adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,792 Commits 27 Branches 1,043 Tags
876836bcce89fc2dc46ebc700ecea4ef3b510c21
Commit Graph

287 Commits

Author SHA1 Message Date
RAMELLA Sébastien 876836bcce update doc and fix module syntax. 2020-06-16 10:47:51 -05:00
RAMELLA Sébastien 624c69bebf add. authenticated exploitation 2020-06-16 10:47:50 -05:00
RAMELLA Sébastien c704dba44c add. agent tesla panel rce exploit module 2020-06-16 10:47:49 -05:00
Shelby Pace 51fca24a38 Land #13545, add drag / drop file upload rce 2020-06-04 10:35:03 -05:00
Shelby Pace 329ba1091f add session_created, fix typo 2020-06-04 10:32:17 -05:00
h00die ff067088fd docs 2020-06-02 16:24:04 -04:00
h00die a6b6d7b14d make markdown not ruby 2020-05-30 21:21:31 -04:00
h00die 41b512ecda dnd multi file upload rce 2020-05-30 21:07:46 -04:00
Zenofex e5dcb2e23c Switch to use res.get_json_document from JSON.parse and more cleanup. 2020-05-28 11:16:44 -05:00
Zenofex 7ef7af0d30 Ran msftidy across documentation and made recommended changes to clean up module for MSF pull request. 2020-05-26 17:31:02 -05:00
Zenofex e7d7ddc213 Initial push of vbulletin_getIndexableContent auxillary and exploit modules + documentation. 2020-05-23 03:20:46 -05:00
Spencer McIntyre 2c61fd0aff Update Apache Shiro RCE module docs 2020-04-28 14:24:17 -04:00
L 70ad79dbcc change ip 2020-04-27 10:50:09 -05:00
L b283442845 Add shiro_rememberme_v124_deserialize documentation 2020-04-27 10:50:09 -05:00
William Vu 823c29a127 Update post-RuboCop style in my recent modules 
Mostly 80 columns (yeah, I know) and additional whitespace to complement
the lack of alignment.
 2020-04-22 10:52:00 -05:00
William Vu c5df5355ac Update my module documentation to the new standard 
Also update CheckModule to match current style and best practices.
 2020-04-20 20:06:52 -05:00
William Vu c02f74637f Update print and comments 2020-04-14 23:06:38 -05:00
William Vu 6d57857cd1 Switch back to options (show options) in doc 2020-04-14 22:24:01 -05:00
William Vu 45cd0ef9f5 Reword sentence to avoid "too" many "to"s 2020-04-14 21:28:41 -05:00
William Vu a51f9368aa Add note about installing Docker 2020-04-14 21:24:10 -05:00
William Vu 9452ff0e06 Add note to doc about Liferay being a memory hog 2020-04-14 16:08:29 -05:00
William Vu c9c3f87203 Note tested version in module 2020-04-14 14:01:59 -05:00
William Vu 9b59a8e194 Be more verbose and validate classloader server 2020-04-14 14:01:18 -05:00
William Vu 83d5a673ac Rename exploit_class to constructor_class 2020-04-14 14:01:17 -05:00
William Vu d220c1045e Refactor check for precision 2020-04-14 14:01:17 -05:00
William Vu 49101a799a Add module doc 2020-04-14 14:01:17 -05:00
Spencer McIntyre bea42876ee Land #13067, PlaySMS template injection RCE 2020-04-03 10:22:35 -04:00
Spencer McIntyre bd835e8f2d Cleanup more status methods and move the module 2020-04-03 10:21:27 -04:00
bwatters-r7 859eda92bb Land #12759, Apache Solr Remote Code Execution via Velocity Template 
Merge branch 'land-12759' into upstream-master
 2020-04-02 11:23:33 -05:00
ide0x90 861b79bce7 Added new targets and made documentation consistent 2020-03-29 00:33:24 +08:00
h00die fd8420cef7 fix install lines 2020-03-24 09:36:17 -04:00
h00die e7da6e77a5 remove and check for instruction text 2020-03-24 09:15:04 -04:00
h00die 0b4c047411 doc cleanup 2020-03-24 08:47:21 -04:00
Andrea Cardaci 126f5ca05d Add 'Horde CSV import arbitrary PHP code execution' (CVE-2020-8518) 2020-03-14 16:07:51 +01:00
Adam Galway 0e163c69ab Land #12975, exploits RCE backdoor in PHPStudy 2020-03-10 11:56:26 +00:00
Spencer McIntyre eb90bee4a7 Land #12863, add exploit for PHP-FPM Underflow RCE 2020-03-05 11:43:43 -05:00
airevan adaa9e239a Add phpstudy backdoor exploit module 2020-02-23 10:23:32 +08:00
ide0x90 ac482a0d31 Typo in documentation 2020-02-19 23:32:07 +08:00
Christophe De La Fuente 828d974db5 Update code and documentation 
- Add `OperationMaxRetries` option documentation
- Add default value to `TARGETURI` and update the documentation
- Remove `PosOffset` advanced option and hardcode the value
- Update `Description`
- Move URI encoding logic to `send_crafted_request`
- Refactor `send_crafted_request` to handle the HTTP parameter and final & (%26)
 2020-02-17 18:25:10 +01:00
Christophe De La Fuente 226f4b0a53 Line wrap to 80 columns and small fix 
- Line wrap documentation to 80 columns
- Line wrap `Description` field to 80 columns
- Remove unnecessary unless statement
 2020-02-17 13:06:32 +01:00
Christophe De La Fuente 9193ace50b Add documentation 2020-02-14 17:17:45 -06:00
ide0x90 7a0bf69eb0 Major refactor, and more complete testing with cmd/unix payloads 2020-02-07 19:34:18 +08:00
h00die ca59b06fd3 module doc standardizations 2020-01-20 21:26:59 -05:00
h00die 50881c899a h1 to h2 2020-01-16 11:46:36 -05:00
h00die f970ea7963 example output to scenarios 2020-01-16 11:41:12 -05:00
h00die 947102e2fe sample output to scenarios 2020-01-16 11:15:06 -05:00
h00die a1978c76a6 fix up spaces on options header 2020-01-16 10:52:13 -05:00
h00die 4b0ab94043 module options to options 2020-01-16 10:49:22 -05:00
h00die 2fff1f66e9 vulnerable application h1 to h2 2020-01-16 10:44:35 -05:00
h00die 3a4209a092 verification to verification steps 2020-01-16 10:41:12 -05:00