adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
41,886 Commits 27 Branches 1,043 Tags
f8a94de6710abe3042a26a9dca38dcccff2c93be
Commit Graph

5244 Commits

Author SHA1 Message Date
sinn3r f91116a8e8 Land #3634 - Virtual box 3D Acceleration OpenGL Host escape 2014-08-13 20:08:13 -05:00
jvazquez-r7 127d094a8d Dont share once device is opened 2014-08-13 16:13:38 -05:00
Meatballs 05a198bc96 Correct spelling 2014-08-13 14:06:25 +01:00
Meatballs 4a01c27ed4 Use get_env and good pack specifier 2014-08-13 10:59:22 +01:00
jvazquez-r7 da4b572a0d Change module name 2014-08-12 17:17:26 -05:00
jvazquez-r7 3eccc12f50 Switch from vprint to print 2014-08-12 17:11:24 -05:00
jvazquez-r7 f203fdebcb Use Msf::Exploit::Local::WindowsKernel 2014-08-12 17:09:39 -05:00
jvazquez-r7 e1debd68ad Merge to update 2014-08-12 16:21:39 -05:00
jvazquez-r7 183b27ee27 There is only one target 2014-08-12 16:14:41 -05:00
jvazquez-r7 c8e4048c19 Some style fixes 2014-08-12 16:11:31 -05:00
jvazquez-r7 ea3d2f727b Dont fail_with while checking 2014-08-12 16:09:59 -05:00
jvazquez-r7 042423088c Make sure which the full payload is used 2014-08-12 11:41:29 -05:00
Meatballs 351b687759 Land #3612, Windows Local Kernel exploits refactor 2014-08-10 22:05:06 +01:00
jvazquez-r7 486b5523ee Refactor set_version 2014-08-09 02:17:07 -05:00
jvazquez-r7 d959affd6e Delete debug message 2014-08-09 01:58:42 -05:00
jvazquez-r7 da04b43861 Add module for CVE-2014-0983 2014-08-09 01:56:38 -05:00
jvazquez-r7 b259e5b464 Update description again 2014-08-07 09:21:25 -05:00
jvazquez-r7 4af0eca330 Update target description 2014-08-07 09:11:01 -05:00
Brandon Turner 91bb0b6e10 Merge tag '2014072301' into staging/electro-release 
Conflicts:
	Gemfile.lock
	modules/post/windows/gather/credentials/gpp.rb

This removes the active flag in the gpp.rb module.  According to Lance,
the active flag is no longer used.
 2014-08-06 15:58:12 -05:00
Spencer McIntyre b602e47454 Implement improvements based on feedback 2014-08-05 21:24:37 -07:00
Jon Hart f25bb735a0 Land #3543, @todb-r7's Rubocop cleanup of MS08-067 2014-08-04 14:35:30 -07:00
Spencer McIntyre 9cd6353246 Update mqac_write to use the mixin and restore pointers 2014-08-04 12:15:39 -07:00
Spencer McIntyre a523898909 Apply rubocop suggestions for ms_ndproxy 2014-08-04 11:49:01 -07:00
Spencer McIntyre 86e2377218 Switch ms_ndproxy to use the new WindowsKernel mixin 2014-08-04 11:49:01 -07:00
Spencer McIntyre 58d29167e8 Refactor MS11-080 to use the mixin and for style 2014-08-04 11:49:01 -07:00
Joshua Smith 6c2b8f54cf rubocop cleanup, long lines, etc 2014-08-03 23:19:08 -05:00
OJ 2b021e647d Minor tidies to conform to standards 2014-08-03 23:19:08 -05:00
OJ 31c51eeb63 Move error messages to check 2014-08-03 23:19:08 -05:00
OJ cbf15660bf Add some small fixes to the MQAC local exploit 
* Check for `INVALID_HANDLE_VALUE` when attempting to open the
  device, as this is what is returned when the device doesn't exist.
* Make sure that we only run the exploit against tartgets that we
  support directly to make sure we don't BSOD machines (such as what
  happens with SP1/SP2).
* Add a call to `check` in the exploit code.
 2014-08-03 23:19:08 -05:00
b00stfr3ak add5cefe17 Change runas method to use lib 
Changed runas method to use the new runas lib.  Also did some rubocop
changes.
 2014-08-01 17:13:24 -07:00
b00stfr3ak df98098b0c New shell_execute_option command 
Also removed upload option
 2014-08-01 17:12:04 -07:00
b00stfr3ak 5c2b074264 Matched bypassuac to upstream 2014-08-01 14:40:23 -07:00
b00stfr3ak def652a50e Merge https://github.com/rapid7/metasploit-framework into bypassuac/psh_option 2014-08-01 14:32:55 -07:00
Meatballs 15c1ab64cd Quick rubocop 2014-07-31 23:11:00 +01:00
Meatballs d336c56b99 Merge remote-tracking branch 'upstream/master' into land_2551 2014-07-31 23:06:37 +01:00
Meatballs 53b66f3b4a Land #2075, Powershell Improvements 2014-07-31 00:49:39 +01:00
Joshua Smith e00d892f99 rubocop cleanup, long lines, etc 2014-07-28 22:04:45 -05:00
OJ 210342df5b Minor tidies to conform to standards 2014-07-25 09:32:54 +10:00
OJ 9fe2dd59aa Move error messages to check 2014-07-25 07:57:09 +10:00
OJ 3ec30bdf78 Add some small fixes to the MQAC local exploit 
* Check for `INVALID_HANDLE_VALUE` when attempting to open the
  device, as this is what is returned when the device doesn't exist.
* Make sure that we only run the exploit against tartgets that we
  support directly to make sure we don't BSOD machines (such as what
  happens with SP1/SP2).
* Add a call to `check` in the exploit code.
 2014-07-24 14:48:29 +10:00
Jay Smith 042278ed6a Update code to reflect @OJ code suggestions 2014-07-23 11:01:43 -04:00
Jay Smith 534a5d964b Add CVE-2014-4971 BthPan local privilege escalation 
Add CVE-2014-4971 BthPan local privilege escalation for Windows XP SP3
 2014-07-22 18:17:06 -04:00
Jay Smith 0db3a0ec97 Update code to reflect @jlee-r7's code review 2014-07-22 15:14:24 -04:00
Jay Smith 125b2df8f5 Update code to reflect @hdmoore code suggestions 2014-07-22 14:53:24 -04:00
Spencer McIntyre 7f79e58e7f Lots and cleanups based on PR feed back 2014-07-22 14:45:00 -04:00
Spencer McIntyre 5d9c6bea9d Fix a typo and use the execute_shellcode function 2014-07-22 13:06:57 -04:00
Spencer McIntyre 12904edf83 Remove unnecessary target info and add url reference 2014-07-22 11:20:07 -04:00
Spencer McIntyre ca0dcf23b0 Add a simple check method for cve-2014-4971 2014-07-22 10:54:10 -04:00
Spencer McIntyre 6a545c2642 Clean up the mqac escalation module 2014-07-22 10:39:34 -04:00
Spencer McIntyre da4eb0e08f First commit of MQAC arbitrary write priv escalation 2014-07-22 10:04:12 -04:00