adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
45,658 Commits 27 Branches 1,043 Tags
fc7cd7fdc57c4e2f2dcb02c09f2efad42e70bc67
Commit Graph

476 Commits

Author SHA1 Message Date
Shelby Pace fd2886b499 Land #11112, Fix bpf_priv_esc exploit module 2018-12-17 08:04:33 -08:00
Wei Chen ec2b1c9995 Land #10944, Add macOS Safari exploit from pwn2own2018 2018-12-13 13:32:39 -08:00
Brent Cook 4c2772a5fc Land #10994, Added exploit for CVE-2018-18955 2018-11-27 14:27:50 -08:00
Wei Chen 56e0c51897 Land #10965, Add the macOS LPE from pwn2own2018 (CVE-2018-4237) 2018-11-27 12:02:49 -08:00
bwatters-r7 4a9f6f5d06 Land #10561, Add Windows local privilege escalation - CVE-2018-0824 
Merge branch 'land-10561' into upstream-master
 2018-10-25 12:33:06 -07:00
Brent Cook c7ad4a47eb Land #10851, add ndkstager to data/exploits 2018-10-23 14:48:43 -07:00
Wei Chen 3cbc33204c Land #10664, add Windows SetImeInfoEx Win32k NULL Pointer Dereference 2018-10-18 21:02:13 -07:00
bwatters-r7 0f4ef19555 Land #10418, Add DCOM/RPC NTLM Reflection (MS16-075) Via Reflective DLL 
Merge branch 'land-10418' into upstream-master
 2018-10-04 14:57:20 -07:00
Brent Cook bff3047e93 Land #10428, Update Windows MySQL UDF files, add docs 2018-09-24 19:13:53 -07:00
bwatters-r7 2b194e2b47 Land #10643, CVE-2018-8440 ALPC Scheduler 
Merge branch 'land-10643' into upstream-master
 2018-09-24 10:48:41 -07:00
Wei Chen e9a94595c2 Land #10592, support ERB for foxit_reader_uaf.rb 2018-09-05 19:50:30 -07:00
Wei Chen eb39f6da51 Land #10564, Add Ghostscript exploit from taviso 2018-09-05 19:09:11 -07:00
Tim W 65fcdcfd2f Land #9884, add linux ufo priv esc module 2018-08-02 02:56:27 -07:00
Wei Chen b42545a153 Land #10387, Update mov_ss and add mov_ss_dll 2018-07-27 12:55:43 -07:00
Tim W 691d8f2c41 Land #9753, Linux BPF sign extension local privesc 2018-07-18 11:05:32 -07:00
William Vu eb6142c2f8 Land #10315, pSnuffle POST and basic auth 2018-07-17 11:01:34 -07:00
Wei Chen 06e8cc49f5 Land #10297, Add priv escalation mod for CVE-2018-8897 2018-07-13 08:57:19 -07:00
bwatters-r7 0a19221af2 Land #10101, Add glibc 'realpath()' Privilege Escalation exploit 2018-06-12 14:43:57 -07:00
Aaron Soto aa5c114364 Land #10067, Added auxiliary/fileformat/odt_badodt 2018-06-06 09:29:34 -07:00
Chris Higgins 5f469efacf Land #10092, Cleanup linux/local/recvmmsg_priv_esc 2018-06-04 15:37:57 -07:00
Brent Cook 31ce48502c Land #9528, WebKit apple safari trident exploit (CVE-2016-4657) 2018-06-04 15:37:57 -07:00
Tim W 016ee4d460 Land #9987, AF_PACKET chocobo_root exploit 2018-05-21 15:22:51 -07:00
bwatters-r7 81368bef7a Land #9966, Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit 
Merge branch 'land-9966' into upstream-master
 2018-05-21 17:01:36 -05:00
Tim W bacab0507b Land #9947, AF_PACKET packet_set_ring exploit 2018-05-17 08:16:34 -07:00
Tim W 1de1b04c4f Land #9919, add libuser roothelper privilege escalation exploit 2018-05-15 11:58:14 -07:00
bwatters-r7 38465e69a8 Land #8795, Added CVE-2016-0040 Windows Privilege Escalation 
Merge branch 'land-8795' into upstream-master
 2018-05-04 09:38:28 -05:00
h00die 37cb2d77e7 Land #9422 abrt race condition priv esc on linux 2018-02-12 11:55:21 -06:00
h00die 016af01fd8 Land #9399 a linux priv esc against apport and abrt 2018-02-02 11:32:29 -06:00
Brent Cook 5ec3da843e Land #9349, GoAhead LD_PRELOAD CGI Module 2018-01-24 17:12:47 -06:00
dmohanty-r7 a5fa63405f Land #9206, Add Xplico RCE exploit module 2018-01-03 16:02:51 -06:00
William Vu caae33b417 Land #9170, Linux UDF for mysql_udf_payload 2017-12-21 20:48:24 -06:00
Yorick Koster 942e44ceae Added local copies of the static content 2017-12-02 10:14:14 +01:00
Mehmet İnce 86e47589b0 Add xplico remote code execution 2017-11-14 09:30:57 +03:00
bwatters-r7 4abe8ff0d9 recompile binaries 2017-11-08 09:33:48 -06:00
bwatters-r7 9b24ed8406 Removed binaries for recompile 2017-11-08 09:26:40 -06:00
Spencer McIntyre c2578c1487 Refactor GetProcessSid to remove do while FALSE 2017-11-07 19:11:24 -05:00
h00die 697031eb36 mysql UDF now multi 2017-11-03 05:26:05 -04:00
Spencer McIntyre 3f6f70f820 Move the cve-2017-8464 source to external/source 2017-10-08 13:58:51 -04:00
Spencer McIntyre d0ebfa1950 Change the template technicque to work as an LPE 2017-10-05 10:30:28 -04:00
Spencer McIntyre 949633e816 Cleanup cve-2017-8464 template and build script 2017-10-02 15:18:13 -04:00
h00die dc358dd087 unknow to unknown 2017-08-18 11:33:48 -04:00
Yorick Koster 81500f7336 Updated Mutex code, reduce the number of times the payload is executed 2017-08-03 10:26:55 -05:00
Yorick Koster c3bc27385e Added source code for DLL template 2017-08-02 15:47:22 -05:00
Yorick Koster 46ec04dd15 Removed This PC ItemID & increased timeout in WaitForSingleObject 
Remove the This PC ItemID to bypass (some) AV.

Timeout for WaitForSingleObject is set to 2,5s. After this timeout a
mutex is released allowed a new payload to be executed.
 2017-08-02 15:47:22 -05:00
Yorick Koster e6e94bad4b Replace CreateEvent with CreateMutex/WaitForSingleObject 
Time out is set to 1500 ms to prevent running the payload multiple times
 2017-08-02 15:47:22 -05:00
Yorick Koster e51e1d9638 Added new DLL templates to prevent crashing of Explorer 2017-08-02 15:47:21 -05:00
Brent Cook a01a2ead1a Land #8467, Samba CVE-2017-7494 Improvements 2017-05-30 00:15:03 -05:00
HD Moore 38491fd7ba Rename payloads with os+libc, shrink array inits 2017-05-27 19:50:31 -05:00
HD Moore b7b0c26f4a Reduce minimum GLIBC versions where we can 2017-05-27 19:28:41 -05:00
HD Moore 184c8f50f1 Rework the Samba exploit & payload model to be magic. 2017-05-27 17:03:01 -05:00