metasploit-gs/external/source/exploits at 3aebe968bb91c97fe8a650e92dddde464fe0564e - metasploit-gs - GreySec Git

adam/metasploit-gs

Files

T

History

OJ defc0ebe5c ppr_flatten_rec update, RDI submodule, and refactor

This commit contains a few changes for the ppr_flatten_rec local windows
exploit. First, the exploit binary itself:

* Updated to use the RDI submodule.
* Updated to build with VS2013.
* Updated to generate a binary called `ppr_flatten_rc.x86.dll`.
* Invocation of the exploit requires address of the payload to run.

Second, the module in MSF behaved a little strange. I expected it to create
a new session with system privs and leave the existing session alone. This
wasn't the case. It used to create an instance of notepad, migrate the
_existing_ session to it, and run the exploit from there. This behaviour
didn't seem to be consistent with other local exploits. The changes
include:

* Existing session is now left alone, only used as a proxy.
* New notepad instance has exploit reflectively loaded.
* New notepad instance has payload directly injected.
* Exploit invocation takes the payload address as a parameter.
* A wait is added as the exploit is slow to run (nature of the exploit).
* Payloads are executed on successful exploit.

2013-11-27 20:44:18 +10:00

..

Added batik svg java module

2012-05-17 16:48:38 +02:00

Add empty directories from svn repo.

2011-11-09 18:41:40 -06:00

enable java payloads, currently via one-off method

2011-03-17 23:57:11 +00:00

fixing bperry comments

2012-11-11 20:18:19 +01:00

cve-2012-5076_2

Update external/source/exploits/cve-2012-5076_2/Makefile

2013-01-23 20:18:24 +01:00

Update external/source/exploits/cve-2012-5088/Makefile

2013-01-23 12:42:33 +01:00

Switch to soft tabs the cs code

2013-11-23 23:06:52 -06:00

cve and references available

2013-01-11 00:54:53 +01:00

makefile updated

2013-02-21 13:44:37 +01:00

Add module for CVE-2013-1488

2013-06-07 13:38:41 -05:00

Added module for CVE-2013-1493

2013-03-26 22:30:18 +01:00

Delete project files

2013-06-25 12:58:39 -05:00

ppr_flatten_rec update, RDI submodule, and refactor

2013-11-27 20:44:18 +10:00

add a makefile so i don't forget how to compile this stuff

2010-07-21 07:27:15 +00:00

Minor fixes

2012-04-19 18:07:35 -05:00

Module rewrite, included Java support, direct upload, plugin deletion

2012-06-26 11:56:44 -04:00

compile java applet with 1.3, Fixes #685

2009-12-14 17:26:19 +00:00

add exploit module for cve-2009-3869

2009-12-17 04:52:40 +00:00

add an exploit module for cve-2010-0094, thanks Matthias Kaiser.

2010-09-08 08:20:55 +00:00

Add RDI submodule, port Kitrap0d

2013-11-27 16:04:41 +10:00

CVE-2010-0840/vuln

add source code for cve-2010-0840

2010-08-21 07:27:26 +00:00

CVE-2010-0842/MixerMidiApplet

Added CVE-2010-0842

2012-02-15 23:32:31 +01:00

add an exploit for cve-2010-3563, thanks Matthias Kaiser

2010-11-19 23:02:35 +00:00

made the shellcode request random to avoid signatures

2011-03-26 16:00:52 +00:00

added adobe flashplayer array indexing exploit (CVE-2011-2110)

2012-06-20 12:52:37 +10:00

The more description the better

2011-12-01 03:03:37 -06:00

Add checks for data being null, too, just in case

2012-03-30 16:46:49 -06:00

Add CVE-2012-0754 .as source

2012-03-07 19:25:51 -06:00

changes on openfire_auth_bypass

2012-06-27 23:16:07 +02:00

Improve CVE-2012-1535

2012-08-21 19:58:21 -05:00

Last touch-up

2012-07-10 00:37:07 -05:00

Update source information

2012-08-30 17:48:02 -05:00

Fix CVE-2013-2171 with @jlee-r7 feedback

2013-06-25 10:40:55 -05:00

Change directory names

2013-08-15 22:52:42 -05:00

exec_payload_msi

Move MSI source and binary location

2012-11-27 18:12:49 +00:00

fix small issues

2013-04-20 01:43:14 -05:00

splunk/upload_app_exec

Cleanup of #1062

2012-12-07 11:55:48 +01:00

make.bat

ppr_flatten_rec update, RDI submodule, and refactor

2013-11-27 20:44:18 +10:00