, singular 2013-07-29 10:58:36 -05:00
Tod Beardsley 11e9cca855 Spelling and description touch ups. 2013-07-29 10:57:19 -05:00
jvazquez-r7 47c21dfe85 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-24 11:42:11 -05:00
jvazquez-r7 b0c17fdebc Land #2002, @jlee-r7's patch for better handling uri resources 2013-07-23 15:49:21 -05:00
jvazquez-r7 99a345f8d1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-22 13:54:26 -05:00
Tod Beardsley 164153f1e6 Minor updates to titles and descriptions 2013-07-22 13:04:54 -05:00
jvazquez-r7 bdfad076b4 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-18 15:43:58 -05:00
jvazquez-r7 efb8591a49 Update apple_quicktime_rdrf references 2013-07-18 13:57:31 -05:00
jvazquez-r7 52079c960f Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-18 12:52:42 -05:00
sinn3r b94cde1d65 Name change for pyoor 2013-07-18 10:50:25 -05:00
jvazquez-r7 104edd8e93 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-18 10:38:53 -05:00
jvazquez-r7 bf023f261a Delete comma 2013-07-17 20:46:03 -05:00
jvazquez-r7 7ee4855345 Fix msftidy and delete duplicate stack adjustment 2013-07-17 20:45:54 -05:00
sinn3r 6713fb1609 Fix typos 2013-07-17 18:06:40 -05:00
sinn3r 9ae7c80b15 Add more targets plus some other corrections 2013-07-17 14:43:41 -05:00
sinn3r c85b994c07 Add CVE-2013-1017: Apple Quicktime Invalid Atom Length BoF 
This module exploits a vulnerability found in Apple Quicktime. The
flaw is triggered when Quicktime fails to properly handle the data
length for certain atoms such as 'rdrf' or 'dref' in the Alis record,
which may result a buffer overflow by loading a specially crafted .mov
file, and allows arbitrary code execution under the context of the user.
 2013-07-17 13:45:05 -05:00
jvazquez-r7 6e44cb56bf Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-03 12:44:47 -05:00
sinn3r 7ef5695867 [FixRM:#8129] - Remove invalid metasploit.com references 
These "metasploit.com" references aren't related to the vulns,
shouldn't be in them.
 2013-07-03 11:52:10 -05:00
jvazquez-r7 90b30dc317 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-26 14:31:52 -05:00
Steve Tornio 6ea622c45e reference updates 2013-06-26 09:44:56 -05:00
jvazquez-r7 7ab4d4dcc4 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-25 17:34:29 -05:00
Steve Tornio 5b71013dde reference updates 2013-06-25 13:41:22 -05:00
jvazquez-r7 0c306260be Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-25 09:13:01 -05:00
sinn3r 4df943d1a2 CVE and OSVDB update 2013-06-25 02:06:20 -05:00
James Lee 2c12a43e77 Add a method for dealing with hardcoded URIs 2013-06-21 15:48:02 -05:00
jvazquez-r7 ae1a3e3ca1 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-17 20:39:31 -05:00
Tod Beardsley 4ca9a88324 Tidying up grammar and titles 2013-06-17 16:49:14 -05:00
jvazquez-r7 11bf17b0d6 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-15 11:55:22 -05:00
sinn3r 2abf70a1ca Lower ranking for MS13-009 
We haven't been able to make this one more reliable, so todb suggests
we lower the ranking first.
 2013-06-14 15:24:43 -05:00
jvazquez-r7 2d083be8e7 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-14 13:28:44 -05:00
sinn3r 0d384d23b8 Land #1954 - Fix resource_uri and mp4 file path 2013-06-14 13:15:17 -05:00
jvazquez-r7 060261bb3b Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-14 13:15:13 -05:00
sinn3r 933ac88b44 Missing the file param that's needed to download the mp4 2013-06-14 13:13:48 -05:00
sinn3r d2df3234f4 Land #1955 - mozilla_mchannel.rb undefined agent variable 2013-06-14 11:14:20 -05:00
sinn3r 223807d0df Land #1956 - fix regex error for mozilla_reduceright.rb 2013-06-14 11:09:49 -05:00
jvazquez-r7 95118895d6 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-13 13:05:42 -05:00
jvazquez-r7 81813a78fc Fix module Name 2013-06-13 11:55:23 -05:00
jvazquez-r7 707bc33148 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-13 10:17:28 -05:00
jvazquez-r7 eaba8e7b59 up to date 2013-06-12 15:44:00 -05:00
jvazquez-r7 afb2f83238 Add module for CVE-2012-1533 2013-06-12 14:40:53 -05:00
jvazquez-r7 c38eabe481 Fix description, code and perform test 2013-06-12 11:07:03 -05:00
jvazquez-r7 5c8053491f Add DEP bypass for ntdll ms12-001 2013-06-12 10:41:05 -05:00
jvazquez-r7 a1c7961cbc Suport js obfuscation for the trigger 2013-06-12 08:06:12 -05:00
jvazquez-r7 5240c6e164 Add module for MS13-037 CVE-2013-2551 2013-06-12 07:37:57 -05:00
jvazquez-r7 9ea58ba165 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-06-11 10:40:01 -05:00
sinn3r 081baad68c Remove variable 'overflow' because it's not used 
The 'overflow' variable isn't needed
 2013-06-11 02:26:45 -05:00
Ruslaideemin ca0ab8d6ee maxthon_history_xcs.rb - fix User-agent string 
request.headers['User-agent'] is incorrect, it should be
request.headers['User-Agent'].

Downloaded following version from oldapps.com to confirm
the exploit code is wrong.

Supported Systems Windows 98, 2000 (Maxthon 2.5.15 Build
  1000), XP, Vista, 7, 8
MD5 Checksum F3791637C886A46940876211209F82F4
SHA1 Checksum 039BB218245E5DC1BAB0F57298C68AC487F86323

Release Date 20 October, 2011 (2 years ago )
 2013-06-11 13:37:21 +10:00