github/metasploit-framework
1
Fork 0
mirror of https://github.com/rapid7/metasploit-framework synced 2024-10-29 18:07:27 +01:00
Code Releases Activity
30,837 Commits 17 Branches 918 Tags 1.2 GiB
af405eeb7d
Commit Graph

1067 Commits

Author SHA1 Message Date
Brent Cook
af405eeb7d
Land #4287, @timwr's exploit form CVS-2014-3153 2015-02-09 10:33:14 -06:00
jvazquez-r7
aa7f7d4d81 Add DLL source code 2015-02-01 19:59:10 -06:00
Brent Cook
89e5a2b892 disable -no-thumb, doesn't work with latest NDK? 2015-01-30 09:36:21 -06:00
William Vu
8f54e4d611
Implement "-" for msfconsole -r from stdin 
More predictable than /dev/stdin, which is usually a symlink to
/proc/self/fd/0 or /dev/fd/0, but the feature is not guaranteed to be
present.

This isn't *terribly* useful, but it can be. -x is recommended, but it
doesn't allow for ERB directives. This is mostly for hax.
 2015-01-29 19:26:56 -06:00
Brent Cook
47cd5a3e59
Land #4562, wchen-r7's Win8 NtApphelpCacheControl privilege escalation 2015-01-15 13:52:07 -06:00
sinn3r
7e1b8a1c83 Not needed anymore 2015-01-09 19:05:44 -06:00
sinn3r
c79589509c Old comment 2015-01-09 19:04:50 -06:00
sinn3r
74e8e057dd Use RDL 2015-01-09 19:02:08 -06:00
sinn3r
f998bfc246 Update exploit.cpp 2015-01-08 21:37:13 -06:00
sinn3r
eea6ccee1f Source 2015-01-08 18:43:29 -06:00
OJ
844460dd87
Update bypass UAC to work on 8.1 and 2012 
This commit contains a bunch of work that comes from Meatballs1 and
Lesage, and updates the bypassuac_inject module so that it works on
Windows 8.x and Windows 2012. Almost zero of the code in this module
can be attributed to me. Most of it comes from Ben's work.

I did do some code tidying, adjustment of style, etc. but other than
that it's all down to other people.
 2015-01-08 15:39:19 +10:00
Borja Merino
9791acd0bf Add stager ipknock shellcode (PR 2) 2014-12-27 22:03:45 +01:00
William Vu
e34c37042a
Readd block_hidden_bind_tcp.asm 
Because stager_hidden_bind_tcp.asm includes it.
 2014-12-22 11:13:07 -06:00
Peregrino Gris
c0fa8c0e3f Add stager for hidden bind shell payload 2014-12-22 17:21:11 +01:00
HD Moore
e3943682a2
Improves linux/armle payloads, lands #3315 2014-12-13 18:27:14 -06:00
Michael Schierl
e8728943ec Shave off two more bytes for HTTP(s) stagers 2014-12-13 11:49:30 -06:00
Michael Schierl
69c938f65a More shellcode golf 2014-12-13 11:49:15 -06:00
Tim
5c50a07c0f futex_requeue 2014-12-01 03:49:22 +00:00
jvazquez-r7
7772da5e3f Change paths, add makefile and compile 2014-11-30 21:06:11 -06:00
jvazquez-r7
b6306ef7a2 Move C source to exploits folder 2014-11-30 20:42:53 -06:00
Joe Vennix
7a3fb12124
Add an OSX privilege escalation from Google's Project Zero. 2014-11-25 12:34:16 -06:00
Mark Schloesser
9e7f6728d0 update the single sources with s/SHELLARG/ARGV0/ 2014-11-19 22:22:08 +01:00
mschloesser-r7
a5aa6b2e78 add source for linux/armle/shell_bind_tcp 2014-11-19 21:53:23 +01:00
mschloesser-r7
ebc70138f6 add source for linux/armle/shell_bind_tcp 2014-11-19 21:53:23 +01:00
mschloesser-r7
8331de2265 add source for linux/armle/shell_reverse_tcp 2014-11-19 21:53:23 +01:00
jvazquez-r7
f43a6e9be0 Use PDWORD_PTR and DWORD_PTR 2014-10-31 17:35:50 -05:00
jvazquez-r7
6154b7d55f Fix style again 2014-10-31 12:51:48 -05:00
jvazquez-r7
203af90a44 Fix style 2014-10-31 12:50:23 -05:00
jvazquez-r7
0c23733722 Use hungarian notation 2014-10-31 12:47:50 -05:00
jvazquez-r7
8e547e27b3 Use correct types 2014-10-31 12:37:21 -05:00
OJ
cbd616bbf5 A few sneaky style changes, but no functional ones 
Changes were purely for style, and Juan was happy to let me make them
as part of the merge.
 2014-10-31 09:08:11 +10:00
jvazquez-r7
6574db5dbb Fix the 64 bits code 2014-10-30 17:01:59 -05:00
jvazquez-r7
03a84a1de3 Search the AccessToken 2014-10-30 12:17:03 -05:00
OJ
908094c3d3 Remove debug, treat warnings as errors 2014-10-28 09:04:02 +10:00
OJ
0a03b2dd48 Final code tidy 2014-10-28 08:59:33 +10:00
OJ
6f3b373f01 More code tidy and unifying of stuff 2014-10-28 08:37:49 +10:00
OJ
0e761575c8 More code tidying, reduced x64/x86 duplication 2014-10-28 08:09:18 +10:00
OJ
062eff8ede Fix project settings, make files, start tidying of code 2014-10-28 07:58:19 +10:00
Spencer McIntyre
d6a63ccc5e Remove unnecessary C debugging code for the exploit 2014-10-27 11:24:23 -04:00
Spencer McIntyre
46b1abac4a More robust check routine for cve-2014-4113 2014-10-27 11:19:12 -04:00
jvazquez-r7
4406972b46 Do version checking minor cleanup 2014-10-27 09:32:42 -05:00
jvazquez-r7
0aaebc7872 Make GetPtiCurrent USER32 independent 2014-10-26 18:51:02 -05:00
jvazquez-r7
34697a2240 Delete 'callback3' also from 32 bits version 2014-10-26 17:28:35 -05:00
Spencer McIntyre
7416c00416 Initial addition of x64 target for cve-2014-4113 2014-10-26 16:54:42 -04:00
jvazquez-r7
d8eaf3dd65 Add exploit source code 2014-10-23 18:59:58 -05:00
Spencer McIntyre
3181d4e080 Add zsh completion definitions for utilities 2014-09-27 20:12:02 -04:00
HD Moore
8cca4d7795 Fix the makefile to use the right directory 
Reported by severos on IRC, the current output
class is in the right place, but the makefile
was broken.
 2014-08-03 13:38:15 -05:00
sinn3r
ce5d3b12e7
Land #3403 - MS13-097 Registry Symlink IE Sandbox Escape 2014-06-26 13:48:28 -05:00
sinn3r
0b6f7e4483
Land #3404 - MS14-009 .NET Deployment Service IE Sandbox Escape 2014-06-26 11:45:47 -05:00
Meatballs
25ed68af6e
Land #3017, Windows x86 Shell Hidden Bind 
A bind shellcode that responds as 'closed' unless the client matches the
AHOST ip.
 2014-06-08 13:49:49 +01:00