adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

388 Commits

Author SHA1 Message Date
jvazquez-r7 829b08b2bf Complete authors list 2015-07-07 12:49:54 -05:00
wchen-r7 49effdf3d1 Update description 2015-07-07 12:46:02 -05:00
wchen-r7 d885420aff This changes the version requirement for adobe_flash_hacking_team_uaf.rb 
Because it works for Win 8.1 + IE11 too
 2015-07-07 12:42:56 -05:00
wchen-r7 d30688b116 Add more requirement info 2015-07-07 12:33:47 -05:00
jvazquez-r7 d9aacf2d41 Add module for hacking team flash exploit 2015-07-07 11:19:48 -05:00
William Vu 8892cbdd10 Fix some minor things 2015-07-02 14:32:16 -05:00
Tod Beardsley 95f19e6f1f Minor description edits for clarity 
Edited modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
first landed in #5642, Adobe Flash CVE-2015-3113 Nellymoser Audio
Decoding BOF

Edited modules/post/windows/gather/credentials/enum_laps.rb first landed
in #5590, @Meatballs1 adds MS LAPS Enum post mod

Edited modules/post/windows/gather/enum_ad_bitlocker.rb first landed in
Keys from AD
 2015-07-02 13:51:37 -05:00
jvazquez-r7 3b9ba189f7 Add CVE-2015-3043 information 2015-07-01 19:56:35 -05:00
wchen-r7 93c74efb97 Add Ubuntu as a tested target 2015-07-01 18:43:22 -05:00
jvazquez-r7 ee118aa89d Fix description 2015-07-01 13:30:22 -05:00
jvazquez-r7 1de94a6865 Add module for CVE-2015-3113 2015-07-01 13:13:57 -05:00
Tod Beardsley 31eedbcfa0 Minor cleanups on recent modules 
Edited modules/auxiliary/scanner/http/ms15_034_http_sys_memory_dump.rb
first landed in #5577, MS15-034 HTTP.SYS Information Disclosure

Edited modules/exploits/multi/browser/adobe_flash_shader_drawing_fill.rb
first landed in #5605, CVE-2015-3105 flash exploit

Edited modules/exploits/multi/browser/adobe_flash_shader_job_overflow.rb
first landed in #5559, Adobe Flash Player ShaderJob Buffer Overflow

Edited modules/auxiliary/test/report_auth_info.rb first landed in #5540,
@wchen-r7's changes for multiple auxiliary modules to use the new cred
API
 2015-06-26 12:18:33 -05:00
jvazquez-r7 ee0377ca16 Add module for CVE-2015-3105 2015-06-25 13:35:01 -05:00
wchen-r7 15985e8b4f Land #5559, Adobe Flash Player ShaderJob Buffer Overflow 2015-06-19 10:38:05 -05:00
Tod Beardsley afcb016814 Minor description fixups. 
Edited modules/exploits/multi/browser/adobe_flash_pixel_bender_bof.rb
first landed in #5524, adobe_flash_pixel_bender_bof in flash renderer .
Removed ASCII bullets since those rarely render correctly.

Edited modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb
first landed in #5252, @espreto's module for WordPress Front-end Editor
File Upload Vuln . Fixed up some language usage, camel-cased "WordPress."
 2015-06-18 13:25:39 -05:00
jvazquez-r7 de1542e589 Add module for CVE-2015-3090 2015-06-18 12:36:14 -05:00
jvazquez-r7 8ed13b1d1b Add linux support for CVE-2014-0515 2015-06-11 16:18:50 -05:00
Tod Beardsley 0d979f61ae Minor fixups on newish modules 2015-06-10 11:09:42 -05:00
jvazquez-r7 318f67fcda update descriptions 2015-06-05 09:01:20 -05:00
wchen-r7 71a8487091 Correct Flash version in the module description 
There is no 11.2.202.404, mang.
 2015-06-04 23:46:41 -05:00
jvazquez-r7 02181addc5 Update CVE-2014-0556 2015-06-04 18:23:50 -05:00
wchen-r7 23df66bf3a Land #5481, no powershell. exec shellcode from the renderer process. 2015-06-04 15:45:09 -05:00
jvazquez-r7 ab68d8429b Add more targets 2015-06-04 12:11:53 -05:00
jvazquez-r7 80cb70cacf Add support for Windows 8.1/Firefox 2015-06-03 22:46:04 -05:00
jvazquez-r7 74117a7a52 Allow to execute payload from the flash renderer 2015-06-03 16:33:41 -05:00
wchen-r7 2a260f0689 Update description 2015-05-28 15:18:05 -05:00
jvazquez-r7 e5d42850c1 Add support for Linux to CVE-2015-0336 2015-05-27 17:05:10 -05:00
Tod Beardsley 95b5ff6bea Minor fixups on recent modules. 
Edited modules/auxiliary/admin/http/netgear_soap_password_extractor.rb
first landed in #5301, @m-1-k-3's aux module to extract passwords from
Netgear soap interfaces

Edited modules/auxiliary/scanner/http/influxdb_enum.rb first landed in

Edited modules/auxiliary/scanner/http/title.rb first landed in #5333,
HTML Title Grabber

Edited modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
first landed in #5401, multi-platform CVE-2015-0311 - Flash uncompress()
UAF

Edited modules/exploits/unix/webapp/wp_revslider_upload_execute.rb first
landed in #5290, Wordpress RevSlider Module
 2015-05-26 17:00:10 -05:00
jvazquez-r7 b9f9647ab1 Use all the BES power 2015-05-21 14:06:41 -05:00
jvazquez-r7 aa919da84d Add the multiplatform exploit 2015-05-20 18:57:59 -05:00
joev db999d2c62 Remove ff 31-34 exploit from autopwn, requires interaction. 2015-05-03 10:42:21 -05:00
jvazquez-r7 ab94f15a60 Take care of modules using the 'DEBUG' option 2015-04-21 12:13:40 -05:00
jvazquez-r7 4224008709 Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
root cd65e6f282 Add browser_autopwn info to firefox_proxy_prototype 2015-04-06 10:42:32 +05:00
Tod Beardsley 21a97c0926 Add exploit for R7-2015-04, Firefox Proxy RCE 2015-03-23 13:44:41 -05:00
William Vu 3075c56064 Fix "response HTML" message 
In modules/exploits/multi/browser/firefox_xpi_bootstrapped_addon.rb.
 2015-03-07 17:08:08 -06:00
Joe Vennix 0bf3a9cd55 Fix duplicate :ua_maxver key. 2014-12-22 14:57:44 -06:00
URI Assassin 35d3bbf74d Fix up comment splats with the correct URI 
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
 2014-10-17 11:47:33 -05:00
James Lee a65ee6cf30 Land #3373, recog 
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
 2014-10-03 18:05:58 -05:00
HD Moore bfadfda581 Fix typo on match string for opera_configoverwrite 2014-09-29 15:34:35 -05:00
Joe Vennix d9e6f2896f Add the JSObfu mixin to a lot of places. 2014-09-21 23:45:59 -05:00
sinn3r 85b48fd437 Land #3736 - Revert initial ff xpi prompt bypass for Firefox 22-27 2014-09-04 16:08:15 -05:00
Joe Vennix f7617183d9 Revert "Add initial firefox xpi prompt bypass." 
This reverts commit ebcf972c08.
 2014-09-02 12:27:41 -05:00
Joe Vennix 26cfed6c6a Rename exploit module. 2014-08-26 23:05:41 -05:00
Joe Vennix 96276aa6fa Get the disclosure date right. 2014-08-26 20:36:58 -05:00
Joe Vennix 52f33128cd Add Firefox WebIDL Javascript exploit. 
Also removes an incorrect reference from another FF exploit.
 2014-08-26 20:35:17 -05:00
sinn3r e2e2dfc6a3 Undo FF 2014-08-19 17:47:44 -05:00
joev b93fda5cef Remove browser_autopwn hook from deprecated FF module. 2014-08-18 15:33:43 -05:00
joev 87aa63de6e Deprecate FF17 SVG exploit. 
This exploit needs flash, the tostring_console injection one does not.
 2014-08-18 15:32:51 -05:00
HD Moore 6d92d701d7 Merge feature/recog into post-electro master for this PR 2014-08-16 01:19:08 -05:00