sinn3r wchen-r7

## gist:d79e10fbd26cb1c8d50b
CVE,Module
"CVE-2013-4011","aix/local/ibstat_path"
"CVE-2009-3699","aix/rpc_cmsd_opcode21"
"CVE-2009-2727","aix/rpc_ttdbserverd_realpath"
"CVE-2012-6636","android/browser/webview_addjavascriptinterface"
"CVE-2013-4710","android/browser/webview_addjavascriptinterface"
"CVE-2014-0514","android/fileformat/adobe_reader_pdf_js_interface"
"CVE-2014-3153","android/local/futex_requeue"
"CVE-2006-3459","apple_ios/browser/safari_libtiff"
"CVE-2006-3459","apple_ios/email/mobilemail_libtiff"

## gist:847a8d1246395bdbf7b1

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
    <title>Magento Downloader</title>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
    <link type="image/x-icon" href="/magento/downloader/favicon.ico" rel="icon"/>
    <link type="image/x-icon" href="/magento/downloader/favicon.ico" rel="shortcut icon"/>
    <script type="text/javascript" src="js/prototype.js"></script>

## gist:557f825614eba20f27d7
$ rake cucumber spec coverage DATABASE_ADAPTER=sqlite3
/Users/wchen/.rvm/rubies/ruby-2.1.6/bin/ruby -S bundle exec cucumber features --format Fivemat
'derives' shared examples' attribute_type method ............ (23.01s)
validates keyword argument .......... (17.46s)

7 scenarios (7 passed)
22 steps (22 passed)
0m40.481s
Coverage report generated for 'derives' shared examples' :validates keyword argument With `validates: false`, 'derives' shared examples' :validates keyword argument With `validates: true`, 'derives' shared examples' :validates keyword argument Without `:validates` keyword argument, 'derives' shared examples' attribute_type method With `:datetime` for attribute_type, 'derives' shared examples' attribute_type method With `:string` for attribute_type, 'derives' shared examples' attribute_type method With `:text` for attribute_type, 'derives' shared examples' attribute_type method Without `:datetime`, `:string`, or `:text` for attribute_type, Cucumber Features, RSpec to /Users/wchen/rapid7/metasp

## gist:d5a1fbd08923ea47ddc3
01b4766c 8c f5 4e 00 00 00 00 00 00 00 00 00 d4 75  ..N..........u
01b4767a b4 01 e4 75 b4 01 00 00 00 00 b0 d9 12 00  ...u..........
01b47688 ff ff ff ff ff ff ff ff 00 00 00 00 00 00  ..............
01b47696 00 00 68 dc 78 01 88 d5 78 01 88 d5 78 01  ..h.x...x...x.
01b476a4 01 00 00 00 d8 2f 12 00 70 84 51 00 70 84  ...../..p.Q.p.
01b476b2 51 00 70 84 51 00 70 84 51 00 70 84 51 00  Q.p.Q.p.Q.p.Q.
01b476c0 70 84 51 00 70 84 51 00 70 84 51 00 00 00  p.Q.p.Q.p.Q...
01b476ce 00 00 00 00 00 00 70 84 51 00 70 84 51 00  ......p.Q.p.Q.
01b476dc 70 84 51 00 70 84 51 00 70 84 51 00 70 84  p.Q.p.Q.p.Q.p.
01b476ea 51 00 70 84 51 00 38 d5 78 01 c8 d6 78 01  Q.p.Q.8.x...x.

## com.ilegendsoft.mercury
root@generic:/data/data/com.ilegendsoft.mercury # pwd
/data/data/com.ilegendsoft.mercury
root@generic:/data/data/com.ilegendsoft.mercury # ls -R

.:
app_webview
cache
code_cache
databases
files

## test2.rb
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

require 'msf/core'

class Metasploit3 < Msf::Exploit::Remote
  Rank = NormalRanking

## testcase1.rb
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

require 'msf/core'

class Metasploit3 < Msf::Exploit::Remote
  Rank = NormalRanking

## gist:077aa5498cfbbc5e332e
msf > irb
[*] Starting IRB shell...

>> Msf::Module::Platform.subclasses.each {|c| puts "#{c.inspect} = #{c.realname.downcase}"}
Msf::Module::Platform::Linux = linux
Msf::Module::Platform::Firefox = firefox
Msf::Module::Platform::Cisco = cisco
Msf::Module::Platform::OSX = osx
Msf::Module::Platform::NodeJS = nodejs
Msf::Module::Platform::Solaris = solaris

## gist:08e465d36d9b139c2645
[-] Error while running command jobs: deadlock; recursive locking

Call stack:
/Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:185:in `lock'
/Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:185:in `mon_enter'
/Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:209:in `mon_synchronize'
/Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:271:in `active_connection?'
/Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:293:in `with_connection'
/Users/wchen/rapid7/msf/lib/msf/core/db_manager/connection.rb:123:in `connection_established?'
/Users/wchen/rapid7/msf/lib/msf/core/db_manager/connection.rb:6:in `active'

## grep_msf_cve.rb
# 1. Start msfconsole
# 2. Type irb to enter irb mode
# 3. Copy and paste the following
# 4. And then you can compare CVEs
# 5. You should get something like this:
#    https://gist.github.com/wchen-r7/d79e10fbd26cb1c8d50b

table = Rex::Ui::Text::Table.new(
  'Header'  => 'Exploits',
  'Indent'  => 1,
	CVE,Module
	"CVE-2013-4011","aix/local/ibstat_path"
	"CVE-2009-3699","aix/rpc_cmsd_opcode21"
	"CVE-2009-2727","aix/rpc_ttdbserverd_realpath"
	"CVE-2012-6636","android/browser/webview_addjavascriptinterface"
	"CVE-2013-4710","android/browser/webview_addjavascriptinterface"
	"CVE-2014-0514","android/fileformat/adobe_reader_pdf_js_interface"
	"CVE-2014-3153","android/local/futex_requeue"
	"CVE-2006-3459","apple_ios/browser/safari_libtiff"
	"CVE-2006-3459","apple_ios/email/mobilemail_libtiff"

	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
	<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
	<head>
	<title>Magento Downloader</title>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
	<link type="image/x-icon" href="/magento/downloader/favicon.ico" rel="icon"/>
	<link type="image/x-icon" href="/magento/downloader/favicon.ico" rel="shortcut icon"/>
	<script type="text/javascript" src="js/prototype.js"></script>
	$ rake cucumber spec coverage DATABASE_ADAPTER=sqlite3
	/Users/wchen/.rvm/rubies/ruby-2.1.6/bin/ruby -S bundle exec cucumber features --format Fivemat
	'derives' shared examples' attribute_type method ............ (23.01s)
	validates keyword argument .......... (17.46s)

	7 scenarios (7 passed)
	22 steps (22 passed)
	0m40.481s
	Coverage report generated for 'derives' shared examples' :validates keyword argument With `validates: false`, 'derives' shared examples' :validates keyword argument With `validates: true`, 'derives' shared examples' :validates keyword argument Without `:validates` keyword argument, 'derives' shared examples' attribute_type method With `:datetime` for attribute_type, 'derives' shared examples' attribute_type method With `:string` for attribute_type, 'derives' shared examples' attribute_type method With `:text` for attribute_type, 'derives' shared examples' attribute_type method Without `:datetime`, `:string`, or `:text` for attribute_type, Cucumber Features, RSpec to /Users/wchen/rapid7/metasp
	01b4766c 8c f5 4e 00 00 00 00 00 00 00 00 00 d4 75 ..N..........u
	01b4767a b4 01 e4 75 b4 01 00 00 00 00 b0 d9 12 00 ...u..........
	01b47688 ff ff ff ff ff ff ff ff 00 00 00 00 00 00 ..............
	01b47696 00 00 68 dc 78 01 88 d5 78 01 88 d5 78 01 ..h.x...x...x.
	01b476a4 01 00 00 00 d8 2f 12 00 70 84 51 00 70 84 ...../..p.Q.p.
	01b476b2 51 00 70 84 51 00 70 84 51 00 70 84 51 00 Q.p.Q.p.Q.p.Q.
	01b476c0 70 84 51 00 70 84 51 00 70 84 51 00 00 00 p.Q.p.Q.p.Q...
	01b476ce 00 00 00 00 00 00 70 84 51 00 70 84 51 00 ......p.Q.p.Q.
	01b476dc 70 84 51 00 70 84 51 00 70 84 51 00 70 84 p.Q.p.Q.p.Q.p.
	01b476ea 51 00 70 84 51 00 38 d5 78 01 c8 d6 78 01 Q.p.Q.8.x...x.
	root@generic:/data/data/com.ilegendsoft.mercury # pwd
	/data/data/com.ilegendsoft.mercury
	root@generic:/data/data/com.ilegendsoft.mercury # ls -R

	.:
	app_webview
	cache
	code_cache
	databases
	files
	##
	# This module requires Metasploit: http://metasploit.com/download
	# Current source: https://github.com/rapid7/metasploit-framework
	##

	require 'msf/core'

	class Metasploit3 < Msf::Exploit::Remote
	Rank = NormalRanking
	msf > irb
	[*] Starting IRB shell...

	>> Msf::Module::Platform.subclasses.each {\|c\| puts "#{c.inspect} = #{c.realname.downcase}"}
	Msf::Module::Platform::Linux = linux
	Msf::Module::Platform::Firefox = firefox
	Msf::Module::Platform::Cisco = cisco
	Msf::Module::Platform::OSX = osx
	Msf::Module::Platform::NodeJS = nodejs
	Msf::Module::Platform::Solaris = solaris
	[-] Error while running command jobs: deadlock; recursive locking

	Call stack:
	/Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:185:in `lock'
	/Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:185:in `mon_enter'
	/Users/wchen/.rvm/rubies/ruby-2.1.6/lib/ruby/2.1.0/monitor.rb:209:in `mon_synchronize'
	/Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:271:in `active_connection?'
	/Users/wchen/.rvm/gems/ruby-2.1.6@metasploit-framework/gems/activerecord-4.0.13/lib/active_record/connection_adapters/abstract/connection_pool.rb:293:in `with_connection'
	/Users/wchen/rapid7/msf/lib/msf/core/db_manager/connection.rb:123:in `connection_established?'
	/Users/wchen/rapid7/msf/lib/msf/core/db_manager/connection.rb:6:in `active'
	# 1. Start msfconsole
	# 2. Type irb to enter irb mode
	# 3. Copy and paste the following
	# 4. And then you can compare CVEs
	# 5. You should get something like this:
	# https://gist.github.com/wchen-r7/d79e10fbd26cb1c8d50b

	table = Rex::Ui::Text::Table.new(
	'Header' => 'Exploits',
	'Indent' => 1,