Brendan Coles
dbc2b8b006
Update CVE-2019-13272 exploit C code to prefer auto targeting
...
Previously, the exploit would attempt to use a hardcoded list of
known useful helpers and fall back to automatic targeting. This
logic has been reversed, preferring automatic targeting first.
2020-05-09 03:59:31 +00:00
Spencer McIntyre
9769e04b6e
Land #13322 , CVE-2020-0668 Service tracing file junction overwrite
2020-05-07 09:47:20 -04:00
gwillcox-r7
a1275845ec
Land #13200 , CVE-2019-0808 LPE for Windows 7 x86 SP0 and SP1
2020-05-06 17:23:52 -05:00
gwillcox-r7
1c79674620
Recompile DLL and alter vcxproj file to automatically place generated DLL in right folder
2020-05-06 16:33:01 -05:00
Alan Foster
cd3725cd3d
Land #13388 , Updates for SAP ICM paths
2020-05-06 14:07:22 +01:00
Brent Cook
0bca86b10d
add new paths from Joris van de Vis
2020-05-04 06:27:02 -05:00
Brent Cook
0622eff907
remove duplicates
2020-05-04 06:23:55 -05:00
Brent Cook
caf863b380
sort and normalize list
2020-05-04 06:15:11 -05:00
bwatters-r7
a0213a13f0
Land #13279 , Some fix for rubocop verification
...
Merge branch 'land-13279' into upstream-master
2020-05-01 13:49:14 -05:00
bwatters-r7
686c2f09a1
Land #13290 , Cve-2014-2630 HP xglance-bin linux priv esc
...
Merge branch 'land-13290' into upstream-master
2020-05-01 10:18:21 -05:00
Tim W
b8dc843b48
add binary
2020-05-01 19:02:54 +08:00
L
645a4c6d26
Remove ysoserial JRMPClient && JRMPListener payload
2020-04-27 10:50:09 -05:00
L
7dc1b8afb4
Update data/ysoserial_payloads.json
2020-04-27 10:50:09 -05:00
Tim W
bba9b76d25
fix infinite loop in find_macho
...
fix osx loader to work within python macho
2020-04-24 15:13:57 +08:00
bwatters-r7
7213d379ec
Add Uso dll
2020-04-23 15:18:22 -05:00
bwatters-r7
0bbb822fe4
Working through mountpoint issues
2020-04-21 09:54:45 -05:00
b4rtik
9be3f1d751
Code cleanup
2020-04-21 00:12:47 +02:00
b4rtik
d1a8ac072a
Fix Amsi and Etw patching
2020-04-20 23:52:19 +02:00
h00die
e1f1ad45bc
working exploit
2020-04-19 15:19:19 -04:00
h00die
58074dc6bb
waiting on metasm question
2020-04-18 20:26:45 -04:00
bwatters-r7
b9e83bd055
Update VS build destination
2020-04-13 18:20:20 -05:00
b4rtik
e3c8c6b0cc
Enabled output from clr loading
2020-04-10 15:06:39 -05:00
b4rtik
b4d2dfe753
Added EtwEventWrite patching
2020-04-10 15:06:00 -05:00
b4rtik
8743cdfecc
Update and USETHREADTOKEN
2020-04-10 15:05:20 -05:00
b4rtik
4c26fa7a67
Fix arguments managing
2020-04-10 15:05:19 -05:00
b4rtik
1476f08dd0
Fix arguments managing
2020-04-10 15:05:18 -05:00
b4rtik
baf25fb064
Removed dependency on vc runtime
2020-04-10 15:04:51 -05:00
b4rtik
a3abfb13da
Some fix
2020-04-10 14:57:41 -05:00
b4rtik
33cd725562
Add dynamic size for assembly and args
2020-04-10 14:57:37 -05:00
bwatters-r7
182bd67287
Land #13187 , Add LPE Exploit For CVE-2020-0796 (AKA: SMBGhost)
...
Merge branch 'land-13187' into upstream-master
2020-04-03 11:19:50 -05:00
Brent Cook
8451c1345b
Land #10579 , add sharphound post module, upstream updating tool
2020-04-03 09:10:40 -05:00
Brent Cook
f848f735a6
update sharphound to latest
2020-04-02 21:32:39 -05:00
Spencer McIntyre
3392fa18d4
Add the x64 LPE exploit for CVE-2020-0796
2020-04-02 17:22:00 -04:00
William Vu
8f6331d0d5
Pretty-print JSON in data/ysoserial_payloads.json
...
jq . data/ysoserial_payloads.json
2020-03-13 14:04:32 -05:00
Tim W
e36db605a6
Land #12907 , update unix_users.txt
2020-02-27 15:18:31 +08:00
Brent Cook
f59ec03c42
Land #12465 , add Android Binder UAF (CVE-2019-2215)
2020-02-23 01:06:33 -08:00
h00die
91add39ceb
extra blank line removed
2020-02-09 19:05:46 -05:00
h00die
65951dd97b
nnposter list
2020-02-09 19:04:03 -05:00
h00die
b997e5679f
update bloodhound to recent version
2020-02-08 16:06:06 -05:00
h00die
cca3184b36
update userlist to ubuntu 18.04 lamp
2020-02-03 19:07:08 -05:00
Christophe De La Fuente
394e99fbe9
Land #12568 , Fix exploit/windows/local/ms16_032_secondary_logon_handle_privesc
2020-01-30 11:57:56 +01:00
cdelafuente-r7
3491da7da0
Add a random sentinel to close channel when terminates ( #1 )
...
* Add a random sentinel to close channel when terminates
* Replace spaces with tabs to be consistent
* Remove unnecessary escaped quotes and use include? instead of regex
2020-01-25 23:30:49 +01:00
Tim W
cfffb65a21
Land #12859 , update AF_PACKET chocobo_root linux LPE
2020-01-24 17:30:13 +08:00
Brent Cook
6f6cc00871
Land #12751 , add Linux RDS socket NP deref privesc
2020-01-22 07:08:47 -06:00
Brendan Coles
19b1f567b2
Update AF_PACKET chocobo_root Privilege Escalation module
2020-01-19 11:51:01 +00:00
Brendan Coles
36b6ceb56f
Add rds_atomic_free_op_null_pointer_deref_priv_esc (CVE-2018-5333)
2020-01-18 08:34:52 +00:00
Cory Kennedy
a8f8502d19
Update haKCers.txt
...
Corrected minor (but major - sorry!) transposition error on line 18.
2019-12-20 09:05:49 -06:00
Shelby Pace
894927d960
Land #12693 , add Comahawk privilege escalation
2019-12-18 15:40:51 -06:00
Brent Cook
e1e668d7da
Land #12651 , add OpenMRS deserialization exploit
2019-12-16 11:31:24 -06:00
bwatters-r7
7e05642a1b
Randomize container name
2019-12-12 07:48:01 -06:00