adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,490 Commits 27 Branches 1,043 Tags
be21ef692d401b119bb797eccf3bb9783ab27793
Commit Graph

1981 Commits

Author SHA1 Message Date
h00die 0b4c047411 doc cleanup 2020-03-24 08:47:21 -04:00
Shelby Pace fd8ceb0db2 Land #13082, add Horde Groupware Webmail RCE 2020-03-23 07:32:53 -05:00
Shelby Pace 475c24361d randomize file name 2020-03-23 07:28:04 -05:00
Shelby Pace c6eebe4ca3 replace equality with include? 2020-03-20 21:19:29 -05:00
Andrea Cardaci 40d6dd14c4 Remove the check method 2020-03-18 20:29:49 +01:00
Andrea Cardaci 19e9848592 Remove trailing spaces 2020-03-17 19:06:57 +01:00
Andrea Cardaci bbb152a6d8 Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:02:34 +01:00
Andrea Cardaci eccee07e8b Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:02:07 +01:00
Andrea Cardaci a60652898f Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 19:01:03 +01:00
Andrea Cardaci a4ff847170 Update modules/exploits/multi/http/horde_csv_rce.rb 
Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2020-03-17 18:57:06 +01:00
Andrea Cardaci 126f5ca05d Add 'Horde CSV import arbitrary PHP code execution' (CVE-2020-8518) 2020-03-14 16:07:51 +01:00
debifrank dfe70ca3fc Cisco DCNM Module upload directory location regex filter corrected to allow for paths such as C:\Cisco System\ 2020-03-12 17:08:33 -04:00
Adam Galway 0e163c69ab Land #12975, exploits RCE backdoor in PHPStudy 2020-03-10 11:56:26 +00:00
Spencer McIntyre c75780350e Land #13038, clean up the socket when checking 2020-03-06 13:00:42 -05:00
Christophe De La Fuente e5f2b48274 Ensure client is disconnected when leaving the check method 2020-03-06 17:38:37 +01:00
Spencer McIntyre eb90bee4a7 Land #12863, add exploit for PHP-FPM Underflow RCE 2020-03-05 11:43:43 -05:00
Christophe De La Fuente 8d6468e725 Fix comments 2020-03-05 13:28:28 +01:00
airevan 630add538f set default index.php 2020-03-05 10:24:22 +08:00
airevan 5a58fbb0e5 Remove space 2020-02-23 14:45:53 +08:00
airevan d102f3e48f Remove space 2020-02-23 13:03:13 +08:00
airevan adaa9e239a Add phpstudy backdoor exploit module 2020-02-23 10:23:32 +08:00
airevan bb7ed355f0 Add phpstudy backdoor exploit module 2020-02-22 22:55:45 +08:00
airevan 6a07160bd5 Add phpstudy backdoor exploit module 2020-02-22 19:53:06 +08:00
William Vu 7dc1315dac Update logic for ForceExploit in my modules 
This lets the user opt out of running check completely.
 2020-02-19 01:06:50 -06:00
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
 2020-02-18 09:06:11 -06:00
Christophe De La Fuente 1b54d27301 Update code #2 
- Make error message more descriptive
- Use `Rex.sleep` in stead of `sleep`
- Update `detect_qsl` logic
- Change the first `Exploit::CheckCode` to `Unknown` for the `Check` method
 2020-02-17 19:04:32 +01:00
Christophe De La Fuente 828d974db5 Update code and documentation 
- Add `OperationMaxRetries` option documentation
- Add default value to `TARGETURI` and update the documentation
- Remove `PosOffset` advanced option and hardcode the value
- Update `Description`
- Move URI encoding logic to `send_crafted_request`
- Refactor `send_crafted_request` to handle the HTTP parameter and final & (%26)
 2020-02-17 18:25:10 +01:00
Christophe De La Fuente 0e9c637364 Randomize filename and HTTP parameter 2020-02-17 15:58:21 +01:00
Christophe De La Fuente 226f4b0a53 Line wrap to 80 columns and small fix 
- Line wrap documentation to 80 columns
- Line wrap `Description` field to 80 columns
- Remove unnecessary unless statement
 2020-02-17 13:06:32 +01:00
Christophe De La Fuente 351c0d1651 Small improvements 2020-02-14 17:16:27 -06:00
Christophe De La Fuente dab4291016 Update header name 2020-01-23 18:50:10 +01:00
Christophe De La Fuente daaa8cf857 Add PHP-FPM Underflow RCE module 2020-01-20 20:07:34 +01:00
Dave York 7b14442ab0 replace strings with bools 2020-01-14 20:47:27 -05:00
Brent Cook e1e668d7da Land #12651, add OpenMRS deserialization exploit 2019-12-16 11:31:24 -06:00
Brendan Coles d7f1c9a4a9 Land #12696, Add AKA references to several modules 2019-12-12 15:28:21 +00:00
h00die 8cb58be4c0 style 2019-12-11 06:44:35 -05:00
Shelby Pace a4ed143af6 Land #12364, add vBulletin widgetconfig RCE 2019-12-10 12:12:47 -06:00
Shelby Pace 19169bc9b2 remove executable permissions 2019-12-10 12:10:04 -06:00
Shelby Pace ab6f77ce63 add reference 2019-12-10 11:47:48 -06:00
Shelby Pace dd2a6f77e3 remove unused opts 2019-12-10 11:32:46 -06:00
h00die 3b2a54a599 add aka to some modules 2019-12-10 09:53:13 -05:00
Shelby Pace 35282b3e35 use printf command stager 2019-12-04 12:17:35 -06:00
Shelby Pace 713099c997 improve version check 2019-12-03 14:56:44 -06:00
Shelby Pace 5f149bc51c Update modules/exploits/multi/http/openmrs_deserialization.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-12-03 13:19:15 -06:00
Shelby Pace d8747c3a02 Update modules/exploits/multi/http/openmrs_deserialization.rb 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-12-03 13:19:04 -06:00
Shelby Pace 9655c33a66 add bcoles' format_payload implementation 2019-12-03 12:24:33 -06:00
Shelby Pace f3922d73d8 use encode, replace double quotes 2019-12-02 15:25:52 -06:00
Francesco Soncina 45bee2d500 Update splunk_upload_app_exec.rb 2019-11-26 15:38:34 +01:00
RAMELLA Sébastien 6e93df1224 fix. DisablePayloadHandler to false in target 0 and add unknown author. 2019-11-22 17:56:50 +04:00
Shelby Pace e6e1156185 add reference, description, etc. 2019-11-21 14:15:25 -06:00