adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
31,169 Commits 27 Branches 1,043 Tags
7d30b214ee11fb6c81e633dfd2dfd6fc7f2dab8b
Commit Graph

4499 Commits

Author SHA1 Message Date
Jay Smith e40772efe2 Fixed open device issue for non-priv users 
Fixed the open_device call to work for users without Administrator
privileges
 2015-02-18 12:44:58 -05:00
sinn3r 6acbe64dbd The MSB reference in the title is wrong 
It should be MS13-022.

MS12-022 is MSFT Expression Design.
 2015-02-17 14:56:14 -06:00
sinn3r b90639fd66 Land #4726, X360 Software actvx buffer overflow 2015-02-17 11:41:23 -06:00
jvazquez-r7 0372b08d83 Fix mixin usage on modules 2015-02-13 17:17:59 -06:00
sinn3r b197b98ab9 Land #4759, fix ms09_067_excel_featheader 2015-02-13 13:25:15 -06:00
jvazquez-r7 3ae3d56caa Land #4745, fixes #4711, BrowserAutoPwn failing due to getpeername 2015-02-12 16:51:09 -06:00
jvazquez-r7 92422c7b9a Save the output file on local_directory 2015-02-12 16:16:21 -06:00
sinn3r 05d2703a98 Explain why obfuscation is disabled 2015-02-12 14:00:01 -06:00
Tod Beardsley c156ed62a9 on, not of. 2015-02-12 12:56:53 -06:00
Tod Beardsley d89eda65fa Moar fixes, thanks @wvu-r7 
See #4755
 2015-02-12 12:46:38 -06:00
Tod Beardsley e78d08e20d Fix up titles, descriptions 2015-02-12 12:11:40 -06:00
sinn3r 50c72125a4 ::Errno::EINVAL, disable obfuscation, revoke ms14-064 2015-02-12 11:54:01 -06:00
William Vu 309159d876 Land #4753, updated ms14_070_tcpip_ioctl info 2015-02-12 09:57:29 -06:00
Spencer McIntyre 8ab469d3bd Update ms14-070 module information and references 2015-02-12 09:51:01 -05:00
William Vu b894050bba Fix local/pxeexploit datastore 2015-02-11 12:19:56 -06:00
sinn3r d23c9b552f Trade MS12-004 for MS13-090 against Windows XP BrowserAutoPwn 2015-02-10 18:58:56 -06:00
jvazquez-r7 5687028f09 Land #4671, @earthquake's exploit for achat buffer overflow 2015-02-09 17:50:09 -06:00
jvazquez-r7 6165d623ff Change module filename 2015-02-09 17:39:55 -06:00
jvazquez-r7 eb0741d7a7 Modify reference 2015-02-09 17:39:18 -06:00
jvazquez-r7 86f3bcad11 Do minor cleanup 2015-02-09 17:33:05 -06:00
Balazs Bucsay ac6879cfe1 proper payload encoding from now on 2015-02-09 23:36:35 +01:00
Balazs Bucsay c7880ab4e1 hex strings related explanations 2015-02-09 23:21:38 +01:00
Balazs Bucsay 9891026d30 sleep changed to Rex::sleep 2015-02-09 22:33:41 +01:00
jvazquez-r7 831a1494ac Keep default behavior for modules forcing Msf::Encoder::Type::AlphanumUpper 2015-02-08 18:29:25 -06:00
jvazquez-r7 3e7e9ae99b Keep default behavior for modules forcing Msf::Encoder::Type::AlphanumMixed 2015-02-08 18:22:11 -06:00
jvazquez-r7 87775c6ee4 Fix description 2015-02-06 23:55:27 -06:00
jvazquez-r7 76387eebe0 Use File.open 2015-02-06 21:35:07 -06:00
jvazquez-r7 f6933ed02c Add module for EDB-35948 2015-02-06 11:05:29 -06:00
Tod Beardsley 036cb77dd0 Land #4709, fixed up some datastore mangling 2015-02-05 21:22:38 -06:00
Spencer McIntyre 4e0a62cb3a Land #4664, MS14-070 Server 2003 tcpip.sys priv esc 2015-02-05 18:49:15 -05:00
Spencer McIntyre a359fe9acc Minor fixup on the ms14-070 module description 2015-02-05 18:41:58 -05:00
Spencer McIntyre dc13446536 Forgot to comment ret instruction 2015-02-05 14:09:01 -05:00
Spencer McIntyre 5a39ba32f6 Make the ret instruction for token stealing optional 2015-02-05 14:00:38 -05:00
Spencer McIntyre dabc163076 Modify the shellcode stub to save the process 2015-02-05 13:54:52 -05:00
Tod Beardsley c633c710bc Mostly caps/grammar/spelling, GoodRanking on MBAM 2015-02-05 12:36:47 -06:00
William Vu b43522a2b8 Fix scadapro_cmdexe datastore 2015-02-05 02:54:03 -06:00
William Vu a12d1244b9 Fix zenworks_helplauncher_exec datastore 2015-02-05 02:53:47 -06:00
William Vu 148ffaf55f Fix real_arcade_installerdlg datastore 2015-02-05 02:53:38 -06:00
Spencer McIntyre aebf5056ac Dont compare a string to an integer 2015-02-04 16:55:43 -05:00
Tod Beardsley 47d4acd91d Land #4605, Malwarebytes fake update exploit 2015-02-04 10:28:17 -06:00
Tod Beardsley b5794db973 Spelling 2015-02-03 14:10:47 -06:00
Tod Beardsley edd5ec3b0d Refactor and rename of @sgabe's module 
Renamed because it's not just MBAM, and having malwarebytes in the name
is more memorable anyway.

This refactor's @sgabe's original module to prefer if/else over
unless/else, clearly labelling variables, and wrapping up discrete
functionality into specific methods, and adds an OSVDB and the original
discoverer's URL.
 2015-02-03 14:08:25 -06:00
William Vu d5c61c01f5 Land #4694, uninit Rex::OLE fix 2015-02-02 05:33:40 -06:00
sinn3r 9112e70187 Fix #4693 - Uninit Rex::OLE in MS14-064 exploits 
Fix #4693
 2015-02-02 00:20:34 -06:00
jvazquez-r7 d211488e5d Add Initial version 2015-02-01 19:47:58 -06:00
Balazs Bucsay 64ab11c6ba Add Achat Beta v0.150 RCE for Win7/XPSP3 2015-01-29 23:20:31 +01:00
Jay Smith 6c529f8f6b Addressed feedback from @OJ and @zeroSteiner 2015-01-29 11:57:03 -05:00
Jay Smith 064ca2d02e Updated version checking 2015-01-28 18:25:30 -05:00
sinn3r 0f88d0ad75 Change print_* to vprint_* 
According to our wiki doc, all print_* should be vprint_* for check()
 2015-01-28 15:44:14 -06:00
James Lee 51764eb207 Add a check() for mssql_payload 2015-01-28 13:44:16 -06:00