This patch includes the following changes:
* Instead of the uploadFile action, this patch uses uploadImageCommon
to be able to support both Advantech WebAccess builds: 2014 and
2015.
* It uses an explicit check instead of the passive version check.
* It cleans up the malicious file after getting a session.
* Added module documentation to explain the differences between
different builds of Advantech WebAccess 8.0s, and 8.1.
Fix#6872
This exploit module allows a user with credentials to execute JCL on a
vulnerable mainframe system running z/OS and an appropriately configured
FTP server.
When using shell_to_meterpreter via a pivot, the LHOST input's format
might be invalid. This is kind of a design limitation, so first we
check the input, and there is a module doc to go with it to explain
a workaround.
Fix#5191
commit 7f659547b3b5d8de34a1e4b136b5e899ae7878da
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon Dec 1 07:54:53 2014 -0600
Add a pointer to true and correct docs
See #4000. Seems kind of pointless to ship all these bytes when we host
everything on GitHub and provide tools to generate docs yourself.
commit 01668c8529454ffb0438aadef62eafb5045503ce
Author: Tod Beardsley <todb@metasploit.com>
Date: Mon Dec 1 07:39:11 2014 -0600
Remove old documentation
The last significant commit in this directory was a844b5c3 , which
touched a sample browser module. Before that, changes were either
ranging across the codebase, or surgical removal of out of date
documentation.
This all is looking to me like fairly useless historical artifacts.
See #4000 for more discussion.
Brent Cook