adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
14,482 Commits 27 Branches 1,043 Tags
ca0fc0f950f875ed74c19b892063750962ebd3fa
Commit Graph

2492 Commits

Author SHA1 Message Date
sinn3r 57b3aae9c0 Only JRE ROP is used 2012-09-24 10:21:02 -05:00
jvazquez-r7 d476ab75cc fix comment 2012-09-24 10:03:31 +02:00
jvazquez-r7 f3a64432e9 Added module for ZDI-12-170 2012-09-24 10:00:38 +02:00
sinn3r d3611c3f99 Correct the tab 2012-09-21 12:29:24 -05:00
sinn3r 25f4e3ee1f Update patch information for MS12-063 2012-09-21 12:28:41 -05:00
sinn3r 54b98b4175 Merge branch 'ntr_activex_check_bof' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_check_bof 2012-09-20 16:43:20 -05:00
sinn3r 4ead0643a0 Correct target parameters 2012-09-20 16:41:54 -05:00
sinn3r 41449d8379 Merge branch 'ntr_activex_stopmodule' of https://github.com/jvazquez-r7/metasploit-framework into jvazquez-r7-ntr_activex_stopmodule 2012-09-20 16:33:12 -05:00
Tod Beardsley a5ffe7297f Touching up Kernelsmith's wording. 
It is merely the ROP chain, not the vuln, that requires Java.
 2012-09-20 14:52:52 -05:00
Tod Beardsley 883dc26d73 Merge remote branch 'kernelsmith/ie_execcommand_uaf_info' 2012-09-20 14:48:36 -05:00
jvazquez-r7 e98e3a1a28 added module for cve-2012-0266 2012-09-20 19:03:46 +02:00
jvazquez-r7 b61c8b85b8 Added module for CVE-2012-02672 2012-09-20 19:02:20 +02:00
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
kernelsmith f1a39c76ed update to ie_execcommand_uaf's info to add ROP info 
This module requires the following dependencies on the target for the
ROP chain to function.  For WinXP SP3 with IE8, msvcrt must be present
(which it is on default installs).  For Vista/Win7 with IE8 or Win7
with IE9, ire 1.6.x or below must be installed.
 2012-09-19 14:10:02 -05:00
Ramon de C Valle 11f82de098 Update author information 2012-09-19 14:00:51 -03:00
sinn3r cc8102434a CVE assigned for the IE '0day' 2012-09-18 16:13:27 -05:00
Tod Beardsley 25475ffc93 Msftidy fixes. 
Whitespace on ie_execcommand_uaf, and skipping a known-weird caps check
on a particular software name.
 2012-09-18 11:25:00 -05:00
sinn3r 5fbc4b836a Add Microsoft advisory 2012-09-17 22:13:57 -05:00
Tod Beardsley 75bbd1c48d Being slightly more clear on Browser Not Supported 
With this and the rest of sinn3r's fixes, it looks like we can close the
Redmine bug.

[FixRM #7242]
 2012-09-17 11:16:19 -05:00
sinn3r d77ab9d8bd Fix URIPATH and nil target 
Allow random and '/' as URIPATh, also refuse serving the exploit
when the browser is unknown.
 2012-09-17 10:54:12 -05:00
Tod Beardsley 48a46f3b94 Pack / Unpack should be V not L 
Packing or unpacking to/from L, I, or S as pack types will cause
problems on big-endian builds of Metasloit, and are best avoided.
 2012-09-17 09:52:43 -05:00
Tod Beardsley d77efd587a Merge remote branch 'wchen-r7/ie_0day_execcommand' 2012-09-17 08:48:22 -05:00
sinn3r 5eaefcf4c7 This is the right one, I promise 2012-09-17 08:41:25 -05:00
sinn3r 8f50a167bd This is the right module 2012-09-17 08:36:04 -05:00
sinn3r e43cae70a7 Add IE 0day exploiting the execcommand uaf 2012-09-17 08:28:33 -05:00
jvazquez-r7 9a83c7c338 changes according to egypt review 2012-09-14 18:47:50 +02:00
jvazquez-r7 eae571592c Added rgod email 2012-09-14 17:45:16 +02:00
jvazquez-r7 a2649dc8d1 fix typo 2012-09-14 17:10:41 +02:00
jvazquez-r7 e27d5e2eb7 Description improved 2012-09-14 17:08:59 +02:00
jvazquez-r7 9c77c15cf5 Added module for osvdb 85087 2012-09-14 16:54:28 +02:00
Tod Beardsley 39f2cbfc3c Older targets confirmed for CoolType SING 2012-09-12 16:51:51 -05:00
jvazquez-r7 61bf15114a deregistering FILENAME option 2012-09-10 23:14:14 +02:00
jvazquez-r7 199fbaf33d use a static filename 2012-09-10 23:08:21 +02:00
jvazquez-r7 cb975ce0a2 cleanup plus documentation for the maki template 2012-09-10 22:48:04 +02:00
jvazquez-r7 607c0f023a added edb references 2012-09-10 17:30:31 +02:00
jvazquez-r7 b813e4e650 Added module for CVE-2009-1831 2012-09-10 16:46:16 +02:00
jvazquez-r7 caae54a7ca added osvdb reference 2012-09-07 16:56:37 +02:00
jvazquez-r7 c572c20831 Description updated to explain conditions 2012-09-07 11:18:54 +02:00
sinn3r 86036737ca Apparently this app has two different names 
People may either call the app "ActiveFax", or "ActFax". Include
both names in there to allow the module to be more searchable.
 2012-09-06 18:38:03 -05:00
jvazquez-r7 4985cb0982 Added module for ActFac SYSTEM Local bof 2012-09-07 00:45:08 +02:00
jvazquez-r7 b4113a2a38 hp_site_scope_uploadfileshandler is now multiplatform 2012-09-06 12:54:51 +02:00
jvazquez-r7 2f87af1c3a add some checks while parsing the java serialization config file 2012-09-05 20:58:55 +02:00
jvazquez-r7 b2116e2394 cleanup, test, add on_new_session handler and osvdb references 2012-09-05 20:54:25 +02:00
jvazquez-r7 406202fc81 Added module for ZDI-12-174 2012-09-05 12:56:09 +02:00
sinn3r 783ffb13c2 Add Adobe security bulletin references 2012-09-04 00:07:53 -05:00
sinn3r 9d97dc8327 Add Metasploit blogs as references, because they're useful. 2012-09-03 15:57:27 -05:00
sinn3r 9ab62de637 Fix a spelling error 2012-09-03 01:44:02 -05:00
jvazquez-r7 943121dd61 Added module for CVE-2012-2611 2012-09-03 00:15:56 +02:00
sinn3r d106a1150e Be more clear that we dislike certain PDF templates 2012-08-31 14:07:58 -05:00
jvazquez-r7 f439f256b5 Debug line deleted on 2012-08-30 00:18:07 +02:00