8489bcdfd9
This fixes broken links to the community.rapid7.com blog
...
Performed mechanically with sed, spot-checked that the new blog can consume these links.
2020-02-18 09:06:11 -06:00
22a75c7bee
Revert "Fix style"
...
This reverts commit 9f81aeb4ad
2020-02-04 10:10:46 -06:00
7b14442ab0
replace strings with bools
2020-01-14 20:47:27 -05:00
3b2a54a599
add aka to some modules
2019-12-10 09:53:13 -05:00
32334c2386
Update all module splats from http:// to https://
2019-08-15 18:10:44 -05:00
a0e90c0848
Remove references to doc.microsoft.com bulletin
...
MSB references point to this location
2019-05-23 07:01:21 -05:00
94f904311b
Fix broken links mostly to Microsoft website
2019-05-16 09:50:19 +02:00
2242c1f758
prefer File.binread for reading binary file contents
2019-04-24 05:43:28 -05:00
521277691e
Allow users to add other files for realism.
...
Update docs to reflect this change.
2019-04-18 04:07:46 +08:00
6676dcb2ec
Allow user to use a file of their own choosing.
...
Updates to documentation and some comments in the module.
2019-04-17 00:18:27 +08:00
6c798221fb
Module for CVE-2018-20250 and documentation
2019-04-16 02:21:25 +08:00
94785dabbb
Renamed module from 'microsoft_windows_contact_remote_code_execution' to 'microsoft_windows_contact'
2019-04-10 17:17:50 -05:00
62bf38d530
Simplified user options, recreated CONTACT template from a clean file
2019-04-10 17:14:04 -05:00
e733d225b6
microsoft_windows_contact_remote_code_execution
2019-03-31 11:12:09 -05:00
c5bff76dc7
Cosmetic changes for office_exel_slk module and documentation
2019-02-11 12:37:17 -06:00
18afc8f546
Bring PR 11249 up to date with upstream master
2019-02-11 12:19:21 -06:00
2d1cecd4d5
Fix request pattern matching
2019-01-23 13:39:52 -05:00
47fd066a29
Msftidy
2019-01-22 21:06:11 -05:00
1f56bccf31
Small improvements from review
2019-01-22 20:46:28 -05:00
1121ce1127
Change default filename to random
2019-01-17 20:12:53 -05:00
8cd26b74d7
Please msftidy gods
2019-01-13 19:22:51 -05:00
171d46db9b
Add disclosure date, more references, and authors
2019-01-13 19:11:05 -05:00
89e8ff9c80
Update office_excel_slk.rb
2019-01-13 18:08:51 -05:00
d88d1d0f1d
Create office_excel_slk.rb
2019-01-13 17:31:34 -05:00
24f807490f
revisionism
2019-01-10 19:19:14 +00:00
165f082160
Fix syntax, minor edits
2018-12-11 07:55:20 -06:00
1bc024eaa7
Update cyberlink_lpp_bof.rb
...
Update includes all suggestions and new targets (Win8.1 x64 and Win10 x64)
2018-12-05 14:53:10 +07:00
a4c3b8edc7
Add CyberLink LabelPrint < 2.5 - Local Buffer Overflow (SEH Unicode)
...
Add CyberLink LabelPrint < 2.5 - Local Buffer Overflow (SEH Unicode)
2018-11-29 20:20:05 +07:00
90b9204703
Update DisclosureDate to ISO 8601 in my modules
...
Basic msftidy fixer:
diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb
index 9a21b9e398..e9ff2b21e5 100755
--- a/tools/dev/msftidy.rb
+++ b/tools/dev/msftidy.rb
@@ -442,6 +442,8 @@ class Msftidy
# Check disclosure date format
if @source =~ /["']DisclosureDate["'].*\=\>[\x0d\x20]*['\"](.+?)['\"]/
d = $1 #Captured date
+ File.write(@full_filepath, @source.sub(d, Date.parse(d).to_s))
+ fixed('Probably updated traditional DisclosureDate to ISO 8601')
# Flag if overall format is wrong
if d =~ /^... (?:\d{1,2},? )?\d{4}$/
# Flag if month format is wrong
2018-11-16 12:18:28 -06:00
caf76a6555
Add applicable notes to my exploit modules
2018-10-27 20:54:14 -04:00
50a7ee5e6a
Minor modifications
2018-10-10 12:22:47 -05:00
796579e265
Use fail_with
2018-10-10 11:24:16 -05:00
4beb434054
Default Payloads
...
exploit:vlc_mkv default target payloads
2018-10-10 11:23:17 -05:00
1cb8418b2d
Filename options
...
exploit:vlc_mkv overwrite fileformat filename method
to supply options
2018-10-09 21:15:10 -05:00
94f260f289
exploit rand_text
...
exploit:vlc_mkv use rand_text functions defined in exploit.rb
2018-10-09 21:15:05 -05:00
e07da5c518
EDB Ref Fix
...
exploit:vlc_mkv
2018-10-09 20:57:44 -05:00
af594f6744
Merge in master
2018-10-09 12:56:31 -05:00
d9cb052189
Fix improper use of the Ruby shovel operator (<<)
...
junk would be modified and returned, and we just want to return the
concatenated string. Practically doesn't matter, but it's incorrect.
This was my first public module. I've been wanting to fix this since.
I'm noticing it again now as I look for how I used Ret in a target.
2018-10-05 02:18:06 -05:00
060c68d2e0
Aligment, minor modifications
2018-10-04 10:10:09 -05:00
144c76ecd4
Latest fix based on @jrobles-r7 recommendations
...
Fixing:
- MetasploitModule class changed
- Remove the word 'exploit' from name
- Remove StackAdjustment
- Remove Privileged option
- Remove make_nops(12)
- Remove extra buffer at the end of exploit
2018-10-04 16:18:02 +07:00
991ac3c671
Fixing for msftidy
...
Fixing some format because still throw errors
2018-10-03 18:55:29 +07:00
cb5d68b641
Fixing based on msftidy.rb
...
Makes msftidy happy
2018-10-03 17:13:24 +07:00
ff560ee990
Add test for Zahir 0day exploit
...
Add test for Zahir 0day exploit, need to test more e.g. VirtualBox or Physical machines.
2018-09-29 18:59:14 +07:00
4c036e70c1
Fix http://seclists.org links to https://
...
I have no idea how this happened in my own code. I was seeing https://.
2018-09-15 18:54:45 -05:00
254e8b9fd0
Cleanup for foxit_reader_uaf
2018-09-05 21:47:57 -05:00
55bf6e5dd4
removed require in erb file
2018-09-05 18:09:29 -05:00
6a3a4de289
included path to erb, removed multiline pdf string
2018-09-05 14:09:10 -05:00
953bafc7e7
Land #10545 , foxit fix generated strings, update doc
2018-08-30 05:55:44 -05:00
d5ad683ba6
More doc updates
2018-08-29 10:59:36 -05:00
086ec5bdfb
Fix generated strings in pdf
2018-08-29 06:24:20 -05:00
Brent Cook