sinn3r wchen-r7
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = NormalRanking |
wchen-r7
/ testcase1.rb
Created
July 27, 2015 19:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = NormalRanking |
wchen-r7
/ gist:077aa5498cfbbc5e332e
Last active
August 29, 2015 14:25
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| msf > irb | |
| [*] Starting IRB shell... | |
| >> Msf::Module::Platform.subclasses.each {|c| puts "#{c.inspect} = #{c.realname.downcase}"} | |
| Msf::Module::Platform::Linux = linux | |
| Msf::Module::Platform::Firefox = firefox | |
| Msf::Module::Platform::Cisco = cisco | |
| Msf::Module::Platform::OSX = osx | |
| Msf::Module::Platform::NodeJS = nodejs | |
| Msf::Module::Platform::Solaris = solaris |
wchen-r7
/ gist:08e465d36d9b139c2645
Created
July 14, 2015 18:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [-] Error while running command jobs: deadlock; recursive locking | |
| Call stack: | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:185:in `lock' | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:185:in `mon_enter' | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:209:in `mon_synchronize' | |
| /Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:271:in `active_connection?' | |
| /Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:293:in `with_connection' | |
| /Users/wchen/rapid7/msf/lib/msf/core/db_manager/connection.rb:123:in `connection_established?' | |
| /Users/wchen/rapid7/msf/lib/msf/core/db_manager/connection.rb:6:in `active' |
wchen-r7
/ gist:d79e10fbd26cb1c8d50b
Created
July 14, 2015 05:30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CVE,Module | |
| "CVE-2013-4011","aix/local/ibstat_path" | |
| "CVE-2009-3699","aix/rpc_cmsd_opcode21" | |
| "CVE-2009-2727","aix/rpc_ttdbserverd_realpath" | |
| "CVE-2012-6636","android/browser/webview_addjavascriptinterface" | |
| "CVE-2013-4710","android/browser/webview_addjavascriptinterface" | |
| "CVE-2014-0514","android/fileformat/adobe_reader_pdf_js_interface" | |
| "CVE-2014-3153","android/local/futex_requeue" | |
| "CVE-2006-3459","apple_ios/browser/safari_libtiff" | |
| "CVE-2006-3459","apple_ios/email/mobilemail_libtiff" |
wchen-r7
/ grep_msf_cve.rb
Last active
August 29, 2015 14:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 1. Start msfconsole | |
| # 2. Type irb to enter irb mode | |
| # 3. Copy and paste the following | |
| # 4. And then you can compare CVEs | |
| # 5. You should get something like this: | |
| # https://gist.github.com/wchen-r7/d79e10fbd26cb1c8d50b | |
| table = Rex::Ui::Text::Table.new( | |
| 'Header' => 'Exploits', | |
| 'Indent' => 1, |
wchen-r7
/ gist:66c3aefb7171b5efc1f5
Created
July 7, 2015 15:38
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [-] Error while running command jobs: deadlock; recursive locking | |
| Call stack: | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:185:in `lock' | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:185:in `mon_enter' | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:209:in `mon_synchronize' | |
| /Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:271:in `active_connection?' | |
| /Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:293:in `with_connection' | |
| /Users/wchen/rapid7/msf/lib/msf/core/db_manager/connection.rb:123:in `connection_established?' | |
| /Users/wchen/rapid7/msf/lib/msf/core/db_manager/connection.rb:6:in `active' |
wchen-r7
/ gist:32785d8dba43fd6d0ae1
Created
July 7, 2015 05:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [07/07/2015 00:07:33] [e(0)] core: Connection not established: ActiveRecord::ConnectionTimeoutError could not obtain a database connection within 5.000 seconds (waited 5.004 seconds): | |
| /Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:190:in `block in wait_poll' | |
| /Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:181:in `loop' | |
| /Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:181:in `wait_poll' | |
| /Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:136:in `block in poll' | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:211:in `mon_synchronize' | |
| /Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/a |
wchen-r7
/ gist:6f6ca99cdac914ea910a
Created
July 7, 2015 03:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [06/28/2015 15:35:26] [e(0)] core: Call Stack | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:199:in `unlock' | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:199:in `mon_exit' | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:213:in `ensure in mon_synchronize' | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:213:in `mon_synchronize' | |
| /Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:264:in `connection' | |
| /Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:294:in `with_connection' | |
| /Users/wchen/rapid7/msf/lib/msf/core/db_manager/connection.rb:123:in `connection_established?' | |
| /Users/wchen/rapid7/msf/lib/msf/core/db_manager/connection.rb:6:in `active' | |
| /Users/wchen/rapid7/msf/lib/msf/core/db_manager/event.rb:9:in `report_event' |
wchen-r7
/ gist:44030a5c604521819b81
Last active
August 29, 2015 14:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [07/06/2015 18:57:39] [e(0)] core: thread exception: JobID(5)-Exploit: multi/browser/firefox_svg_plugin critical=false error: ThreadError deadlock; recursive locking | |
| source: | |
| /Users/wchen/rapid7/msf/lib/metasploit/framework/thread_factory_provider.rb:24:in `spawn' | |
| /Users/wchen/rapid7/msf/lib/rex/thread_factory.rb:22:in `spawn' | |
| /Users/wchen/rapid7/msf/lib/rex/job_container.rb:32:in `start' | |
| /Users/wchen/rapid7/msf/lib/rex/job_container.rb:156:in `start_bg_job' | |
| /Users/wchen/rapid7/msf/lib/msf/core/exploit_driver.rb:149:in `run' | |
| /Users/wchen/rapid7/msf/lib/msf/base/simple/exploit.rb:136:in `exploit_simple' | |
| /Users/wchen/rapid7/msf/lib/msf/base/simple/exploit.rb:161:in `exploit_simple' | |
| /Users/wchen/rapid7/msf/lib/msf/core/exploit/browser_autopwnv2.rb:445:in `block in start_exploits' |