adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

2936 Commits

Author SHA1 Message Date
Andrea Cardaci bbb152a6d8 Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:02:34 +01:00
Andrea Cardaci eccee07e8b Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:02:07 +01:00
Andrea Cardaci a60652898f Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:01:03 +01:00
Andrea Cardaci a4ff847170 Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 18:57:06 +01:00
Andrea Cardaci 126f5ca05d Add 'Horde CSV import arbitrary PHP code execution' (CVE-2020-8518) 2020-03-14 16:07:51 +01:00
debifrank dfe70ca3fc Cisco DCNM Module upload directory location regex filter corrected to allow for paths such as C:\Cisco System\ 2020-03-12 17:08:33 -04:00
Adam Galway 0e163c69ab Land #12975, exploits RCE backdoor in PHPStudy 2020-03-10 11:56:26 +00:00
Spencer McIntyre c75780350e Land #13038, clean up the socket when checking 2020-03-06 13:00:42 -05:00
Christophe De La Fuente e5f2b48274 Ensure client is disconnected when leaving the check method 2020-03-06 17:38:37 +01:00
Spencer McIntyre eb90bee4a7 Land #12863, add exploit for PHP-FPM Underflow RCE 2020-03-05 11:43:43 -05:00
Christophe De La Fuente 8d6468e725 Fix comments 2020-03-05 13:28:28 +01:00
airevan 630add538f set default index.php 2020-03-05 10:24:22 +08:00
airevan 5a58fbb0e5 Remove space 2020-02-23 14:45:53 +08:00
airevan d102f3e48f Remove space 2020-02-23 13:03:13 +08:00
airevan adaa9e239a Add phpstudy backdoor exploit module 2020-02-23 10:23:32 +08:00
airevan bb7ed355f0 Add phpstudy backdoor exploit module 2020-02-22 22:55:45 +08:00
airevan 6a07160bd5 Add phpstudy backdoor exploit module 2020-02-22 19:53:06 +08:00
William Vu 7dc1315dac Update logic for ForceExploit in my modules 
This lets the user opt out of running check completely.
 2020-02-19 01:06:50 -06:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
Christophe De La Fuente 1b54d27301 Update code #2 
- Make error message more descriptive
- Use `Rex.sleep` in stead of `sleep`
- Update `detect_qsl` logic
- Change the first `Exploit::CheckCode` to `Unknown` for the `Check` method
 2020-02-17 19:04:32 +01:00
Christophe De La Fuente 828d974db5 Update code and documentation 
- Add `OperationMaxRetries` option documentation
- Add default value to `TARGETURI` and update the documentation
- Remove `PosOffset` advanced option and hardcode the value
- Update `Description`
- Move URI encoding logic to `send_crafted_request`
- Refactor `send_crafted_request` to handle the HTTP parameter and final & (%26)
 2020-02-17 18:25:10 +01:00
Christophe De La Fuente 0e9c637364 Randomize filename and HTTP parameter 2020-02-17 15:58:21 +01:00
Christophe De La Fuente 226f4b0a53 Line wrap to 80 columns and small fix 
- Line wrap documentation to 80 columns
- Line wrap `Description` field to 80 columns
- Remove unnecessary unless statement
 2020-02-17 13:06:32 +01:00
Christophe De La Fuente 351c0d1651 Small improvements 2020-02-14 17:16:27 -06:00
ide0x90 7a0bf69eb0 Major refactor, and more complete testing with cmd/unix payloads 2020-02-07 19:34:18 +08:00
ide0x90 6504c01668 Made module work with CmdStager 2020-01-31 13:29:04 +08:00
Christophe De La Fuente dab4291016 Update header name 2020-01-23 18:50:10 +01:00
Christophe De La Fuente daaa8cf857 Add PHP-FPM Underflow RCE module 2020-01-20 20:07:34 +01:00
Dave York 7b14442ab0 replace strings with bools 2020-01-14 20:47:27 -05:00
ide0x90 44489f0326 Using heredoc, streamlined check for PowerShell, improved docs. 2019-12-29 12:00:50 +08:00
ide0x90 4fb2e92a8f Cleanup according to Rubocop 2019-12-29 02:04:06 +08:00
ide0x90 daae0886fa Included lazy and manual check for Bash. 
More code cleanup, reducing use of class variables.
Normalized all the URIs.
Created a function to wrap GET requests to the target.
 2019-12-29 01:32:44 +08:00
ide0x90 65e7354ee6 Added TARGETURI 2019-12-27 15:48:37 +08:00
ide0x90 ce01137525 More cleanup. Better check. Encoding issues over with (hopefully). 2019-12-27 15:16:09 +08:00
ide0x90 29b306fedf Cleanup sweep the 2nd as per suggestions from @bcoles 2019-12-27 00:13:49 +08:00
ide0x90 046d8cbedc REALLY added documentation. 
Made module work with base64.
Cleaned up template as per @acammack-r7 's suggestions.
 2019-12-26 23:35:34 +08:00
ide0x90 242cee3060 Improved target verification and added documentation. 2019-12-26 20:22:21 +08:00
ide0x90 f637254ab2 Initial commit for module exploit/multi/http/solr_velocity_rce 2019-12-26 18:12:42 +08:00
Brent Cook e1e668d7da Land #12651, add OpenMRS deserialization exploit 2019-12-16 11:31:24 -06:00
Brendan Coles d7f1c9a4a9 Land #12696, Add AKA references to several modules 2019-12-12 15:28:21 +00:00
h00die 8cb58be4c0 style 2019-12-11 06:44:35 -05:00
Shelby Pace a4ed143af6 Land #12364, add vBulletin widgetconfig RCE 2019-12-10 12:12:47 -06:00
Shelby Pace 19169bc9b2 remove executable permissions 2019-12-10 12:10:04 -06:00
Shelby Pace ab6f77ce63 add reference 2019-12-10 11:47:48 -06:00
Shelby Pace dd2a6f77e3 remove unused opts 2019-12-10 11:32:46 -06:00
h00die 3b2a54a599 add aka to some modules 2019-12-10 09:53:13 -05:00
Shelby Pace 35282b3e35 use printf command stager 2019-12-04 12:17:35 -06:00
Shelby Pace 713099c997 improve version check 2019-12-03 14:56:44 -06:00
Shelby Pace 5f149bc51c Update modules/exploits/multi/http/openmrs_deserialization.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-12-03 13:19:15 -06:00
Shelby Pace d8747c3a02 Update modules/exploits/multi/http/openmrs_deserialization.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-12-03 13:19:04 -06:00