adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
54,512 Commits 27 Branches 1,043 Tags
d2e2dcf85eebf64fc1ac4d889ea773f3b2b1bacb
Commit Graph

57 Commits

Author SHA1 Message Date
dwelch-r7 41569b78ba Land #12503, Add exploit module for Ajenti 2.1.31 2019-12-01 16:13:06 +00:00
Christophe De La Fuente 373d147efd Land #12555 - Wordpress Plainview Activity Monitor RCE 2019-11-29 11:10:24 +01:00
Onur ER f93fda79f6 Add Module Documentation 2019-11-18 20:25:56 +03:00
sinn3r 5c6686a105 Land #12532, Add FusionPBX Command exec.php Command Execution 
Add FusionPBX Command exec.php Command Execution
 2019-11-13 11:33:21 -06:00
sinn3r 66ad5deb47 Land #12531, Add FusionPBX Operator Panel exec.php Command Execution 
Add FusionPBX Operator Panel exec.php Command Execution
 2019-11-13 11:31:30 -06:00
lle-bout 1d7cdac421 Add Wordpress Plainview Activity Monitor RCE 
Description:

```
Plainview Activity Monitor Wordpress plugin is vulnerable to OS
command injection which allows an attacker to remotely execute
commands on underlying system. Application passes unsafe user supplied
data to ip parameter into activities_overview.php.
Privileges are required in order to exploit this vulnerability, but
this plugin version is also vulnerable to CSRF attack and Reflected
XSS. Combined, these three vulnerabilities can lead to Remote Command
Execution just with an admin click on a malicious link.
```
 2019-11-10 08:27:45 +01:00
Brendan Coles 6dc94bbca9 Update documentation 2019-11-02 22:37:56 +00:00
Brendan Coles f5afbe7104 Update documentation 2019-11-02 22:35:58 +00:00
Brendan Coles 89b277c360 Add documentation 2019-11-01 23:38:59 +00:00
Brendan Coles 08d51acd18 Update targets 2019-11-01 20:33:23 +00:00
Brendan Coles 73a8381639 Add documentation 2019-11-01 20:12:03 +00:00
Brendan Coles f3bc8580c0 Add documentation 2019-10-29 15:59:18 +00:00
William Vu ade9c23772 Don't be lazy and spell out "introduction" in docs 
This was unfortunately my doing, and then people copied me.
 2019-09-30 16:58:00 -05:00
William Vu d56e7d47b5 Add "analysis" 2019-08-21 17:05:40 -05:00
William Vu 856bf22597 Add module doc 2019-08-21 16:56:23 -05:00
Brendan Coles a0538a9613 Add Xymon useradm Command Execution module 2019-07-02 14:04:07 +00:00
William Vu 4dc2a86b7b Update module doc 2019-04-11 12:21:48 -05:00
Jacob Robles 82f0c9e9ee Land #11385, Add Webmin Upload Exec 2019-03-15 08:15:49 -05:00
Jacob Robles 5abfc2c136 Add Module Doc 2019-03-14 13:46:34 -05:00
Brendan Coles 6d14a53c80 Update tested versions 2019-03-09 04:41:51 +00:00
Brendan Coles 601dc1c79b Add documentation 2019-03-09 03:24:26 +00:00
William Vu 84376c30c4 Refactor check methods once again 2019-03-05 19:47:41 -06:00
William Vu 72bb49aca9 Make HTTP method configurable and prefer POST 2019-03-05 17:16:04 -06:00
William Vu 3ac7987d90 Fix inline code in module doc 2019-03-05 13:48:25 -06:00
William Vu 92a9c7184b Rewrite module doc 2019-03-05 13:26:05 -06:00
rotemreiss af1f2ebed9 Add documentation in .md file 2019-02-25 17:27:45 -05:00
William Vu bf5fe2864f Update module doc 2018-10-23 16:28:49 -05:00
William Vu 326597e842 Update module doc with new output 2018-10-23 07:14:19 -05:00
William Vu 3d06c10ad0 Link to Apache AllowOverride directive and change 2018-10-23 03:51:16 -05:00
William Vu a55f7ff30a Clarify vuln (re)discovery vs. disclosure 
https://www.bleepingcomputer.com/news/security/jquery-file-upload-plugin-vulnerable-for-8-years-and-only-hackers-knew/
 2018-10-23 03:22:45 -05:00
William Vu df23507772 Add module doc 2018-10-22 23:35:42 -05:00
William Vu 728d7bc065 Fix #9876, second round of Drupalgeddon 2 updates 
Thanks to a reviewer for noticing my drupal_unpatched? method was
tri-state because of an unrefactored return. Oops! :)
 2018-05-03 17:38:32 -05:00
William Vu 644889a324 Add TurnKey Linux ISOs to module doc setup section 2018-04-25 14:32:26 -05:00
William Vu 675ed78948 Update module doc with patch level detection 2018-04-24 23:30:05 -05:00
William Vu 8bc1417c8c Use PHP_FUNC as a fallback in case assert() fails 
Additionally drop a file in a writable directory in case CWD fails.
 2018-04-24 22:29:27 -05:00
William Vu e03ebf9446 Don't make a header out of tested version 
Reads a little better now.
 2018-04-24 21:06:38 -05:00
William Vu 89c95cae08 Remove block quote and add version to sample run 
The block quote was ripped directly from the module description. It
isn't necessary in the dedicated documentation. Reads better now.
 2018-04-24 21:02:30 -05:00
William Vu cd4861610f Explain available targets in documentation 
Oops.
 2018-04-24 04:31:30 -05:00
William Vu b507391f1b Change back to vprint_status for the nth time 
I really couldn't decide, especially once I got rid of CmdStager.

Also fully document the module options.
 2018-04-24 04:23:52 -05:00
William Vu 2abfee83de Add module doc to appease the @h00die god 2018-04-24 04:03:35 -05:00
Jacob Robles 0fa63ae7b3 Update documentation and module 
Included Super User in the documentation.
Implemented changes h00die suggested.
Modified sqli to generate strings used in regex.
 2018-03-28 10:57:28 -05:00
Luis Hernandez 37bf4d118a Changes suggested by h00die 0803 2018-03-09 09:55:50 -05:00
Luis Hernandez 048d0d1fe4 Changes suggested by h00die 2018-03-08 20:13:01 -05:00
Luis Hernandez 05a653b853 Add module documentation 2018-03-06 20:37:11 -05:00
Wei Chen b1f3f471f3 Update phpcollab_upload_exec code (also module documentation) 2018-01-10 17:38:52 -06:00
Nick Marcoccio 86ce3c8781 Made suggested changes and added documentation 2017-12-20 15:54:16 -05:00
h00die cfd7761818 wp_mobile_detector rce 2017-10-20 23:19:58 -04:00
Brendan Coles dfb5806dcb Add documentation 2017-05-28 03:08:45 +00:00
Jeffrey Martin b7b1995238 Land #8274, Wordpress admin upload check 2017-05-22 22:08:32 -05:00
William Vu 3893bc4d83 Update doc with new prestager command 2017-05-16 14:48:12 -05:00