adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,254 Commits 27 Branches 1,043 Tags
94de5a4e42cfb1dc0fdfc1233707f71b6d9a628b
Commit Graph

11200 Commits

Author SHA1 Message Date
sinn3r 9043eeda66 A slight change for stability 
While updating ie_cgenericelement_uaf earlier today, I noticed the
changes made it a tiny bit less stable. Juan's test log in #1809
also kinda shows that (with the first attempt failing), so I decided
to go back and move the string crafting part, that way between
CollectGarbage() and the overwrite, there is less noise, and hopefully
more stable.  I did a few tests, seems better.
 2013-05-08 20:02:55 -05:00
jvazquez-r7 866fa167ab Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-08 16:29:52 -05:00
jvazquez-r7 bdd2287daf Land #1809, @wchen-r7's modification for ie_cgenericelement_uaf 2013-05-08 16:21:11 -05:00
sinn3r 9a1400a75b Forgot to remove this print_warning 2013-05-08 15:44:04 -05:00
sinn3r 075f6e8d45 Updates ROP chain and mstime_malloc usage 2013-05-08 15:42:45 -05:00
sinn3r c7609ac7d1 Initial update 2013-05-08 14:24:52 -05:00
jvazquez-r7 1aa80cd35e Add module for CVE-2013-0726 2013-05-08 13:48:48 -05:00
jvazquez-r7 e939de583c Clean up and multi platform support for sap_soap_rfc_sxpg_command_exec 2013-05-07 22:46:39 -05:00
jvazquez-r7 5f59d9f723 Move sap_soap_rfc_sxpg_command_exec to multi dir 2013-05-07 22:46:04 -05:00
jvazquez-r7 ab60e0bfb7 Fix print message 2013-05-07 22:41:15 -05:00
jvazquez-r7 24bad9c15c Clean up sap_soap_rfc_sxpg_call_system_exec and make it multi platform 2013-05-07 17:03:10 -05:00
jvazquez-r7 76f6d9f130 Move module to multi-platform location 2013-05-07 17:01:56 -05:00
Rob Fuller 71c68d09c1 Allow user ability to set filename for psexec service binary 
This should probably be higher up for all
generate_payload_exe but would take a major edit
 2013-05-07 15:26:22 -03:00
jvazquez-r7 bcdad23559 up to date 2013-05-06 23:09:32 -05:00
jvazquez-r7 0fa65a6802 Merge branch 'sap_soap_rfc_sxpg_command_exec' of https://github.com/nmonkee/metasploit-framework 2013-05-06 18:50:31 -05:00
m-1-k-3 09bf23f4d6 linksys wrt160n tftp download module 2013-05-06 16:18:15 +02:00
m-1-k-3 22d850533a dir615 down and exec exploit 2013-05-06 15:33:45 +02:00
jvazquez-r7 425a16c511 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-05 22:00:07 -05:00
Tod Beardsley 8239998ada Typo on URL for #1797. Thx @Meatballs1 2013-05-05 12:26:06 -05:00
Tod Beardsley c9ea7e250e Fix disclosure date, ref for #1897 2013-05-05 12:13:02 -05:00
sinn3r a33510e821 Add MS IE8 DoL 0day exploit (CVE-2013-1347) 
This module exploits a use-after-free vuln in IE 8, used in the
Department of Labor attack.
 2013-05-05 12:04:17 -05:00
jvazquez-r7 2384f34ada Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-03 15:39:16 -05:00
jvazquez-r7 13202a3273 Add OSVDB reference 2013-05-03 09:46:29 -05:00
jvazquez-r7 a95de101e7 Delete extra line 2013-05-02 22:04:27 -05:00
jvazquez-r7 6210b42912 Port EDB 25141 to msf 2013-05-02 22:00:43 -05:00
jvazquez-r7 796f7a39ac Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-05-02 20:04:48 -05:00
jvazquez-r7 a2e1fbe7a9 Make msftidy happy 2013-05-02 19:46:26 -05:00
sinn3r eb23b5feeb Forgot to remove function ie8_smil. Don't need this anymore. 2013-05-02 14:04:15 -05:00
sinn3r 329e8228d1 Uses js_mstime_malloc to do the no-spray technique 2013-05-02 14:00:15 -05:00
jvazquez-r7 a7e4ba5015 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-30 08:32:24 -05:00
Tod Beardsley 60e0cfb17b Trivial description cleanup 2013-04-29 14:11:20 -05:00
jvazquez-r7 a4632b773a Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-04-28 12:59:16 -05:00
sinn3r 1d9a695d2b Landing #1772 - Adds phpMyadmin Preg_Replace module (CVE-2013-3238) 
[Closes #1772]
 2013-04-28 12:17:16 -05:00
Meatballs 05426cb61b Fix dir creation 2013-04-27 21:39:29 +01:00
Meatballs 8bfaa41723 Fix x64 dll creation 2013-04-27 20:44:46 +01:00
Meatballs ccb630eca2 Whitespace and change default user 2013-04-27 10:39:27 +01:00
Meatballs 209188bc22 Add refs and use targeturi 2013-04-27 10:35:49 +01:00
Meatballs 3ac041386b Add php version to check 2013-04-26 23:59:49 +01:00
Meatballs e25fdebd8d Add php version to check 2013-04-26 23:58:08 +01:00
Meatballs cd842df3e2 Correct phpMyAdmin 2013-04-26 23:38:27 +01:00
Meatballs 6bb2af7cee Add pma url 2013-04-26 23:37:26 +01:00
sinn3r 6821c360b6 Landing #1761 - Adds Wordpress Total Cache module 
[Closes #1761]
 2013-04-26 16:08:04 -05:00
sinn3r 6c76bee02f Trying to make the description sound smoother 2013-04-26 16:02:28 -05:00
James Lee a0c1b6d1ce Clear out PMA's error handler 
* Add an error_handler function that just returns true. This prevents eventual
  ENOMEM errors and segfaults like these:
    [Fri Apr 26 15:01:00 2013] [error] [client 127.0.0.1] PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted (tried to allocate 44659282 bytes) in /home/egypt/repo/phpmyadmin/libraries/Error.class.php on line 156
    [Fri Apr 26 15:01:16 2013] [notice] child pid 7347 exit signal Segmentation fault (11)
* clean up some whitespace
 2013-04-26 15:25:09 -05:00
Meatballs 1f2cab7aef Tidyup and getcookies 2013-04-26 20:26:04 +01:00
Meatballs 0901d00da5 Remove redundant pay opts 2013-04-26 19:26:29 +01:00
Meatballs a17d61897d Change to send_rq_cgi 2013-04-26 19:19:11 +01:00
Meatballs 54233e9fba Better entropy 2013-04-26 17:46:43 +01:00
Meatballs c8da13cfa0 Add some entropy in request 2013-04-26 17:34:17 +01:00
Meatballs a043d3b456 Fix auth check and cookie handling 2013-04-26 17:10:24 +01:00