adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,583 Commits 27 Branches 1,043 Tags
a772bc2c854fc65b1afddeadeca52cf21bb2d813
Commit Graph

290 Commits

Author SHA1 Message Date
Joshua Drake fde3fbb2e3 add exploit module for cve-2009-1569 
git-svn-id: file:///home/svn/framework3/trunk@8339 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-01 03:56:02 +00:00
Joshua Drake c073cd707a removed unecessary parameter, commented target 
git-svn-id: file:///home/svn/framework3/trunk@8338 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-01 03:33:38 +00:00
Joshua Drake 2783c5884e add exploit module for cve-2009-1568 
git-svn-id: file:///home/svn/framework3/trunk@8336 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-01 02:40:47 +00:00
Joshua Drake 4751d83cb8 some cleanups, added some CVE references 
git-svn-id: file:///home/svn/framework3/trunk@8304 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 20:15:32 +00:00
Joshua Drake d9e5de5683 note the CLSID of this control 
git-svn-id: file:///home/svn/framework3/trunk@8302 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 19:17:50 +00:00
Joshua Drake 31949c4343 svn keywords fixups 
fixed a bunch of $Id$ and $Revision$ typos
added keywords property to files missing it



git-svn-id: file:///home/svn/framework3/trunk@8242 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-26 20:12:13 +00:00
Joshua Drake 83f47796fe add reference to ms09-032 (the mitigation) 
git-svn-id: file:///home/svn/framework3/trunk@8212 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-24 00:05:19 +00:00
Joshua Drake 409d44bfad fix another typo 
git-svn-id: file:///home/svn/framework3/trunk@8190 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 19:26:04 +00:00
Joshua Drake 9cb3ac9340 fix typo 
git-svn-id: file:///home/svn/framework3/trunk@8189 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 19:24:54 +00:00
Joshua Drake ab1a1c58db escape more format specifiers passed to util.printd 
prevents mucking with the allocation size (hopefully)
a better solution would be to find a different way to allocate the freed memory..


git-svn-id: file:///home/svn/framework3/trunk@8188 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 18:32:01 +00:00
Joshua Drake a87d4e7eb4 escape randomly generated format specifiers passed to util.printd 
prevents mucking with the allocation size (hopefully)


git-svn-id: file:///home/svn/framework3/trunk@8186 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 17:09:46 +00:00
Joshua Drake 2b8a2d56a1 some variable renaming 
git-svn-id: file:///home/svn/framework3/trunk@8184 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-21 04:55:16 +00:00
James Lee bbe10b439f let the user know when a client connects 
git-svn-id: file:///home/svn/framework3/trunk@8140 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-16 01:00:01 +00:00
HD Moore 69f609bdcd Updated description to make the source of the exploit clear and why it only triggers reliably vs 6 now. Adjusts the heap spray to be slightly bigger 
git-svn-id: file:///home/svn/framework3/trunk@8138 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-16 00:55:42 +00:00
Steve Tornio a0326fc842 add CVE and OSVDB refs 
git-svn-id: file:///home/svn/framework3/trunk@8137 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-15 22:05:02 +00:00
HD Moore 579a6fe799 Metasploit port of the IE "Aurora" exploit, based on this sample: http://wepawet.iseclab.org/view.php?hash=1aea206aa64ebeabb07237f1e2230d0f&type=js 
git-svn-id: file:///home/svn/framework3/trunk@8136 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-15 21:36:04 +00:00
Joshua Drake fba8a1d110 added a German target with 0x0a0a0a0a as the spray addr 
git-svn-id: file:///home/svn/framework3/trunk@8125 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-14 22:24:56 +00:00
James Lee 3c6cbbc47e make sure IE service packs don't throw off the version comparison 
git-svn-id: file:///home/svn/framework3/trunk@8049 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-31 21:24:00 +00:00
Joshua Drake 2283e029db crossing fingers, big cr removal batch 
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-30 22:24:22 +00:00
Joshua Drake 19d32b6c97 add jabra to author list 
git-svn-id: file:///home/svn/framework3/trunk@7931 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-21 17:01:12 +00:00
Steve Tornio 544efd879b Add OSVDB references 
git-svn-id: file:///home/svn/framework3/trunk@7929 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-21 11:53:20 +00:00
Joshua Drake 47ef693b77 add CVE references! 
git-svn-id: file:///home/svn/framework3/trunk@7928 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-21 09:38:42 +00:00
HD Moore be42efdd1b Update the PDF modules to work on a wider range of versions 
git-svn-id: file:///home/svn/framework3/trunk@7917 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-19 01:02:32 +00:00
James Lee 82d84605e4 advisory says it should work against 5.5, but this module causes js syntax errors, so only run it on 6 
git-svn-id: file:///home/svn/framework3/trunk@7914 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-18 19:38:52 +00:00
HD Moore f2ec7795e2 Reliability improvement for the Acrobat bug - use the lame old 0x0c0c0c0c, but this works on the widest range of versions 
git-svn-id: file:///home/svn/framework3/trunk@7907 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-17 14:43:05 +00:00
Joshua Drake 026924c9b6 fixed sync issues between browser/fileformat modules 
git-svn-id: file:///home/svn/framework3/trunk@7902 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-17 05:19:30 +00:00
Joshua Drake 2baa4a1efa port changes from Lurene to browser version 
git-svn-id: file:///home/svn/framework3/trunk@7901 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-17 05:16:35 +00:00
Joshua Drake e563e91d35 added browser versions of yesterdays adobe pdf exploits from jabra 
git-svn-id: file:///home/svn/framework3/trunk@7894 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-16 20:37:57 +00:00
James Lee 2570fcee15 get rid of some more ^Ms 
git-svn-id: file:///home/svn/framework3/trunk@7880 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-15 18:47:29 +00:00
James Lee 196ee82179 bye-bye crlf 
git-svn-id: file:///home/svn/framework3/trunk@7878 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-15 18:13:27 +00:00
Joshua Drake 1813a0fb9a updated technique 
git-svn-id: file:///home/svn/framework3/trunk@7867 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-15 00:32:07 +00:00
Mario Ceballos c799df8559 target is no good. offsets change on different installs. 
git-svn-id: file:///home/svn/framework3/trunk@7864 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 23:07:21 +00:00
Joshua Drake 88b9ee18af clarified some version info 
git-svn-id: file:///home/svn/framework3/trunk@7863 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 23:01:34 +00:00
Joshua Drake 8317b69aca corrected disclosure date 
git-svn-id: file:///home/svn/framework3/trunk@7860 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 22:44:37 +00:00
Joshua Drake 2524840348 renamed, new targets, now using seh... 
git-svn-id: file:///home/svn/framework3/trunk@7859 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 22:40:56 +00:00
Mario Ceballos 3ac51c7396 added exploit module symantec_altirisdeployment_runcmd.rb. 
git-svn-id: file:///home/svn/framework3/trunk@7821 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-11 02:36:01 +00:00
HD Moore 3c08bc0c80 Rename and reference update from the microsoft patch 
git-svn-id: file:///home/svn/framework3/trunk@7775 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-09 15:06:26 +00:00
Joshua Drake 87c85b5176 removed executable generation routines from Rex::Text (use Msf::Util::EXE), Fixes #660 
git-svn-id: file:///home/svn/framework3/trunk@7760 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-08 21:24:45 +00:00
Joshua Drake 0961ce3523 add exploit module for cve-2009-3693 
git-svn-id: file:///home/svn/framework3/trunk@7749 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-08 03:08:46 +00:00
Joshua Drake ff83f1cd2f add ranking to every exploit module, pfew! 
git-svn-id: file:///home/svn/framework3/trunk@7724 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-06 05:50:37 +00:00
Joshua Drake 2cf9c3ce2b revision fixups 
git-svn-id: file:///home/svn/framework3/trunk@7723 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-06 05:16:11 +00:00
Joshua Drake 17249f29d3 cve roulette also cve-2009-4054 
git-svn-id: file:///home/svn/framework3/trunk@7722 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-06 05:00:06 +00:00
HD Moore 927563c135 Correct some assumptions about client-side exploit signature development, remove the prepend since we dont use .net anymore 
git-svn-id: file:///home/svn/framework3/trunk@7616 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 21:18:26 +00:00
Joshua Drake a4dd52543c removed .net dll bypass, recorded some crash addresses 
git-svn-id: file:///home/svn/framework3/trunk@7614 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 19:39:15 +00:00
James Lee 00eaff0550 stupid ruby string differences 
git-svn-id: file:///home/svn/framework3/trunk@7611 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 17:16:45 +00:00
HD Moore 0c19f50718 Fix broken .NET method 
git-svn-id: file:///home/svn/framework3/trunk@7610 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 17:11:38 +00:00
Joshua Drake f733856974 add exploit module for cve-2009-3762 
git-svn-id: file:///home/svn/framework3/trunk@7609 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 07:25:04 +00:00
James Lee f516edacfb only works on ie7 
git-svn-id: file:///home/svn/framework3/trunk@7603 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-25 02:14:40 +00:00
James Lee c45c15cd29 add autopwn info 
git-svn-id: file:///home/svn/framework3/trunk@7599 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-24 23:50:08 +00:00
James Lee 99319d2a55 don't unintentionally create a UNC path. see #558 
git-svn-id: file:///home/svn/framework3/trunk@7591 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-24 06:23:03 +00:00