adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
25,785 Commits 27 Branches 1,043 Tags
4bd14ed5eae1961ba43f790bbc92c99c19b2c10e
Commit Graph

1686 Commits

Author SHA1 Message Date
Tonimir Kisasondi d7bf66973c Fixed userpass delimiters. 2014-05-18 18:13:03 +02:00
Tonimir Kisasondi 6ec926b573 Added separate users/pass/userpass dictionaries 2014-05-18 10:18:07 +02:00
Tonimir Kisasondi af82ae262c Added a large default password list for services. 2014-05-16 23:27:18 +02:00
jvazquez-r7 5fd732d24a Add module for CVE-2014-0515 2014-05-07 17:13:16 -05:00
sinn3r 6bfc9a8aa0 Land #3333 - Adobe Flash Player Integer Underflow Remote Code Execution 2014-05-05 10:39:26 -05:00
OJ 7e37939bf2 Land #3090 - Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei) 2014-05-04 16:41:17 +10:00
jvazquez-r7 b4c7c5ed1f Add module for CVE-2014-0497 2014-05-03 20:04:46 -05:00
Meatballs 06c8082187 Use signed binary 2014-05-02 14:45:14 +01:00
James Lee 4bd2dabfcd Land #3121, new kiwi extension, with compiled bins 
See also rapid7/meterpreter#79
 2014-04-29 17:53:37 -05:00
jvazquez-r7 60e7e9f515 Add module for CVE-2013-5331 2014-04-27 10:40:46 -05:00
sinn3r 5c0664fb3b Land #3292 - Mac OS X NFS Mount Privilege Escalation Exploit 2014-04-24 13:43:20 -05:00
Joe Vennix 143aede19c Add osx nfs_mount module. 2014-04-23 02:32:42 -05:00
jvazquez-r7 acb12a8bef Beautify and fix both ruby an AS 2014-04-17 23:32:29 -05:00
jvazquez-r7 91d9f9ea7f Update from master 2014-04-17 15:32:49 -05:00
jvazquez-r7 749e141fc8 Do first clean up 2014-04-17 15:31:56 -05:00
jvazquez-r7 abd76c5000 Add module for CVE-2014-0322 2014-04-15 17:55:24 -05:00
joev 0b23fc2c40 Revert "Use actual vars so that jsobfu can randomize." 
This reverts commit b9284c5635.
 2014-04-11 16:51:29 -05:00
sinn3r 68a50e3663 Land #3224 - Fixes large-string expansion in JSObfu 2014-04-10 12:09:22 -05:00
Joe Vennix b9284c5635 Use actual vars so that jsobfu can randomize. 2014-04-09 16:56:10 -05:00
Spencer McIntyre 85197dffe6 MS14-017 Word RTF listoverridecount memory corruption 2014-04-08 14:44:20 -04:00
joev 2e4c2b1637 Disable Android 4.0, add arch detection. 
Android 4.0, it turns out, has a different echo builtin than the other androids.
Until we can figure out how to drop a payload on a 4.0 shell, we cannot support it.

Arch detection allows mips/x86/arm ndkstagers to work, unfortunately
x86 ndkstager was not working, so it is disabled for now.
 2014-04-07 09:44:43 -05:00
sinn3r 4d69f80728 Update explib2.js 
Remove a few lines
 2014-04-02 23:07:29 -05:00
jvazquez-r7 74554ed805 Land #3174, @wchen-r7's object detection for ie11 2014-04-02 15:27:13 -05:00
jvazquez-r7 577bd7c855 Land #3146, @wchen-r7's flash version detection code 2014-04-02 15:13:41 -05:00
sinn3r 5ffcfb22fa Add object detection for IE11 
While working on some stuff with IE11, I realized this is very
necessary.
 2014-04-02 02:21:16 -05:00
sinn3r 389ad7aca3 Land #3155 - Explib2 2014-03-28 18:31:40 -05:00
sinn3r 4f5944cfb8 Add JavaScript detection for Adobe Flash 2014-03-28 14:31:21 -05:00
jvazquez-r7 ce02f8a7c5 Allow easier control of sprayed memory 2014-03-28 11:58:41 -05:00
jvazquez-r7 b0bbe3f6a9 Add explib2 with some fixes into metasploit 2014-03-28 10:44:13 -05:00
sinn3r 4c44f69e86 Undo the IE8/IE7 objection detection 2014-03-27 15:01:03 -05:00
sinn3r fc1432fe53 This is probably the right way to do it for ie7/8 2014-03-27 13:53:24 -05:00
sinn3r 9c54421679 Update IE8/IE7 object detection 2014-03-27 13:34:07 -05:00
sinn3r 8df96a419b Make IE10 detection safer for older IEs 2014-03-27 13:31:15 -05:00
sinn3r 1f90115c8f Add default detection for IE 9 and IE 10 
How it's done:

On IE10, which should come first before the IE 9 check, the nodeName
function always returns the name in uppercase.

One IE9, the "Object doesn't support property or method" error always
repeats the name of the invalid method.
 2014-03-27 00:15:36 -05:00
joe 46f7e6060f Add the updated bins from timwr. 2014-03-25 09:39:53 -07:00
joe c71d52e769 Merge branch 'pr-android-bins' of https://github.com/jvennix-r7/metasploit-framework into new-android-bins 2014-03-25 09:35:25 -07:00
sinn3r 8c707b20e0 Add support for specific builds of MSIE 9 on Win 7 SP1 
These IE9 versions are vulnerable to MS14-012 (see #3120). If we don't
add them, then os_detect might recognize the target as IE 8, and fail.
 2014-03-19 21:54:36 -05:00
Tod Beardsley 05436dc2c5 Refresh binaries for Meterpreter 
This includes:

rapid7/meterpreter#69
rapid7/meterpreter#70
rapid7/meterpreter#75
rapid7/meterpreter#77
rapid7/meterpreter#78

As of commit: 45bcbd13a1e0215647f6a61631652b686931bba8
 2014-03-19 08:57:04 -05:00
joev 8e4708b51b Add support for firefox 28. 2014-03-18 11:26:24 -05:00
OJ 409787346e Bring build tools up to date, change some project settings 
This commit brings the source into line with the general format/settings
that are used in other exploits.
 2014-03-14 22:57:16 +10:00
James Lee 6438b9372c Land #3067, python meterp net.config additions 2014-03-13 13:03:43 -05:00
Tod Beardsley 6309c4a193 Metasploit LLC transferred assets to Rapid7 
The license texts should reflect this.
 2014-03-13 09:47:52 -05:00
Spencer McIntyre 5ea26688d7 Fix a syntax error for Python 2.4 2014-03-11 15:22:52 -04:00
Spencer McIntyre f3493ce220 Merge branch 'master' into pymeterpreter-net 
Conflicts:
	data/meterpreter/ext_server_stdapi.py
 2014-03-11 15:15:02 -04:00
Spencer McIntyre e874223421 Land #3083, fix pymet when ctypes isn't available 2014-03-11 14:31:44 -04:00
Joe Vennix 679cb03ac3 Yank armeabi-v7a bins. 2014-03-11 13:09:50 -05:00
sinn3r b431bf3da9 Land #3052 - Fix nil error in BES 2014-03-11 12:51:03 -05:00
James Lee b87c2dca0b Use older hash modules when hashlib isn't there 2014-03-11 12:25:54 -05:00
Tim 4f31eba7f4 android payload golf 2014-03-10 21:50:00 -05:00
joe 66ff5998a5 New multi-arch stagers. 2014-03-10 21:49:56 -05:00