c672fad9ef
Add OSVDB ID, remove comma from Author field
2014-09-02 23:17:10 +01:00
f7617183d9
Revert "Add initial firefox xpi prompt bypass."
...
This reverts commit ebcf972c08
2014-09-02 12:27:41 -05:00
d480a5e744
Credit h0ng10 properly
2014-09-01 07:58:26 +01:00
59847eb15b
Remove newline at the top
2014-09-01 07:56:53 +01:00
6a370a5f69
Add exploit for eventlog analyzer file upload
2014-09-01 07:56:01 +01:00
c05edd4b63
Delete debug print_status
2014-08-31 01:34:47 -05:00
559ec4adfe
Add module for ZDI-14-299
2014-08-31 01:11:46 -05:00
403eae3579
Jboss file deployment repository refactorization
...
Moved lib/msf/http/jboss/bean_shell_script.rb to
lib/msf/http/jboss/script.rb. Moved head_stager_jsp to script.rb.
Removed stager_jsp to use the function from the mixin.
2014-08-30 13:15:37 +02:00
33f90de7f6
Refactoring jboss module to work with the Mixin
...
Moved upload and delete methods of deploymentfilerepository to the
mixin. Removed call_uri_mtimes method as the module now uses deploy
from the mixin.
2014-08-29 20:08:35 +02:00
58091b9e2b
Land #3708 , @pedrib fix for manage_engine_dc_pmp_sqli
2014-08-28 10:47:03 -05:00
af9f3b83a7
Refactoring jboss module to work with the Mixin
...
Removed datastore USERNAME and PASSWORD which are provided by
Msf::Exploit::Remote::HttpClient. Removed datastore PATH and VERB which
are provided by the mixin (lib/msf/http/jboss). Moved target detection
to the mixin.
2014-08-27 22:54:40 +02:00
633eaab466
Land #3714 - Firefox 22-27 WebIDL Privileged Javascript Injection
2014-08-27 01:45:18 -05:00
26cfed6c6a
Rename exploit module.
2014-08-26 23:05:41 -05:00
96276aa6fa
Get the disclosure date right.
2014-08-26 20:36:58 -05:00
52f33128cd
Add Firefox WebIDL Javascript exploit.
...
Also removes an incorrect reference from another FF exploit.
2014-08-26 20:35:17 -05:00
a8d03aeb59
Fix bug with PMP db paths
2014-08-26 12:54:31 +01:00
473341610c
Update name to mention DC; correct servlet name
2014-08-26 12:39:48 +01:00
6d3255a3b5
Update bad config error.
2014-08-25 14:43:23 -05:00
b652ebb44f
Add other gdb-supported platforms that run on allowed arches.
2014-08-25 14:15:20 -05:00
c4a173e943
Remove automatic target, couldn't figure out generic payloads.
2014-08-25 14:14:47 -05:00
6313b29b7a
Add #arch method to Msf::EncodedPayload.
...
This allows exploits with few one automatic target to support many
different architectures.
2014-08-24 02:22:15 -05:00
88f626184c
Remove linux platform limitation, target depends on arch only.
2014-08-24 01:39:04 -05:00
04d0b87067
Reorder module title.
2014-08-24 01:18:21 -05:00
c65ba20017
Fix incorrect Platforms key.
2014-08-24 01:15:34 -05:00
4e63faea08
Get a shell from a loose gdbserver session.
2014-08-24 01:10:30 -05:00
0031913b34
Fix nil accesses
2014-08-22 16:19:11 -05:00
38e6576990
Update
2014-08-22 13:22:57 -05:00
e93fbbd904
Land #3685 , @pedrib's exploit for CVE-2014-3996
2014-08-22 11:45:41 -05:00
cf147254ad
Use snake_case in the filename
2014-08-22 11:44:35 -05:00
823649dfa9
Clean exploit, just a little
2014-08-22 11:43:58 -05:00
9815b1638d
Refactor pick_target
2014-08-22 11:31:06 -05:00
ecace8beec
Refactor check method
2014-08-22 11:05:36 -05:00
05f0d09828
Merge branch staging/electro-release into master
...
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master. Rather than merging with
history, he squashed all history into two commits (see
149c3ecc6382760bf5b319ba7772f362b81d681448f0743d1b
2014-08-22 10:50:38 -05:00
ced65734e9
Make some datastore options advanced
2014-08-22 10:26:04 -05:00
b4e3e84f92
Use CamelCase for target keys
2014-08-22 10:23:36 -05:00
b58550fe00
Indent description and fix title
2014-08-22 10:21:08 -05:00
19ba7772f3
Revert "Various merge resolutions from master <- staging"
...
This reverts commit 149c3ecc63
2014-08-22 10:17:44 -05:00
da752b0134
Add exploit for CVE-2014-3996
2014-08-21 15:30:28 +01:00
e2e2dfc6a3
Undo FF
2014-08-19 17:47:44 -05:00
777efb5e48
Land #3669 - Deprecate ff 17 svg exploit
2014-08-19 17:42:31 -05:00
b93fda5cef
Remove browser_autopwn hook from deprecated FF module.
2014-08-18 15:33:43 -05:00
87aa63de6e
Deprecate FF17 SVG exploit.
...
This exploit needs flash, the tostring_console injection one does not.
2014-08-18 15:32:51 -05:00
cad281494f
Minor caps, grammar, desc fixes
2014-08-18 13:35:34 -05:00
6d92d701d7
Merge feature/recog into post-electro master for this PR
2014-08-16 01:19:08 -05:00
e656a81c63
Land #3656 - FF toString console.time Privileged Javascript Injection
2014-08-15 17:07:23 -05:00
6d958475d6
Oops, this doesn't work on 23, only 22.
2014-08-15 17:00:58 -05:00
fb1fe7cb8b
Add some obfuscation.
2014-08-15 16:54:30 -05:00
b574a4c4c5
Wow, this gets a shell all the way back to 15.0.
2014-08-15 16:39:36 -05:00
5706371c77
Update browser autopwn settings.
2014-08-15 16:32:06 -05:00
8c63c8f43d
Add browserautopwn hook now that this is not user-assisted.
2014-08-15 16:28:21 -05:00
Pedro Ribeiro