adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
44,717 Commits 27 Branches 1,043 Tags
a87ae41d81d680b3ea202ff3c59ff3c052d273a7
Commit Graph

8 Commits

Author SHA1 Message Date
joev 00dc6364b5 Add support for native target in addjsif exploit. 2016-01-03 01:07:36 -06:00
Brent Cook 64e86165ef remove android meterpreter bins, update to payloads 1.0.2 
This switches us to using the Android payload files from the
metasploit-payloads gem
 2015-06-01 09:14:31 -05:00
Joe Vennix 7a62b71839 Some URL fixes from @jduck and exploit ideas from Andre Moulu. 
The exploit works with the URLs fixed, installs the APK, but hangs at the Installing...
screen and never actually launches. We tried opening the APK in a setTimeout() intent
URI, but the previously launched intent seemed unresponsive. Andre had the bright
idea of re-opening the previously launched intent with invalid args, crashing it and
allow us to launch the payload.
 2014-11-15 21:33:16 -06:00
Joe Vennix 5a8eca8946 Adds a :vuln_test option to BES, just like in BAP. 
I needed this to run a custom JS check for the Android
webview vuln when the exploit is served straight
through BES. The check already existed when using BAP,
so I tried to preserve that syntax, and also added a
:vuln_test_error as an optional error message.

This commit also does some mild refactoring of un-
useful behavior in BES.
 2014-10-01 23:34:31 -05:00
Joe Vennix 2b02174999 Yank Android->jsobfu integration. Not really needed currently. 2014-09-25 16:00:37 -05:00
Joe Vennix d9e6f2896f Add the JSObfu mixin to a lot of places. 2014-09-21 23:45:59 -05:00
joev 289bae88de Remove lie in comment. 2014-06-12 10:02:29 -05:00
joev feca6c4700 Add exploit for ajsif vuln in Adobe Reader. 
* This refactors the logic of webview_addjavascriptinterface into a mixin (android.rb).
* Additionally, some behavior in pdf.rb had to be modified (in backwards-compatible ways).

Conflicts:
	lib/msf/core/exploit/mixins.rb
 2014-06-02 22:25:55 -05:00