d4b196b309
Update exploits to note target authors
...
Target authors were selected based on comments that indicated that the
author was only responsible for a set of descrete targets. Authors that
were noted as assisting with target testing, check module development,
etc. were left at the module level.
2025-12-17 17:30:16 -05:00
8945267db6
Remove redundant Platform and Arch definitions
2025-12-17 16:12:31 -05:00
a454217bd4
Update info -d markdown
2025-06-24 11:21:49 +01:00
37388ca1be
Adds sentinel values to modules missing notes
2025-06-23 12:24:58 +01:00
a4b14d8b64
Runs Rubocop to fix layout in modules
2025-06-20 15:18:01 +01:00
19a9ff1198
Update a couple of modules for the new SMB server
2022-05-16 14:39:45 -04:00
30809787c4
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
b7bc52d20b
Fix HTTP/SMB mixin order to restore SSL option
...
Mixin order matters. Mixins kinda suck.
2019-01-29 11:09:34 -06:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
b8d80d87f1
Remove last newline after class - Make @wvu-r7 happy
2017-07-19 11:19:49 +01:00
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
12256a6423
Remove now-redundant peer
...
These all include either Msf::Exploit::Remote:Tcp or Msf::Exploit::Remote:HttpClient
2016-02-01 15:12:03 -06:00
0fb21af247
Verify deletion at on_new_session moment
2015-05-11 18:56:18 -05:00
b6146b1499
Use print_warning
2015-03-12 17:22:03 -05:00
fe822f8d33
Modify automatic file cleanup
2015-03-10 00:45:20 +01:00
0ef303cb6c
Fix Java payload
2015-03-10 00:01:27 +01:00
2eb0011a99
Autotrigger JSP shell at docBase
2015-03-07 20:41:08 +01:00
3be2bde5a2
Use bypass for bulletin S2-020
2015-03-07 19:14:20 +01:00
c388fd49c2
Fix print message
2015-03-05 15:43:54 -06:00
e1a4b046a0
Add support for tomcat 7 to struts_code_exec_classloader
2015-03-05 15:40:24 -06:00
fbf32669c6
Use single quote
2015-02-04 09:47:27 -06:00
de09559cc8
Change HTTP requests to succeed when going through HTTP proxies
2015-02-04 15:32:14 +01:00
f983c8171e
Modify description to match both Struts 1.x and 2.x versions
2015-01-30 12:35:38 +01:00
1a11ae4021
Add new references about Struts 1
2015-01-29 23:27:52 +01:00
4cc5844baf
Add Struts 1 support
2015-01-29 23:12:34 +01:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
373eb3dda0
Make struts_code_exec_classloader to work on windows
2014-09-10 18:00:16 -05:00
3536ec9a74
Description update
2014-05-05 13:43:44 -05:00
36f9f342c1
Fix typo
2014-05-02 16:26:08 +02:00
3dd3ceb3a9
Refactor code
2014-05-01 18:04:37 -05:00
b7ecf829d3
Do first refactor
2014-05-01 16:39:53 -05:00
195005dd83
Do minor style changes
2014-05-01 15:25:55 -05:00
140c8587e7
Fix metadata
2014-05-01 15:24:16 -05:00
e0ee31b388
Modify print_error by fail_with
2014-05-01 20:19:31 +02:00
3374af83ab
Fix typos
2014-05-01 19:44:07 +02:00
bd39af3965
Fix target ARCH_JAVA and remove calls to sleep
2014-05-01 00:51:52 +02:00
8e8fbfe583
Fix msf-staff comments
2014-04-29 17:36:04 +02:00
b2c2245aff
Add comments
2014-04-29 11:24:17 +02:00
a78aae08cf
Add CVE-2014-0094 RCE for Struts 2
2014-04-29 03:58:04 +02:00
17a508af34
Add CVE-2014-0094 RCE for Struts 2
2014-04-29 03:50:45 +02:00
Spencer McIntyre