adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50,939 Commits 27 Branches 1,043 Tags
edb94e9ef581c4cb2f856428fe5e05eb470d7fbd
Commit Graph

49 Commits

Author SHA1 Message Date
Wei Chen c5bff76dc7 Cosmetic changes for office_exel_slk module and documentation 2019-02-11 12:37:17 -06:00
Wei Chen 18afc8f546 Bring PR 11249 up to date with upstream master 2019-02-11 12:19:21 -06:00
Carter Brainerd ddb46638f7 Fix verification steps numbering 2019-01-22 20:44:18 -05:00
Carter Brainerd 334abebcb1 Implement docs review changes 2019-01-17 20:00:23 -05:00
Carter Brainerd d323958ebe Add docs 2019-01-14 14:56:42 -05:00
Jacob Robles 106d6cefe4 Add documentation 2018-12-11 07:55:52 -06:00
Jacob Robles 6544c6636c Add documentation 2018-10-10 12:23:52 -05:00
Jacob Robles b5c13690c0 Add documentation for Zahir Import File Module 2018-10-04 10:12:12 -05:00
Jacob Robles d5ad683ba6 More doc updates 2018-08-29 10:59:36 -05:00
Jacob Robles 88c908665d Update documentation 2018-08-29 06:24:30 -05:00
Jacob Robles 086ec5bdfb Fix generated strings in pdf 2018-08-29 06:24:20 -05:00
Jacob Robles fd6880d0d0 Add Foxit Reader UAF Module and Docs 2018-08-21 08:21:51 -05:00
Shelby Pace 8f8d015741 changed some wording 2018-07-02 09:57:28 -05:00
Shelby Pace 54fce378fa added target versions to documentation 2018-07-02 09:20:17 -05:00
Shelby Pace 3b5555542c add exploit module and documentation 2018-06-29 15:17:12 -05:00
Brent Cook ca4ad1d0c4 Land #9478, Improve Dup Scout BOF exploit 2018-02-07 23:51:14 -06:00
Jacob Robles ab0d18669e Doc Changes 2018-02-07 19:26:39 -06:00
Jacob Robles e53500f397 Fixed Headings 2018-02-07 08:11:58 -06:00
Carter Brainerd (thecarterb) e5b490c1c0 Remove weird sentence in cve_2017_8464_lnk_rce 2018-02-04 12:57:56 -05:00
thecarterb bde2884e11 Fixes from review 2018-02-03 11:23:58 -05:00
Carter Brainerd (thecarterb) 2d8a249a56 Add intro header to office_ms17_11882 2018-02-02 14:12:36 -05:00
Carter Brainerd (thecarterb) a7e9772e25 A few fixes for office_word_hta 
- Add introduction header
- Fix `Vulnerable Application` header and make it plural (multiple apps)
- Remove unnecessary console line for example
 2018-02-02 14:11:05 -05:00
Carter Brainerd (thecarterb) daedf2a089 Fix word choice in cve_2017_8464_lnk_rce 
- Also remove an unnecessary example step
 2018-02-02 14:06:03 -05:00
Jacob Robles 559b592394 Corrected Documentation 2018-02-01 13:17:02 -06:00
Jacob Robles bc18389284 Updated Document and Module 
Update the documentation based on analysis of the vulnerability.
Slight modifications to the exploit module as well to reduce the
size of the generated file and reduce bad characters.
 2018-02-01 10:05:50 -06:00
Daniel Teixeira c1ff0c1e00 Dup Scout XML documentation 2018-01-24 20:47:02 +00:00
Daniel Teixeira 5fef8b43f6 Update and rename syncbreeze_xml.rb to syncbreeze_xml.md 2018-01-16 06:07:15 +00:00
Daniel Teixeira ac724926db Sync Breeze Import Command BOF Doc 2018-01-15 20:45:34 +00:00
Wei Chen b99663fb6c Bring #9282 up to date with upstream-master 2017-12-13 13:16:30 -06:00
Austin 900f7d6f69 docs on options 2017-12-07 14:47:40 -05:00
Austin 12425d962c Rename office_dde_delivery to office_dde_delivery.md 2017-12-06 22:40:57 -05:00
Austin 1e4b707a60 MS Office DDE Documentation 2017-12-06 21:46:47 -05:00
Austin 14226c5f33 missing docs on options 
Missed fixes on documentation
 2017-12-04 20:58:36 -05:00
Austin b7f17f5519 fix documentation 2017-12-04 16:41:27 -05:00
Austin fcf2cfa134 Create office_ms17_11882.md 2017-11-21 14:45:56 -05:00
Brent Cook da3ca9eb90 update some documentation 2017-08-03 17:09:44 -05:00
Yorick Koster 67dddd2402 Typo reported by @nixawk 2017-08-02 15:47:21 -05:00
Yorick Koster 3229320ba9 Code review feedback from @nixawk 2017-08-02 15:46:51 -05:00
Yorick Koster 565a3355be CVE-2017-8464 LNK Remote Code Execution Vulnerability 
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain a dynamic icon, loaded from a
malicious DLL.

This vulnerability is a variant of MS15-020 (CVE-2015-0096). The
created LNK file is similar except in an additional
SpecialFolderDataBlock is included. The folder ID set in this
SpecialFolderDataBlock is set to the Control Panel. This is enought to
bypass the CPL whitelist. This bypass can be used to trick Windows into
loading an arbitrary DLL file.
 2017-08-02 15:46:30 -05:00
wchen-r7 6029a9ee2b Use a built-in HTA server and update doc 2017-04-24 16:04:27 -05:00
nixawk 0a085c4e83 add doc for exploit/windows/fileformat/office_word_hta 2017-04-18 03:26:10 -05:00
wchen-r7 34f074441d Move doc 2017-02-16 12:33:05 -06:00
wchen-r7 e891063b74 Update doc 2017-02-03 14:29:29 -06:00
wchen-r7 5db1d958b0 Update doc 2017-02-03 14:08:28 -06:00
wchen-r7 6e692b1a1c Update doc 2017-02-03 14:03:48 -06:00
wchen-r7 f3f774b9c7 Add demo 2017-02-03 12:01:51 -06:00
wchen-r7 92e065c21b Update doc 2017-02-03 11:48:18 -06:00
wchen-r7 2457968a24 Update doc 2017-02-03 11:45:34 -06:00
wchen-r7 e9ba6fe7fd Add doc 2017-02-02 20:42:46 -06:00