adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
44,313 Commits 27 Branches 1,043 Tags
deacebc46bd38ba3300a39d1f157dde29ab35e16
Commit Graph

147 Commits

Author SHA1 Message Date
Wei Chen b99663fb6c Bring #9282 up to date with upstream-master 2017-12-13 13:16:30 -06:00
Matthew Kienow d79b0ad981 Land #9286, Advantech WebAccess webvrpcs BOF RCE 2017-12-12 00:25:56 -05:00
Pearce Barry 7f93cca446 Land #9288, Add Dup Scout Enterprise login buffer overflow 2017-12-11 17:12:20 -06:00
mr_me f8977ed72c added some fixes 2017-12-11 11:34:17 -06:00
Chris Higgins 3a14ac3b37 Fixed a spelling error in documentation 2017-12-09 02:30:42 -06:00
Chris Higgins e91830efe7 Add Dup Scout Enterprise login buffer overflow 2017-12-09 02:20:05 -06:00
mr_me 073ffcb3bc added some docs 2017-12-07 16:58:14 -06:00
Austin 900f7d6f69 docs on options 2017-12-07 14:47:40 -05:00
Austin 12425d962c Rename office_dde_delivery to office_dde_delivery.md 2017-12-06 22:40:57 -05:00
Austin 1e4b707a60 MS Office DDE Documentation 2017-12-06 21:46:47 -05:00
Brent Cook ce2db3cd87 Land #9275, CVE-2017-11882 (docs fix) 2017-12-05 10:16:54 -06:00
Austin 14226c5f33 missing docs on options 
Missed fixes on documentation
 2017-12-04 20:58:36 -05:00
William Webb 69b01d26bb Land #9226, Microsoft Office OLE object memory corruption 2017-12-04 16:50:27 -08:00
Austin b7f17f5519 fix documentation 2017-12-04 16:41:27 -05:00
Austin fcf2cfa134 Create office_ms17_11882.md 2017-11-21 14:45:56 -05:00
Steven Patterson df2b62dc27 Add Mako Server CMD injection Linux support, update docs, move to multi 2017-11-10 16:28:39 -05:00
h00die 52888871e3 Land #8747 RCE for Geutebrueck GCore on Windows 2017-11-08 20:22:54 -05:00
h00die 7ad151e68b gcore formatting update 2017-11-08 20:21:40 -05:00
Adam Cammack 39916ef61a Land #9133, Command injection in Mako Server examples 2017-11-08 15:11:01 -06:00
bwatters-r7 5a07be9b96 Land #9041, Add LPE on Windows using CVE-2017-8464 2017-11-08 10:09:03 -06:00
bwatters-r7 19e3e181c1 Fix compiling instructions 2017-11-08 09:36:32 -06:00
Spencer McIntyre fa8d017579 Change documentation from a first person context 2017-11-08 09:29:46 -05:00
bwatters-r7 11093b8393 Added documentation 2017-11-08 08:07:06 -06:00
Steven Patterson 8613852ee8 Add Mako Server v2.5 command injection module/docs 2017-10-26 23:29:11 -04:00
Wei Chen c67a5872cd Land #9055, Add exploit for Sync Breeze HTTP Server 
Land #9055
 2017-10-13 17:34:03 -05:00
bwatters-r7 294230c455 Land #8509, add Winsxs bypass for UAC 2017-10-11 16:24:52 -05:00
Ernesto Fernandez ffa29de6c9 Update bypassuac_injection_winsxs.md 2017-10-11 11:43:28 +02:00
bwatters-r7 59d03ec4db Added markdown doc for documentation. 2017-10-10 13:05:29 -05:00
jakxx fd0ce33341 Updated Module Documentation 2017-10-10 12:36:32 -04:00
h00die b796c0be16 fixing docs 2017-10-09 20:31:23 -04:00
Mehmet Ince c14c93d450 Integrate OfficeScan 11 exploitation and fix grammer issues 2017-10-09 22:11:42 +03:00
Mehmet Ince 79c9123261 Adding Trend Micro OfficeScan widget rce module 2017-10-08 17:54:18 +03:00
M4P0 7fe750422e Update geutebrueck_gcore_x64_rce_bo.md 2017-10-06 15:41:12 +02:00
Maurice Popp 770547269b added documentation, and fixed 4 to 2 indentation 2017-10-06 15:39:25 +02:00
loftwing e3deaadcc7 Documentation added 2017-09-14 11:52:15 -05:00
h00die be66ed8af3 Land #8788 exploits for Gh0st and PlugX malware controllers 2017-09-05 20:42:07 -04:00
h00die d05c401866 modules cleanup and add docs 2017-09-04 20:57:23 -04:00
james 5bf1d916bc Fix uneven quotes in various documentation files 
Uneven quotes lead to malformed markdown, which will not render as intended.
Even out the quotes in several files.
 2017-08-26 19:12:48 -05:00
h00die a0585dcb9e Land #8872 docs for octopusdeploy_deploy 2017-08-22 21:36:44 -04:00
james 7f8e6b83dc Update documentation for exploit/windows/http/octopusdeploy_deploy 
Remove self explanatory options.
 2017-08-21 19:47:24 -05:00
james 60215297be Update documentation for exploit/windows/http/octopusdeploy_deploy 
Fix awkward wording.
 2017-08-21 19:17:41 -05:00
james de9392995a Add documentation for exploit/windows/http/octopusdeploy_deploy 2017-08-21 19:11:36 -05:00
Brent Cook 2eba188166 Land #8789, Add COM class ID hijack method for bypassing UAC 2017-08-20 13:57:17 -05:00
OJ 408a83a36b Added comhijack module documentation 2017-08-16 13:05:27 +10:00
Brent Cook da3ca9eb90 update some documentation 2017-08-03 17:09:44 -05:00
Yorick Koster 67dddd2402 Typo reported by @nixawk 2017-08-02 15:47:21 -05:00
Yorick Koster 3229320ba9 Code review feedback from @nixawk 2017-08-02 15:46:51 -05:00
Yorick Koster 565a3355be CVE-2017-8464 LNK Remote Code Execution Vulnerability 
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain a dynamic icon, loaded from a
malicious DLL.

This vulnerability is a variant of MS15-020 (CVE-2015-0096). The
created LNK file is similar except in an additional
SpecialFolderDataBlock is included. The folder ID set in this
SpecialFolderDataBlock is set to the Control Panel. This is enought to
bypass the CPL whitelist. This bypass can be used to trick Windows into
loading an arbitrary DLL file.
 2017-08-02 15:46:30 -05:00
Brent Cook 7c55cdc1c8 fix some module documentation 
3 modules got documentation landed in the wrong spot. This also fixes a few
typos and improves formatting.
 2017-07-23 07:46:52 -07:00
William Webb 6349026134 Land #8442, Exploit module for Backup Exec Windows Agent UaF 2017-06-28 10:39:28 -05:00