adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

1951 Commits

Author SHA1 Message Date
Jacob Robles 62f663207b Change option type 2018-07-30 12:15:59 -05:00
Jacob Robles fe9315dc89 Update module, Add documentation 2018-07-30 12:11:08 -05:00
Wei Chen 72d634b10b Update module and its documentation 2018-07-26 23:08:20 -05:00
Shelby Pace be1bf8b1fc modified status 2018-07-26 15:41:19 -05:00
Shelby Pace 6accca4181 added documentation and check method 2018-07-26 15:32:37 -05:00
Shelby Pace ed4c4046ba parsing for uploaded file, gets session 2018-07-26 14:23:24 -05:00
Shelby Pace c23ffcbf62 successfully uploads payload and gets a session 2018-07-26 11:09:01 -05:00
Shelby Pace 8f89275df8 authenticating to WordPress 2018-07-25 14:22:24 -05:00
Shelby Pace 668bcb38cb metadata setup 2018-07-25 11:29:47 -05:00
Brendan Coles 19239c72c0 Update cmsms_upload_rename_rce check and docs 2018-07-19 18:26:42 +00:00
Wei Chen c5ac4c791f Make changes based on community feedback 2018-07-19 12:17:02 -05:00
Jacob Robles 08e33cad0c Spelling fix 2018-07-17 20:12:37 -05:00
Jacob Robles 20905d1ca1 Fix syntax error 2018-07-17 18:48:07 -05:00
Jacob Robles a24666a00a msftidy fixes 2018-07-17 18:28:33 -05:00
Jacob Robles 1e004769ca CMS Made Simple Upload/Rename Authenticated RCE 2018-07-17 09:00:39 -05:00
William Vu 2f37482535 Land #10278, gitlist_arg_injection fixes 2018-07-12 19:03:52 -05:00
asoto-r7 1a3a4ef5e4 Revised 88 aux and exploit modules to add CVEs / references 2018-07-12 17:34:52 -05:00
Shelby Pace 1ded8ffb29 Land #10260, Add phpMyAdmin v4.8.1/4.8.0 LFI RCE 2018-07-11 11:10:52 -05:00
Shelby Pace 10cd6c99d9 Land #10231, Monstra Fileupload Exec 2018-07-10 14:23:15 -05:00
Shelby Pace 07dca243ff changed grammar, removed redundant code 2018-07-10 14:13:57 -05:00
Shelby Pace 171fa562a3 added parsing for repos in Gitlist source 2018-07-10 11:32:46 -05:00
Shelby Pace 5776b64a1b modified exploit 2018-07-09 13:56:33 -05:00
Shelby Pace f5e40b14a3 removed double eval as suggested 2018-07-09 13:24:31 -05:00
Jacob Robles 4f039de2fc Fix CVE numbers 2018-07-09 13:22:08 -05:00
Shelby Pace 44b9798afb modified regex, id=filesmanager lines 2018-07-09 10:55:29 -05:00
Jacob Robles bf24ce847a Fix token issues 2018-07-09 09:29:11 -05:00
Touhid M Shaikh bc33078e01 fixed comma 
fixed comma
 2018-07-09 12:27:58 +05:30
Touhid M Shaikh 6f6ad86e2c fix tab 
fix tab and space.
 2018-07-09 11:49:11 +05:30
Wei Chen 5fc5a47cd2 Update CVE references for exploit modules 
These are based on cross references by EDB, OSVDB, module short
name, blog post and BID.
 2018-07-08 18:46:04 -05:00
Touhid M Shaikh 4a835b2493 fix warning, and version 
fix warning, and version and indentation
 2018-07-07 17:27:09 +05:30
Wei Chen 82c74eb765 Small changes 2018-07-06 14:25:58 -05:00
Shelby Pace b1456df757 made suggested changes 2018-07-06 12:48:38 -05:00
Jacob Robles fe1b17684a Add Targets and Session file inclusion 2018-07-06 12:17:26 -05:00
Shelby Pace 5d0652fab1 changed inconsistent capitalization 2018-07-05 15:56:41 -05:00
Shelby Pace 2b452d5681 added documentation and check 2018-07-05 15:47:21 -05:00
Jacob Robles cb078b9586 Drop database 2018-07-05 14:58:30 -05:00
Jacob Robles 43096d9d78 Add phpMyAdmin v4.8.1/4.8.0 LFI RCE 
Module and Doc
 2018-07-05 13:33:35 -05:00
Shelby Pace 507fd22958 added http post and generating payload 2018-07-05 13:21:22 -05:00
Shelby Pace 7d0b8dee4a making request for Gitlist source 2018-07-03 14:27:46 -05:00
Ishaq Mohammed 70eb943b5a Update monstra_fileupload_exec.rb 2018-06-30 13:40:12 +05:30
Ishaq Mohammed 89ba960309 username and password values removed 
username and password values removed
 2018-06-30 12:47:13 +05:30
Ishaq Mohammed 128438f444 Merge pull request #2 from touhidshaikh/monstra_fileupload_exec 
Monstra fileupload exec
 2018-06-30 12:03:14 +05:30
Touhid M Shaikh f3e3d0c30b monstra_fileupload_exec.rb 
Monstra CMS - Authenticated  Arbitrary File Upload / Remote Code Execution CVE 2017-18048
 2018-06-28 10:55:41 +05:30
Jacob Robles 00102a7413 oscommerce msftidy fix 2018-06-26 08:21:10 -05:00
Jacob Robles cb50d0fade Land #9825, Add 'phpMyAdmin Authenticated Remote Code Execution' 2018-06-18 08:51:53 -05:00
Jacob Robles 2e2ded22fc Use Gem::Version 
Simplify version comparisons
 2018-06-18 08:35:47 -05:00
Jacob Robles 122ea2ddcb Update module, Add docs 
Changed the module to an exploit module and
added documentation.
 2018-06-18 07:33:05 -05:00
Touhid M Shaikh 12457d14f7 vTiger CRM v6.3.0 (CVE:2015-6000,CVE:2016-1713) 
an attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file.
 2018-05-19 01:13:10 +05:30
William Vu 739d58135f Move EXE generation in struts_code_exec_parameters 2018-05-16 06:15:40 -05:00
William Vu 6ec0272ff5 Land #8727, CVE-2017-9791 exploit 2018-05-16 05:41:26 -05:00