5398bf78eb
change exitfunc to thread
2015-09-01 10:46:54 +02:00
3e613dc333
change exitfunc to thread
2015-09-01 10:43:45 +02:00
648c034d17
change exitfunc to thread
2015-09-01 10:42:15 +02:00
1b4f4fd225
remove url reference
2015-08-27 19:47:37 +08:00
da4b360202
Fix typo
2015-08-26 15:29:34 -05:00
5d0ed797a3
Update DLL
2015-08-26 15:15:32 -05:00
dd529013f6
Update ruby side
2015-08-26 15:12:09 -05:00
b1ef560264
Merge payload_inject 64-bit inject fix from @Meatballs1
2015-08-24 09:26:00 -05:00
03b1ad7491
add reference info
2015-08-24 11:18:26 +08:00
73cb1383d2
amend banner info for check
2015-08-24 10:55:43 +08:00
1c91b126f1
X64 compat for payload_inject
2015-08-23 22:03:57 +01:00
228087dced
Initial working scripthost bypass uac
2015-08-23 20:16:15 +01:00
7587319602
run rubocop & msftidy
2015-08-23 23:32:30 +08:00
a5daa5c9be
added module descriptions
2015-08-23 23:12:41 +08:00
91a7531af8
konica minolta ftp server post auth cwd command exploit
2015-08-23 21:49:26 +08:00
45c7e4760a
Support x64 payloads
2015-08-20 02:09:58 -05:00
42e08cbe07
Fix bad use of get_profile (now browser_profile)
2015-08-14 19:50:42 -05:00
c02df6b39d
Land #5800 , @bperry's Symantec Endpoint Protection Manager RCE module
2015-08-14 17:03:48 -05:00
b33abd72ce
Complete description
2015-08-14 17:03:21 -05:00
4aa3be7ba2
Do ruby fixing and use FileDropper
2015-08-14 17:00:27 -05:00
33f1324fa9
Land #5813 , @jakxx adds VideoCharge SEH file exploit
2015-08-13 18:01:25 -04:00
e9d3289c23
EXITFUNC caps
2015-08-13 17:25:31 -04:00
6e1c714b2b
Update to leverage auto-NOP generation
2015-08-13 17:24:18 -04:00
361624161b
msftidy
2015-08-13 16:27:27 -04:00
03eb2d71b2
Add watermark fileformat exploit
2015-08-13 16:26:17 -04:00
02c6ea31bb
Use the more recent HD version as default target
2015-08-13 14:42:21 -05:00
80a22412d9
use EXITFUNC instead of ExitFunction
2015-08-13 21:22:32 +02:00
bb4116ed9d
Avoid msftidy.rb rule breaking on missing newline
2015-08-13 12:38:05 -05:00
e7566d6aee
Adding print_status line
2015-08-12 16:08:04 -04:00
979d7e6be3
improve module
2015-08-12 15:37:37 +02:00
2b225b2e7e
Added changes per feedback
...
Updated to include and use seh mixin
changed offset and space for reliability
got rand_text buffer junk working
removed double spaces and stupid fillers in file data
2015-08-12 01:34:45 -04:00
4c28cae5d1
updated to include recommendation from @zerosteiner
2015-08-10 18:38:23 -04:00
23f51bf265
specify junk data
2015-08-07 18:04:11 -04:00
28ad0fccbd
Added VideoCharge Studio File Format Exploit
2015-08-07 15:54:32 -04:00
74ed8cf0c9
actually that didn't work
2015-08-02 18:57:13 -05:00
06754c36a4
unless, not if not
2015-08-02 18:51:23 -05:00
527eaea6ec
single quotes and some error handling
2015-08-02 18:25:17 -05:00
a33724667c
small code cleanup
2015-08-02 16:36:41 -05:00
830aee8aa5
check if cookie is actually returned, and if not, fail
2015-08-02 15:22:40 -05:00
a534008ba6
add some status lines
2015-08-02 15:03:59 -05:00
fe20bc88ad
remove badchars
2015-08-02 11:37:06 -05:00
f7ceec36d0
set default RPORT and SSL
2015-08-02 08:59:36 -05:00
a33dff637d
exploit cve 2015-1489 to get SYSTEM
2015-08-02 08:31:03 -05:00
12ac6d81fa
add markus as the discoverer specifically
2015-08-02 08:17:12 -05:00
e70ec8c07b
no need to store res for the later requests
2015-08-01 18:00:35 -05:00
272d75e437
check res before calling get_cookies
2015-08-01 17:58:41 -05:00
6f31183904
Fix VSS Persistance to check integrity level
2015-08-01 23:13:05 +01:00
47e86000ee
randomize the file names
2015-08-01 16:50:06 -05:00
2bfc8e59be
remove printline
2015-08-01 16:43:31 -05:00
0067d25180
add the sepm auth bypass rce module
2015-08-01 16:40:03 -05:00
Christian Mehlmauer