| .. |
|
CVE-2008-6508
|
Permissions.
|
2012-06-28 11:42:37 -05:00 |
|
CVE-2010-0232
|
Remove genericity, x64 and renamed stuff
|
2013-11-14 12:22:53 +10:00 |
|
CVE-2010-0842
|
Fix my screwup in winscp for servicename
|
2012-02-21 20:31:52 -06:00 |
|
CVE-2010-1240
|
Add an R in /Info for the trailer dictionary to make it readable
|
2014-11-05 22:28:37 -06:00 |
|
CVE-2011-2882
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2011-3400
|
Permissions
|
2012-06-12 15:20:25 -05:00 |
|
CVE-2012-0013
|
Permissions
|
2012-06-12 15:20:25 -05:00 |
|
CVE-2012-1535
|
Add Main.swf from 593363c
|
2013-07-29 21:53:40 -05:00 |
|
CVE-2012-2516
|
added chm templates
|
2012-10-10 19:21:47 +02:00 |
|
CVE-2012-4681
|
changed dir names according to CVE
|
2012-08-28 16:33:01 +02:00 |
|
CVE-2013-0109
|
Final changes before PR
|
2013-12-15 01:12:49 +00:00 |
|
CVE-2013-0634
|
Beautify and fix both ruby an AS
|
2014-04-17 23:32:29 -05:00 |
|
CVE-2013-2465
|
Change directory names
|
2013-08-15 22:52:42 -05:00 |
|
CVE-2013-3906
|
Initial commit of CVE-2013-3906
|
2013-11-19 23:10:32 -06:00 |
|
CVE-2013-5045
|
Use powershell instead of mshta
|
2014-06-03 09:01:56 -05:00 |
|
CVE-2013-5331
|
Add module for CVE-2013-5331
|
2014-04-27 10:40:46 -05:00 |
|
CVE-2014-0038
|
working cve-2014-0038
|
2016-10-08 23:58:09 -04:00 |
|
CVE-2014-0257
|
Do test
|
2014-06-03 09:52:01 -05:00 |
|
CVE-2014-0322
|
Add module for CVE-2014-0322
|
2014-04-15 17:55:24 -05:00 |
|
CVE-2014-0497
|
Add module for CVE-2014-0497
|
2014-05-03 20:04:46 -05:00 |
|
CVE-2014-0515
|
Delete debug
|
2015-06-11 17:39:36 -05:00 |
|
CVE-2014-0556
|
Update CVE-2014-0556
|
2015-06-04 18:23:50 -05:00 |
|
CVE-2014-0569
|
Unset debug flag
|
2015-06-09 11:36:09 -05:00 |
|
CVE-2014-4113
|
Use PDWORD_PTR and DWORD_PTR
|
2014-10-31 17:35:50 -05:00 |
|
CVE-2014-4114/template
|
Add ppsx template
|
2014-10-16 17:55:22 -05:00 |
|
CVE-2014-4404
|
Change paths, add makefile and compile
|
2014-11-30 21:06:11 -06:00 |
|
CVE-2014-6352/template_run_as_admin
|
Add module for CVE-2014-6352
|
2014-11-12 01:10:49 -06:00 |
|
CVE-2014-8440
|
Make last code cleanup
|
2015-06-09 16:01:57 -05:00 |
|
CVE-2015-0016
|
Update DLL
|
2015-08-26 15:15:32 -05:00 |
|
CVE-2015-0311
|
Add more targets
|
2015-06-04 12:11:53 -05:00 |
|
CVE-2015-0313
|
Allow more search space
|
2015-06-10 12:26:53 -05:00 |
|
CVE-2015-0318
|
This seems to work
|
2015-03-13 04:43:06 -05:00 |
|
CVE-2015-0336
|
Add support for Windows 8.1/Firefox
|
2015-06-03 22:46:04 -05:00 |
|
CVE-2015-0359
|
Disable debug
|
2015-06-10 14:07:18 -05:00 |
|
CVE-2015-1130
|
Add Rootpipe exploit
|
2015-04-10 11:22:00 -05:00 |
|
CVE-2015-1328
|
revamped
|
2016-10-15 20:57:31 -04:00 |
|
CVE-2015-1701
|
Update exploit binaries for ms15-051
|
2015-06-25 09:33:15 +10:00 |
|
CVE-2015-2426
|
Clean template code
|
2015-09-12 13:43:05 -05:00 |
|
CVE-2015-3090
|
Add module for CVE-2015-3090
|
2015-06-18 12:36:14 -05:00 |
|
CVE-2015-3105
|
Add module for CVE-2015-3105
|
2015-06-25 13:35:01 -05:00 |
|
CVE-2015-3113
|
Add module for CVE-2015-3113
|
2015-07-01 13:13:57 -05:00 |
|
CVE-2015-3673
|
Remove sleep(), clean up WritableDir usage.
|
2015-07-05 18:59:00 -05:00 |
|
CVE-2015-5119
|
Update swf
|
2015-07-15 18:35:41 -05:00 |
|
CVE-2015-5122
|
Improve adobe_flash_opaque_background_uaf
|
2015-07-16 14:56:32 -05:00 |
|
CVE-2015-8103
|
Add Jenkins CLI Java serialization exploit module
|
2015-12-11 14:57:10 -06:00 |
|
CVE-2015-8660
|
working module
|
2016-10-04 23:21:53 -04:00 |
|
CVE-2016-0099
|
Fix whitespace
|
2016-07-27 12:37:14 -05:00 |
|
CVE-2016-4557
|
cve-2016-4557
|
2016-09-29 05:23:12 -04:00 |
|
CVE-2016-4997
|
binary drops work!
|
2016-09-24 21:31:00 -04:00 |
|
CVE-2017-0358
|
move sploit.c out to data folder
|
2017-03-31 20:51:33 -04:00 |
|
CVE-2017-7494
|
Rename payloads with os+libc, shrink array inits
|
2017-05-27 19:50:31 -05:00 |
|
CVE-2017-8291
|
Quick Ghostscript module based on the public PoC
|
2017-04-28 09:56:52 -05:00 |
|
CVE-2017-16666
|
Add xplico remote code execution
|
2017-11-14 09:30:57 +03:00 |
|
CVE-2017-17562
|
Resolve a bug in reverse_tcp and segfaults across payloads
|
2017-12-29 14:18:55 -06:00 |
|
R7_2015_17
|
Add missing stream.raw for hp_sitescope_dns_tool
|
2016-03-15 11:06:06 -05:00 |
|
batik_svg
|
Permissions
|
2012-06-06 20:05:29 -05:00 |
|
capcom_sys_exec
|
Add LPE exploit module for the capcom driver flaw
|
2016-09-27 22:37:45 +10:00 |
|
capture/http
|
File.exists? must die
|
2016-04-21 00:47:07 -04:00 |
|
cve-2010-0094
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
cve-2010-0840/vuln
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
cve-2010-3563
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
cve-2010-4452
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
cve-2011-3544
|
Allows for Loot and Tasks to be imported from an MSF ZIP.
|
2011-12-05 22:30:34 -05:00 |
|
cve-2012-5076
|
fixing bperry comments
|
2012-11-11 20:18:19 +01:00 |
|
cve-2012-5076_2
|
Added new module for cve-2012-5076
|
2013-01-17 21:27:47 +01:00 |
|
cve-2012-5088
|
Added module for CVE-2012-5088
|
2013-01-17 21:14:49 +01:00 |
|
cve-2013-0074
|
Small fix to interface
|
2013-11-22 17:02:08 -06:00 |
|
cve-2013-0422
|
cve and references available
|
2013-01-11 00:54:53 +01:00 |
|
cve-2013-0431
|
added security level bypass
|
2013-02-20 17:50:47 +01:00 |
|
cve-2013-1300
|
Use signed binary
|
2014-05-02 14:45:14 +01:00 |
|
cve-2013-1488
|
Add module for CVE-2013-1488
|
2013-06-07 13:38:41 -05:00 |
|
cve-2013-1493
|
Added module for CVE-2013-1493
|
2013-03-26 22:30:18 +01:00 |
|
cve-2013-2460
|
Make fixes proposed by review and clean
|
2013-06-25 12:58:00 -05:00 |
|
cve-2013-3660
|
ppr_flatten_rec update, RDI submodule, and refactor
|
2013-11-27 20:44:18 +10:00 |
|
cve-2013-3881
|
Add binary compiled on vs2013
|
2014-02-10 13:52:27 -06:00 |
|
cve-2014-1610
|
Use msf branded djvu
|
2014-02-01 00:37:28 +00:00 |
|
cve-2015-1318
|
Use cross-compiled exploit
|
2018-01-13 05:44:42 +00:00 |
|
cve-2015-3315
|
Add ABRT raceabrt Privilege Escalation module
|
2018-01-16 14:52:33 +00:00 |
|
cve-2016-0051
|
refactor ms16-016 code
|
2016-07-05 20:50:43 -05:00 |
|
cve-2016-0189
|
add exploit for cve-2016-0189
|
2016-08-01 13:26:35 -05:00 |
|
cve-2016-6415
|
CVE-2016-6415 Cisco - sendpacket.raw
|
2016-09-29 22:24:55 -05:00 |
|
cve-2017-8464
|
recompile binaries
|
2017-11-08 09:33:48 -06:00 |
|
docx
|
Data files moved. Updated to use Rex::zip and Msf::Exploit::FILEFORMAT
|
2013-02-04 13:37:09 +01:00 |
|
edb-35948
|
Call CollectGarbage
|
2015-02-09 14:44:31 -06:00 |
|
firefox_smil_uaf
|
initial commit of finished product
|
2017-01-20 11:01:36 -06:00 |
|
imagemagick
|
Add PS template
|
2016-10-13 17:40:15 -05:00 |
|
java_signed_applet
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
jre7u17
|
Added module for Java 7u17 sandboxy bypass
|
2013-04-20 01:43:13 -05:00 |
|
mssql
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
mysql
|
mysql UDF now multi
|
2017-11-03 05:26:05 -04:00 |
|
ntapphelpcachecontrol
|
Use RDL
|
2015-01-09 19:02:08 -06:00 |
|
office_word_macro
|
Update office_word_macro exploit to support template injection
|
2017-05-25 15:53:45 -05:00 |
|
openoffice_document_macro
|
Completed version of openoffice_document_macro
|
2017-02-08 16:29:40 -06:00 |
|
osx
|
Add auto-accept to osx/enum_keychain.
|
2015-09-07 21:17:49 -05:00 |
|
pfsense_clickjacking
|
Added local copies of the static content
|
2017-12-02 10:14:14 +01:00 |
|
php
|
Revert "Land #6812, remove broken OSVDB references"
|
2016-07-15 12:00:31 -05:00 |
|
poison_ivy_c2
|
Modifications based on suggestions by @wchen-r7
|
2016-06-08 01:17:15 +02:00 |
|
postgres
|
…
|
|
|
powershell
|
new changes
|
2015-05-19 16:18:06 +01:00 |
|
psnuffle
|
unknow to unknown
|
2017-08-18 11:33:48 -04:00 |
|
pxexploit
|
Adds scriptjunkie's multilingual admin fie for pxexploit
|
2011-12-23 12:24:45 -06:00 |
|
scripthost_uac_bypass
|
Initial working scripthost bypass uac
|
2015-08-23 20:16:15 +01:00 |
|
splunk
|
Cleanup of #1062
|
2012-12-07 11:55:48 +01:00 |
|
tpwn
|
Move tpwn source to external/source/exploits
|
2015-08-17 18:27:47 -05:00 |
|
uxss
|
Add some common UXSS scripts.
|
2014-09-09 02:31:27 -05:00 |
|
wifi
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2007-3314.dat
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2008-0320.doc
|
Permissions
|
2012-06-06 20:05:29 -05:00 |
|
CVE-2008-5353.jar
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2008-5499.swf
|
Permission change, ignore
|
2012-04-23 13:42:18 -05:00 |
|
CVE-2009-3867.jar
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2009-3869.jar
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2010-0480.avi
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2010-0822.xls
|
Consolidation of the Axis2 Deployer Exploits
|
2011-11-22 08:47:53 -08:00 |
|
CVE-2010-1297.swf
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2010-3275.amv
|
…
|
|
|
CVE-2010-3654.swf
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2011-0105.xlb
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2011-0257.mov
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2011-0609.swf
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
CVE-2011-0611.swf
|
Added swf trigger file
|
2011-04-16 02:08:03 +00:00 |
|
CVE-2011-2110.swf
|
Permissions fix
|
2012-06-21 15:39:17 -05:00 |
|
CVE-2012-0507.jar
|
Permissions fix for exploit jar file
|
2012-04-02 09:27:35 -05:00 |
|
CVE-2012-0754.swf
|
Permisssions (ignore)
|
2012-03-08 16:16:13 -06:00 |
|
CVE-2012-0779.swf
|
Permissions
|
2012-06-25 00:36:39 -05:00 |
|
CVE-2012-1723.jar
|
Better handle of module cache when db_connect is run manually
|
2012-07-10 23:56:48 -05:00 |
|
CVE-2013-2171.bin
|
Fix CVE-2013-2171 with @jlee-r7 feedback
|
2013-06-25 10:40:55 -05:00 |
|
CVE-2013-6282.so
|
add module binary
|
2016-12-22 03:25:10 -06:00 |
|
CVE-2014-0980.pui
|
Implemented Recommended Changes
|
2015-03-17 16:39:56 -04:00 |
|
CVE-2014-3153.so
|
add binary for futex_requeue
|
2017-01-11 13:25:30 -06:00 |
|
QTJavaExploit.class
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
cve-2010-2883.ttf
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
cve-2013-0758.swf
|
Initial commit, works on three OSes, but automatic mode fails.
|
2013-05-15 23:32:02 -05:00 |
|
cve-2014-1761.rtf
|
MS14-017 Word RTF listoverridecount memory corruption
|
2014-04-08 14:44:20 -04:00 |
|
cve-2017-0199.rtf
|
Fix rtf info author
|
2017-04-14 21:16:39 -05:00 |
|
exec_payload.msi
|
added build exec_payload.msi
|
2012-11-28 21:51:01 +01:00 |
|
google_proxystylesheet.xml
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
iceweasel_macosx.icns
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
iphone_libtiff.bin
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
modicon_ladder.apx
|
Permissions fix for modicon_ladder.apx
|
2012-04-12 14:26:27 -05:00 |
|
mp4player.as
|
Permisssions (ignore)
|
2012-03-08 16:16:13 -06:00 |
|
mp4player.fla
|
Add source code to the player
|
2012-03-08 15:23:10 -06:00 |
|
mp4player.swf
|
Test out new player code
|
2012-03-08 15:05:12 -06:00 |
|
msfJavaToolkit.jar
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
office_ole_multiple_dll_hijack.ppsx
|
Moved PPSX to data/exploits folder
|
2016-11-08 16:04:46 +01:00 |
|
pricedown.eot
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
runcalc.hlp
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
|
s4u_persistence.xml
|
rename the xml template for s4u
|
2013-02-18 15:25:03 +01:00 |
|
shockwave_rcsl.dir
|
Permission changes (to sync)
|
2011-11-10 19:48:32 -06:00 |
285b329ee1