319f15d938
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
5b3fde7735
Rubocop recently landed modules
2021-02-16 15:08:08 +00:00
30809787c4
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
e24a81919a
Land #13996 , Add module for CVE-2020-9801, CVE-2020-9850 and CVE-2020-9856,
...
RCE for Safari on macOS 10.15.3 (pwn2own2020)
Merge branch 'land-13996' into upstream-master
2020-10-01 09:46:39 -05:00
9150f0bc3a
move int64.js and utils.js to javascript_utils folder
2020-09-01 16:14:31 +08:00
0b513d6c51
remove debug logging from the kernel exploit
2020-07-30 18:10:26 +08:00
277d7dcff2
add debug logging to javascript exploit
2020-07-30 17:38:59 +08:00
79adcf7904
Add module for iOS 7.1.2
2020-07-27 15:05:31 +08:00
fbfa37916c
Tut tut
...
Edit a blue comment
2019-07-10 17:41:54 -05:00
d0cce0a6a4
offsets for iPhone 5S 10.2.1
2019-06-02 10:19:24 +08:00
5b708532b4
use MetasploitPayloads to_binary
2019-06-02 10:19:24 +08:00
c659a1e5b4
add description
2019-06-02 10:19:24 +08:00
aabe316662
fixes for iOS 10
2019-06-02 10:19:24 +08:00
2b54d411f6
fix iOS 11 offset cache
2019-06-02 10:19:24 +08:00
e6a8d66460
fix iOS 10 again
2019-06-02 10:19:24 +08:00
b7574f2dd8
cleanup
2019-06-02 10:19:24 +08:00
6d9385cb8a
ios 11 faf
2019-06-02 10:19:24 +08:00
b142115c82
fix iOS 11.0.2
2019-06-02 10:19:24 +08:00
6f6cf443b6
begin iOS 11
2019-06-02 10:19:24 +08:00
33a4866c36
add offset cache
2019-06-02 10:19:24 +08:00
f15e70ea03
various fixes
2019-06-02 10:19:24 +08:00
3d414dac74
add hash to trust cache
2019-06-02 10:19:24 +08:00
32af9cb897
Initial commit of CVE-2018-4233 for iOS 10
2019-06-02 10:19:24 +08:00
5fc7167beb
Merge remote-tracking branch 'upstream/master' into land-10812-
2019-02-07 09:31:02 -06:00
e69f006992
Remove CommandShell mixin in exploits
...
This was cargo culting. Exploits use handler instead of start_session.
2018-12-12 15:43:13 -06:00
2e91ec1495
semicolons :)
2018-10-16 14:59:27 +08:00
96ba3c636b
fix indentation and add author
2018-10-16 14:56:25 +08:00
57e2dd2192
send payload url to loader
2018-10-16 14:41:34 +08:00
fe356dabca
convert payload to dylib
2018-10-10 23:35:20 +08:00
7fce2bd428
initial commit of 32bit trident exploit
2018-10-10 17:41:28 +08:00
6df235062b
Land #10505 , post-auth and default creds info
2018-08-24 18:08:15 -05:00
cd01f11fd2
Remove verifying host keys for all exploits
2018-08-15 14:54:41 -07:00
d9fc99ec4a
Correct false negative post_auth? status
2018-08-09 23:34:03 -05:00
f5ccdcfcd2
Net SSH CommandStream fixes implemented
...
* Net::SSH::CommandStream typos fixed
* Net::SSH::CommandStream cleanup made more robust and refactored
* require 'net/ssh/command_stream' added to various modules
2018-07-25 11:22:28 -05:00
c0841ef0bf
set default payload
2018-05-30 18:04:22 +08:00
2ec7f11b90
add binary
2018-05-30 18:02:17 +08:00
50300426ca
fix feedback from code review
2018-05-03 18:28:14 +08:00
9f174e7323
msftidy
2018-04-03 16:10:41 +08:00
7c3e5da450
add more credits/references
2018-04-03 14:59:00 +08:00
c5039251a2
add CVE-2016-4655
...
rebase
2018-04-03 14:58:57 +08:00
d465226d89
add loader
2018-04-03 14:44:54 +08:00
cd1f4e1373
webkit apple safari trident exploit
2018-04-03 14:44:54 +08:00
b1d0529161
prefer 'shell' channels over 'exec' channels for ssh
...
If a command is not specified to CommandStream, request a "shell"
session rather than running exec. This allows targets that do not have a
true "shell" which supports exec to instead return a raw shell session.
2018-02-08 02:21:16 -06:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
ef826b3f2c
OCD - print_good & print_error
2017-07-19 12:48:52 +01:00
b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
a9a1146155
fix more ssh option hashes
2016-09-20 01:30:35 -05:00
7352029497
first round of SSL damage fixes
2016-09-13 17:42:31 -05:00
b057a9486c
Don't use ssh agent
2016-07-19 17:07:22 -05:00
dwelch-r7