adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,933 Commits 27 Branches 1,043 Tags
e1f1ad45bcbe34ba01f6a8dde2da275abaedc63a
Commit Graph

271 Commits

Author SHA1 Message Date
William Vu c02f74637f Update print and comments 2020-04-14 23:06:38 -05:00
William Vu 6d57857cd1 Switch back to options (show options) in doc 2020-04-14 22:24:01 -05:00
William Vu 45cd0ef9f5 Reword sentence to avoid "too" many "to"s 2020-04-14 21:28:41 -05:00
William Vu a51f9368aa Add note about installing Docker 2020-04-14 21:24:10 -05:00
William Vu 9452ff0e06 Add note to doc about Liferay being a memory hog 2020-04-14 16:08:29 -05:00
William Vu c9c3f87203 Note tested version in module 2020-04-14 14:01:59 -05:00
William Vu 9b59a8e194 Be more verbose and validate classloader server 2020-04-14 14:01:18 -05:00
William Vu 83d5a673ac Rename exploit_class to constructor_class 2020-04-14 14:01:17 -05:00
William Vu d220c1045e Refactor check for precision 2020-04-14 14:01:17 -05:00
William Vu 49101a799a Add module doc 2020-04-14 14:01:17 -05:00
Spencer McIntyre bea42876ee Land #13067, PlaySMS template injection RCE 2020-04-03 10:22:35 -04:00
Spencer McIntyre bd835e8f2d Cleanup more status methods and move the module 2020-04-03 10:21:27 -04:00
bwatters-r7 859eda92bb Land #12759, Apache Solr Remote Code Execution via Velocity Template 
Merge branch 'land-12759' into upstream-master
 2020-04-02 11:23:33 -05:00
ide0x90 861b79bce7 Added new targets and made documentation consistent 2020-03-29 00:33:24 +08:00
h00die fd8420cef7 fix install lines 2020-03-24 09:36:17 -04:00
h00die e7da6e77a5 remove and check for instruction text 2020-03-24 09:15:04 -04:00
h00die 0b4c047411 doc cleanup 2020-03-24 08:47:21 -04:00
Andrea Cardaci 126f5ca05d Add 'Horde CSV import arbitrary PHP code execution' (CVE-2020-8518) 2020-03-14 16:07:51 +01:00
Adam Galway 0e163c69ab Land #12975, exploits RCE backdoor in PHPStudy 2020-03-10 11:56:26 +00:00
Spencer McIntyre eb90bee4a7 Land #12863, add exploit for PHP-FPM Underflow RCE 2020-03-05 11:43:43 -05:00
airevan adaa9e239a Add phpstudy backdoor exploit module 2020-02-23 10:23:32 +08:00
ide0x90 ac482a0d31 Typo in documentation 2020-02-19 23:32:07 +08:00
Christophe De La Fuente 828d974db5 Update code and documentation 
- Add `OperationMaxRetries` option documentation
- Add default value to `TARGETURI` and update the documentation
- Remove `PosOffset` advanced option and hardcode the value
- Update `Description`
- Move URI encoding logic to `send_crafted_request`
- Refactor `send_crafted_request` to handle the HTTP parameter and final & (%26)
 2020-02-17 18:25:10 +01:00
Christophe De La Fuente 226f4b0a53 Line wrap to 80 columns and small fix 
- Line wrap documentation to 80 columns
- Line wrap `Description` field to 80 columns
- Remove unnecessary unless statement
 2020-02-17 13:06:32 +01:00
Christophe De La Fuente 9193ace50b Add documentation 2020-02-14 17:17:45 -06:00
ide0x90 7a0bf69eb0 Major refactor, and more complete testing with cmd/unix payloads 2020-02-07 19:34:18 +08:00
h00die ca59b06fd3 module doc standardizations 2020-01-20 21:26:59 -05:00
h00die 50881c899a h1 to h2 2020-01-16 11:46:36 -05:00
h00die f970ea7963 example output to scenarios 2020-01-16 11:41:12 -05:00
h00die 947102e2fe sample output to scenarios 2020-01-16 11:15:06 -05:00
h00die a1978c76a6 fix up spaces on options header 2020-01-16 10:52:13 -05:00
h00die 4b0ab94043 module options to options 2020-01-16 10:49:22 -05:00
h00die 2fff1f66e9 vulnerable application h1 to h2 2020-01-16 10:44:35 -05:00
h00die 3a4209a092 verification to verification steps 2020-01-16 10:41:12 -05:00
h00die c904b9d2f2 scenario to scenarios 2020-01-16 10:36:38 -05:00
h00die fa73709b3e documentation standardization 2020-01-14 21:02:53 -05:00
ide0x90 44489f0326 Using heredoc, streamlined check for PowerShell, improved docs. 2019-12-29 12:00:50 +08:00
ide0x90 046d8cbedc REALLY added documentation. 
Made module work with base64.
Cleaned up template as per @acammack-r7 's suggestions.
 2019-12-26 23:35:34 +08:00
Brent Cook e1e668d7da Land #12651, add OpenMRS deserialization exploit 2019-12-16 11:31:24 -06:00
Shelby Pace a4ed143af6 Land #12364, add vBulletin widgetconfig RCE 2019-12-10 12:12:47 -06:00
Shelby Pace 3ddef6091c update scenarios section 2019-12-04 12:19:58 -06:00
Shelby Pace c7125b1b5f remove options section 2019-12-03 12:06:44 -06:00
Shelby Pace 6f153a885a add tested version 2019-12-02 08:42:45 -06:00
RAMELLA Sébastien eb2817b51f fix. typo into the documentation. 2019-11-22 20:10:29 +04:00
Shelby Pace 407adca9ec add docs 2019-11-21 14:15:57 -06:00
scanu92 a307f4f41a Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-11-03 00:32:10 +01:00
scanu92 1a4777670b Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-11-03 00:30:18 +01:00
sk4 af0761bcfd Add CMS Made Simple object injection exploit module 2019-11-01 12:11:38 +01:00
Shelby Pace 0b4a0b3148 Land #12476, add Nostromo dir traversal RCE 2019-10-31 08:24:41 -05:00
Quentin Kaiser a55c5c6765 Update documentation/modules/exploit/multi/http/nostromo_code_exec.md 
s/Nostrom/Nostromo/

Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-10-30 15:38:50 +01:00