adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

6361 Commits

Author SHA1 Message Date
jvazquez-r7 357a3929a3 Trying to report more accurate status 2015-06-19 09:51:36 -05:00
wchen-r7 7e91121afc Change to Metasploit::Model::Login::Status::SUCCESSFUL 2015-06-18 23:44:45 -05:00
g0tmi1k 0b55a889d3 persistence - better ruby/msf fu 2015-06-18 21:10:16 +01:00
wchen-r7 13a3f2781d Change ExcellentRanking to GoodRanking for MS14-064 
The ms14_064_ole_code_execution exploit's ranking is being lowered
to GoodRanking because of these two reasons:

1. The vulnerable component isn't in Internet Explorer. And BES can't
   check it so the exploit still fires even if the target is patched.
2. Although rare, we've seen the exploit crashing IE, and since this
   is a memory curruption type of bug, it should not be in Excellent
   ranking anyway.
 2015-06-18 13:07:44 -05:00
g0tmi1k a3debe1621 persistence - more options, more verbose 
...and less bugs!

+ Able to define the EXE payload filename
+ Able to setup a handler job
+ Able to execute persistence payload after installing
+ Performs various checks (should be more stable now)
+ Will display various warnings if your doing something 'different'
+ Added various verbose messages during the process
 2015-06-17 13:57:06 +01:00
William Vu 8d640a0c8f Land #5527, multi/handler -> exploit/multi/handler 2015-06-15 10:23:26 -05:00
wchen-r7 17b8ddc68a Land #5524, adobe_flash_pixel_bender_bof in flash renderer 2015-06-15 02:42:16 -05:00
0xFFFFFF c7cda25582 Empty lines removed at line 624 and line 721. 
Empty lines removed at line 624 and line 721.
 2015-06-13 14:54:10 +01:00
0xFFFFFF 7f0e334d78 Added Windows 2003 SP1 & SP2 French targets 
msf exploit(ms08_067_netap) > show targets 

Exploit targets:

   Id  Name
   --  ----
   0   Automatic Targeting
   1   Windows 2000 Universal
   2   Windows XP SP0/SP1 Universal
   3   Windows 2003 SP0 Universal
   4   Windows XP SP2 English (AlwaysOn NX)
   [...]
   62  Windows 2003 SP1 French (NX)
   63  Windows 2003 SP2 English (NO NX)
   [...]
   71  Windows 2003 SP2 French (NO NX)
   72  Windows 2003 SP2 French (NX)
 2015-06-13 13:30:02 +01:00
g0tmi1k a53ca53a6a Fix inconstancy - multi/handler 2015-06-12 21:23:51 +01:00
jvazquez-r7 8ed13b1d1b Add linux support for CVE-2014-0515 2015-06-11 16:18:50 -05:00
wchen-r7 ae21b0c260 Land #5523, adobe_flash_domain_memory_uaf in the flash renderer 2015-06-10 16:59:19 -05:00
wchen-r7 4c5b1fbcef Land #5522, adobe_flash_worker_byte_array_uaf in the flash renderer 2015-06-10 14:49:41 -05:00
jvazquez-r7 6c7ee10520 Update to use the new flash Exploiter 2015-06-10 13:52:43 -05:00
wchen-r7 d622c782ef Land #5519, adobe_flash_uncompress_zlib_uninitialized in the flash renderer 2015-06-10 11:52:47 -05:00
jvazquez-r7 fb531d0069 Update version coverage 2015-06-10 09:38:00 -05:00
jvazquez-r7 a6fe383852 Use AS Exploiter 2015-06-10 09:32:52 -05:00
jvazquez-r7 e5d6c9a3cb Make last code cleanup 2015-06-09 16:01:57 -05:00
jvazquez-r7 cf8c6b510b Debug version working 2015-06-09 15:46:21 -05:00
jvazquez-r7 b7f0fad72f Modify CVE-2014-0569 to use the flash exploitation code 2015-06-09 11:31:39 -05:00
wchen-r7 ee13a215e9 Merge branch 'upstream-master' into bapv2 2015-06-05 14:09:07 -05:00
jvazquez-r7 318f67fcda update descriptions 2015-06-05 09:01:20 -05:00
wchen-r7 69968fc9f1 Merge branch 'upstream-master' into bapv2 2015-06-04 23:36:24 -05:00
jvazquez-r7 02181addc5 Update CVE-2014-0556 2015-06-04 18:23:50 -05:00
wchen-r7 be709ba370 Merge branch 'upstream-master' into bapv2 2015-06-04 10:33:07 -05:00
wchen-r7 78e4677bb1 Oops it blew up 2015-06-03 20:10:01 -05:00
wchen-r7 a0aa6135c5 Update ca_arcserve_rpc_authbypass to use the new cred API 2015-06-03 20:02:07 -05:00
OJ a6467f49ec Update description 2015-06-03 22:17:25 +10:00
OJ 455a3b6b9d Add butchered version of CVE-2015-1701 2015-06-03 21:48:23 +10:00
James Lee d03ee5667b Remove assigned but unused local vars 2015-06-01 16:45:36 -05:00
James Lee 7133f0a68e Fix typo in author's name 2015-06-01 16:45:09 -05:00
wchen-r7 e83677d29d rm deprecated mod 2015-05-29 17:43:26 -05:00
wchen-r7 13779adab4 Merge branch 'upstream-master' into bapv2 2015-05-29 14:59:04 -05:00
wchen-r7 6be363d82a Merge branch 'upstream-master' into bapv2 2015-05-29 14:58:38 -05:00
jvazquez-r7 8c7d41c50c Land #5426, @wchen-r7's adds more restriction on Windows 7 target for MS14-064 2015-05-29 14:35:44 -05:00
wchen-r7 c3fa52f443 Update description 2015-05-29 13:47:20 -05:00
jvazquez-r7 e9714bfc82 Solve conflics 2015-05-27 23:22:00 -05:00
wchen-r7 bcdae5fa1a Forgot to add the datastore option 2015-05-27 18:12:38 -05:00
wchen-r7 4f0e908c8b Never mind, Vista doesn't have powershell. 2015-05-27 18:08:58 -05:00
wchen-r7 d43706b65e It doesn't look like Vista shows the powershell prompt 2015-05-27 18:04:35 -05:00
wchen-r7 53774fed56 Be more strict with Win 7 for MS14-064 
The Powershell prompt can cause BAP to hang so we need to be more
strict about that.
 2015-05-27 18:01:40 -05:00
jvazquez-r7 e5d42850c1 Add support for Linux to CVE-2015-0336 2015-05-27 17:05:10 -05:00
wchen-r7 60cdf71e6c Merge branch 'upstream-master' into bapv2 2015-05-26 15:56:48 -05:00
jvazquez-r7 5bceeb4f27 Land #5349, @h0ng10's module for CVE-2015-2219 Lenovo System Update Local Privilege Escalation 2015-05-22 17:14:20 -05:00
wchen-r7 9600f6a30a rm deprecated exploit 2015-05-22 17:14:08 -05:00
wchen-r7 eb5aadfb4e Land #5401, multi-platform CVE-2015-0311 - Flash uncompress() UAF 2015-05-22 16:50:13 -05:00
jvazquez-r7 3aa1ffb4f5 Do minor code cleanup 2015-05-22 16:20:36 -05:00
jvazquez-r7 03b70e3714 Land #5388, @wchen-r7's fixes #5373 by add info to BrowserRequiements 2015-05-22 10:21:59 -05:00
jvazquez-r7 6da94b1dd5 Deprecate windows module 2015-05-21 15:01:41 -05:00
wchen-r7 2cadd5e658 Resolve #5373, Add ActiveX info in BrowserRequirements 
Resolve #5373
 2015-05-20 16:34:09 -05:00