caf76a6555
Add applicable notes to my exploit modules
2018-10-27 20:54:14 -04:00
8f17d536a7
Update phpmailer_arg_injection.rb
...
Removed second parameter as it was not necessary. Only changed needed was to change "send_request_cgi" to "send_request_cgi!"
2017-08-24 00:29:28 -06:00
c49b72a470
Follow 301 re-direct
...
I found that in some cases, the trigger URL cannot be accessed directly. For example, if the uploaded file was example.php, browsing to "example.php" would hit a 301 re-direct to "/example". It isn't until hitting "/example" that the php is executed. This small change will just allow the trigger to follow one 301 redirect.
2017-08-23 18:53:54 -06:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
3155af679a
Fix a typo
2017-01-03 16:03:45 -06:00
cd90fd3b1c
Fix PHPMailer targets since 5.2.20 is not affected
2016-12-30 15:31:15 -05:00
1eab4b3a7d
Add an optional explicit triggeruri for phpmailer
2016-12-30 14:24:07 -05:00
64037b0d6e
Use a proper target instead of VERSION
2016-12-29 17:37:16 -05:00
c9dd7a50b6
Add the PHPMailer Argument Injection exploit
2016-12-29 17:17:06 -05:00
Spencer McIntyre