adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50,629 Commits 27 Branches 1,043 Tags
c48a6ddbdfc02bf92b8d4e247dbe89bdfba4e821
Commit Graph

70 Commits

Author SHA1 Message Date
William Vu ab8df35645 Add module doc 2018-12-01 12:05:08 -06:00
Wei Chen a32d8083f0 Land #10847 - Add blueimp's jQuery (Arbitrary) File Upload 
CVE-2018-9206
 2018-11-05 11:37:20 -06:00
William Vu bf5fe2864f Update module doc 2018-10-23 16:28:49 -05:00
William Vu 326597e842 Update module doc with new output 2018-10-23 07:14:19 -05:00
William Vu 3d06c10ad0 Link to Apache AllowOverride directive and change 2018-10-23 03:51:16 -05:00
William Vu a55f7ff30a Clarify vuln (re)discovery vs. disclosure 
https://www.bleepingcomputer.com/news/security/jquery-file-upload-plugin-vulnerable-for-8-years-and-only-hackers-knew/
 2018-10-23 03:22:45 -05:00
William Vu df23507772 Add module doc 2018-10-22 23:35:42 -05:00
William Vu 8a6075c882 Add module doc 2018-10-20 14:15:26 -05:00
William Vu 51ffe7abba Add header to doc 2018-07-30 14:07:54 -05:00
flandini b00f0e87e0 Add SonicWall XML-RPC Remote Code Execution exploit module 2018-07-05 12:06:13 -05:00
Brendan Coles b8f0ca2cd7 Add documentation 2018-06-22 13:53:35 +00:00
William Vu 4dd744495d Add basic module doc 2018-06-12 15:01:40 -05:00
William Vu 728d7bc065 Fix #9876, second round of Drupalgeddon 2 updates 
Thanks to a reviewer for noticing my drupal_unpatched? method was
tri-state because of an unrefactored return. Oops! :)
 2018-05-03 17:38:32 -05:00
Aaron Soto 82fc4aba64 Land #9918, XDebug Unauthenticated OS command execution 2018-04-27 17:08:58 -05:00
William Vu 644889a324 Add TurnKey Linux ISOs to module doc setup section 2018-04-25 14:32:26 -05:00
William Vu 675ed78948 Update module doc with patch level detection 2018-04-24 23:30:05 -05:00
William Vu 8bc1417c8c Use PHP_FUNC as a fallback in case assert() fails 
Additionally drop a file in a writable directory in case CWD fails.
 2018-04-24 22:29:27 -05:00
William Vu e03ebf9446 Don't make a header out of tested version 
Reads a little better now.
 2018-04-24 21:06:38 -05:00
William Vu 89c95cae08 Remove block quote and add version to sample run 
The block quote was ripped directly from the module description. It
isn't necessary in the dedicated documentation. Reads better now.
 2018-04-24 21:02:30 -05:00
William Vu cd4861610f Explain available targets in documentation 
Oops.
 2018-04-24 04:31:30 -05:00
William Vu b507391f1b Change back to vprint_status for the nth time 
I really couldn't decide, especially once I got rid of CmdStager.

Also fully document the module options.
 2018-04-24 04:23:52 -05:00
William Vu 2abfee83de Add module doc to appease the @h00die god 2018-04-24 04:03:35 -05:00
Brent Cook 8c2138f13b Land #9742, QNX exploit improvements 2018-04-03 07:50:29 -05:00
Jacob Robles 0fa63ae7b3 Update documentation and module 
Included Super User in the documentation.
Implemented changes h00die suggested.
Modified sqli to generate strings used in regex.
 2018-03-28 10:57:28 -05:00
Brendan Coles fdd2af2d2a Update tested versions 2018-03-24 00:23:12 +00:00
Brendan Coles 6885f16e38 Add documentation 2018-03-22 06:27:13 +00:00
Luis Hernandez 37bf4d118a Changes suggested by h00die 0803 2018-03-09 09:55:50 -05:00
Luis Hernandez 048d0d1fe4 Changes suggested by h00die 2018-03-08 20:13:01 -05:00
Luis Hernandez 05a653b853 Add module documentation 2018-03-06 20:37:11 -05:00
Wei Chen 7e2c7837e5 Land #9325, Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module 
Land #9325
 2018-01-10 17:39:50 -06:00
Wei Chen b1f3f471f3 Update phpcollab_upload_exec code (also module documentation) 2018-01-10 17:38:52 -06:00
wetw0rk 8f0e41e159 requested changes 2018-01-01 17:30:43 -06:00
wetw0rk bc088cb379 added md 2018-01-01 05:46:04 -06:00
Nick Marcoccio 86ce3c8781 Made suggested changes and added documentation 2017-12-20 15:54:16 -05:00
Wei Chen 37514eec17 Land #9234, Add exploit for ClickJacking vuln for pfSense 
Land #9234
 2017-12-12 14:56:21 -06:00
Brent Cook f83e9815dd Land #9210, Add a Polycom HDX RCE 2017-12-04 12:49:35 -06:00
Yorick Koster b5994bde79 Update pfsense_clickjacking.md 2017-11-22 11:10:47 +01:00
Yorick Koster 5b5c5520e6 Update pfsense_clickjacking.md 2017-11-22 11:09:54 +01:00
Yorick Koster 916ee05cce Add exploit module for Clickjacking vulnerability in CSRF error page pfSense 2017-11-22 11:06:22 +01:00
h00die b7f7afb3be version detect, 2.2.6 handling 2017-11-19 08:28:07 -05:00
h00die f8891952c6 pfsense group member exec module 2017-11-15 21:00:58 -05:00
Austin 256bf5a5ca Create polycom_hdx_traceroute_exec.md 2017-11-15 10:38:53 -05:00
William Vu e3ac6b8dc2 Land #9109, wp-mobile-detector upload and execute 2017-11-01 13:25:16 -05:00
h00die cfd7761818 wp_mobile_detector rce 2017-10-20 23:19:58 -04:00
h00die fd028338e1 move psh to polycom so no more powershell name collision 2017-10-20 20:08:11 -04:00
William Vu 9b75ef7c36 Land #8343, qmail Shellshock module 2017-09-29 00:28:30 -05:00
Brendan Coles dfb5806dcb Add documentation 2017-05-28 03:08:45 +00:00
Jeffrey Martin b7b1995238 Land #8274, Wordpress admin upload check 2017-05-22 22:08:32 -05:00
William Vu 3893bc4d83 Update doc with new prestager command 2017-05-16 14:48:12 -05:00
Gabriel Follon 4e3d5fa8a3 Added docs 2017-05-16 13:06:09 +02:00