adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53,754 Commits 27 Branches 1,043 Tags
407adca9ecb38dee74b4e2d658f23cccecc3bf11
Commit Graph

1908 Commits

Author SHA1 Message Date
Shelby Pace e6e1156185 add reference, description, etc. 2019-11-21 14:15:25 -06:00
Shelby Pace a4657da33a code execution with Java 8 2019-11-20 15:29:33 -06:00
Shelby Pace a337567101 add check method 2019-11-06 12:40:45 -06:00
Shelby Pace f898c73e49 add module skeleton 2019-11-05 11:27:35 -06:00
Shelby Pace 0b4a0b3148 Land #12476, add Nostromo dir traversal RCE 2019-10-31 08:24:41 -05:00
Shelby Pace 99fd254348 add reference 2019-10-31 08:23:57 -05:00
Quentin Kaiser ca81793860 Forgot to put ForceExploit in registered options. 2019-10-31 10:25:26 +01:00
Quentin Kaiser 0531dd7bb9 Hash rocket alignment. 2019-10-29 12:28:39 +01:00
Quentin Kaiser bc0c2bf721 check function rewrite. 2019-10-29 12:27:15 +01:00
Quentin Kaiser 436d6781c1 Fix description. 2019-10-29 12:25:01 +01:00
Quentin Kaiser b357db22cf Fix description. 2019-10-29 12:24:22 +01:00
Quentin Kaiser 8bbb33c483 Generic name. 2019-10-29 12:24:00 +01:00
Quentin Kaiser b6dd30302a Rewriting of command stager, based on exploits/unix/webapp/webmin_backdoor. 2019-10-29 12:23:19 +01:00
William Vu 3565b0efb8 Land #12365, Total.js CMS widget creation RCE 2019-10-21 15:22:09 -05:00
Quentin Kaiser d76ea0ca59 Initial module version for Nostromo RCE (CVE-2019-16278). 2019-10-21 18:11:44 +02:00
Wei Chen 0ebc971d29 Use CmdStager mixin 2019-10-15 14:00:58 -05:00
Wei Chen bb7c42b2ce Arch and disclosure date 2019-10-15 10:25:20 -05:00
Wei Chen a3331dba9f Move totaljs cms module and doc 2019-10-15 10:11:14 -05:00
Shelby Pace ec9ea4ce0d Land #12366, fix nil check in atutor module 2019-10-14 18:14:06 -05:00
h00die 4cc85ecb75 adress a spelling problem 2019-10-05 14:22:18 -04:00
h00die ffc8c7e32a more ruby style 2019-10-02 20:23:12 -04:00
h00die c188d179ed fix atutor bugs 2019-09-26 20:37:10 -04:00
Wei Chen 6a80bf2cf5 Should ensure, not in exception 2019-09-25 22:23:41 -05:00
h00die d6a7da9490 fix atutor nil 2019-09-25 22:02:55 -04:00
h00die ca99bd4191 fix nil check 2019-09-25 21:24:14 -04:00
Wei Chen 8dc238e687 Add TotaJS CMS Code Injection in Widget Creation 2019-09-25 16:54:44 -05:00
todb-r7 a9a2ce2f6a Add correct CVE for shopware module 
In PR #11828, the module author requested, and got, a new CVE for this
issue. The module should reflect that.
 2019-09-12 16:09:32 -05:00
Shelby Pace c4bd91f505 Land #12272, add October CMS file upload 2019-09-06 10:13:33 -05:00
Shelby Pace 5f7c243b48 add filedropper, fix check, add to docs 2019-09-06 09:49:09 -05:00
Touhid M Shaikh aaebec01a4 Update References 
Added CVE and Blog link
 2019-09-06 18:26:28 +05:30
Touhid M Shaikh cf4c10783a Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-05 23:50:18 +05:30
Touhid M Shaikh 4b416bf530 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-05 23:48:43 +05:30
Touhid M Shaikh a7e205e252 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-05 23:48:32 +05:30
Touhid M Shaikh 0e4e7dd9d9 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-05 23:48:22 +05:30
Touhid M Shaikh bc1610ec46 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-05 23:48:14 +05:30
Touhid M Shaikh 71c1c07b0d fixed 
fix EOF on 88 line
 2019-09-04 13:08:26 +05:30
Touhid M Shaikh aeaf4232fe updated 
typo, comments and check fixed
 2019-09-04 12:46:31 +05:30
Touhid M Shaikh 5e63c83257 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-09-04 12:37:21 +05:30
Touhid M Shaikh 974f078114 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-09-04 12:29:32 +05:30
Touhid M Shaikh bb8b3245a3 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-09-04 12:28:59 +05:30
Touhid M Shaikh f0eb7da43b Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-09-04 12:28:51 +05:30
Touhid M Shaikh 7359e4bdd6 fixes suggested by @space-r7 
fixed check before passing to the accessor, removed res which is not used.
 2019-09-04 12:20:39 +05:30
Touhid M Shaikh 6c6603bbd7 Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-03 23:18:31 +05:30
Touhid M Shaikh aee17608cd Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-03 23:17:50 +05:30
Touhid M Shaikh 6934af0b7d Update modules/exploits/multi/http/october_upload_bypass_exec.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-09-03 23:15:33 +05:30
Touhid M Shaikh 615661a03d first build 
first build of october_upload_bypass_exec
 2019-09-03 12:04:38 +05:30
William Vu 042c181f67 Land #12058, cisco_dcnm_upload_2019 exploit 2019-08-30 13:33:19 -05:00
Pedro Ribeiro 3dd9c38fd1 Update cisco_dcnm_upload_2019.rb 2019-08-29 12:42:01 +07:00
Pedro Ribeiro bbbf426ec7 make requested changes 2019-08-29 12:16:58 +07:00
Pedro Ribeiro bda1120cac make requested changes 2019-08-29 11:14:40 +07:00