adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
54,859 Commits 27 Branches 1,043 Tags
703dc797101fa4a2fed65e87cccbe13e9dbf2c57
Commit Graph

118 Commits

Author SHA1 Message Date
William Vu 8c07e17912 Update module docs 2020-02-06 15:57:54 -06:00
William Vu 62c98710ad Reword vulnerable commit range 2020-02-06 11:03:20 -06:00
William Vu 95fa8602bc Refactor modules that use Expect 2020-02-05 21:16:21 -06:00
William Vu b98c0c6876 Add module doc 2020-02-05 17:01:58 -06:00
tperry-r7 3518b9465c Merge pull request #12831 from h00die/doc_cleanup 
Documentation standardization. This is the first step in standardizing the module documentation.
 2020-01-22 14:53:12 -06:00
h00die ca59b06fd3 module doc standardizations 2020-01-20 21:26:59 -05:00
h00die 947102e2fe sample output to scenarios 2020-01-16 11:15:06 -05:00
h00die b2e0950bba caps 2020-01-16 11:09:29 -05:00
h00die 3a4209a092 verification to verification steps 2020-01-16 10:41:12 -05:00
William Vu 5c4189fdb4 Move unix/webapp/webmin_backdoor to linux/http 2020-01-14 00:50:04 -06:00
dwelch-r7 41569b78ba Land #12503, Add exploit module for Ajenti 2.1.31 2019-12-01 16:13:06 +00:00
Christophe De La Fuente 373d147efd Land #12555 - Wordpress Plainview Activity Monitor RCE 2019-11-29 11:10:24 +01:00
Onur ER f93fda79f6 Add Module Documentation 2019-11-18 20:25:56 +03:00
sinn3r 5c6686a105 Land #12532, Add FusionPBX Command exec.php Command Execution 
Add FusionPBX Command exec.php Command Execution
 2019-11-13 11:33:21 -06:00
sinn3r 66ad5deb47 Land #12531, Add FusionPBX Operator Panel exec.php Command Execution 
Add FusionPBX Operator Panel exec.php Command Execution
 2019-11-13 11:31:30 -06:00
lle-bout 1d7cdac421 Add Wordpress Plainview Activity Monitor RCE 
Description:

```
Plainview Activity Monitor Wordpress plugin is vulnerable to OS
command injection which allows an attacker to remotely execute
commands on underlying system. Application passes unsafe user supplied
data to ip parameter into activities_overview.php.
Privileges are required in order to exploit this vulnerability, but
this plugin version is also vulnerable to CSRF attack and Reflected
XSS. Combined, these three vulnerabilities can lead to Remote Command
Execution just with an admin click on a malicious link.
```
 2019-11-10 08:27:45 +01:00
Brendan Coles 6dc94bbca9 Update documentation 2019-11-02 22:37:56 +00:00
Brendan Coles f5afbe7104 Update documentation 2019-11-02 22:35:58 +00:00
Brendan Coles 89b277c360 Add documentation 2019-11-01 23:38:59 +00:00
Brendan Coles 08d51acd18 Update targets 2019-11-01 20:33:23 +00:00
Brendan Coles 73a8381639 Add documentation 2019-11-01 20:12:03 +00:00
Brendan Coles f3bc8580c0 Add documentation 2019-10-29 15:59:18 +00:00
William Vu ade9c23772 Don't be lazy and spell out "introduction" in docs 
This was unfortunately my doing, and then people copied me.
 2019-09-30 16:58:00 -05:00
William Vu d56e7d47b5 Add "analysis" 2019-08-21 17:05:40 -05:00
William Vu 856bf22597 Add module doc 2019-08-21 16:56:23 -05:00
Shelby Pace 030ac60fce Land #12084, Add Schneider Encoder Exploit 2019-07-22 12:49:44 -05:00
Shelby Pace 0293e74190 remove extra lines 2019-07-22 12:28:47 -05:00
vitorespf 5732880db6 Update documentation/modules/exploit/unix/http/schneider_electric_net55xx_encoder.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-19 10:08:33 -03:00
vitorespf 460e83eb81 Update documentation/modules/exploit/unix/http/schneider_electric_net55xx_encoder.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-19 09:56:51 -03:00
vitorespf be791e551c Update documentation/modules/exploit/unix/http/schneider_electric_net55xx_encoder.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-19 09:56:33 -03:00
vitorespf 4a2388cad7 Update documentation/modules/exploit/unix/http/schneider_electric_net55xx_encoder.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-19 09:54:49 -03:00
vitorespf 5f3f6f5b3f Update documentation/modules/exploit/unix/http/schneider_electric_net55xx_encoder.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-07-19 09:54:34 -03:00
vitorespf 6f656e51c4 Add files via upload 2019-07-19 09:21:21 -03:00
Jacob Robles de40b3e1c4 Land #12062, Add Laravel PHP RCE CVE-2018-15133 2019-07-12 09:28:33 -05:00
Jacob Robles 0f76729108 Update doc 2019-07-12 08:17:17 -05:00
Jacob Robles e84379cabe Refactor 2019-07-12 07:45:24 -05:00
Patrick Webster a9791fad74 Added Lavarel PHP exploit module with fixes. 2019-07-08 00:50:13 +10:00
Brendan Coles a0538a9613 Add Xymon useradm Command Execution module 2019-07-02 14:04:07 +00:00
William Vu 4dc2a86b7b Update module doc 2019-04-11 12:21:48 -05:00
Jacob Robles 82f0c9e9ee Land #11385, Add Webmin Upload Exec 2019-03-15 08:15:49 -05:00
Jacob Robles 5abfc2c136 Add Module Doc 2019-03-14 13:46:34 -05:00
Brendan Coles 6d14a53c80 Update tested versions 2019-03-09 04:41:51 +00:00
Brendan Coles 601dc1c79b Add documentation 2019-03-09 03:24:26 +00:00
William Vu 84376c30c4 Refactor check methods once again 2019-03-05 19:47:41 -06:00
William Vu 72bb49aca9 Make HTTP method configurable and prefer POST 2019-03-05 17:16:04 -06:00
William Vu 3ac7987d90 Fix inline code in module doc 2019-03-05 13:48:25 -06:00
William Vu 92a9c7184b Rewrite module doc 2019-03-05 13:26:05 -06:00
rotemreiss af1f2ebed9 Add documentation in .md file 2019-02-25 17:27:45 -05:00
William Vu ab8df35645 Add module doc 2018-12-01 12:05:08 -06:00
Wei Chen a32d8083f0 Land #10847 - Add blueimp's jQuery (Arbitrary) File Upload 
CVE-2018-9206
 2018-11-05 11:37:20 -06:00