adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,317 Commits 27 Branches 1,043 Tags
ed5dd4dd20d22decbef21937f91ef121bb6f93fb
Commit Graph

249 Commits

Author SHA1 Message Date
Adam Galway 0e163c69ab Land #12975, exploits RCE backdoor in PHPStudy 2020-03-10 11:56:26 +00:00
Spencer McIntyre eb90bee4a7 Land #12863, add exploit for PHP-FPM Underflow RCE 2020-03-05 11:43:43 -05:00
airevan adaa9e239a Add phpstudy backdoor exploit module 2020-02-23 10:23:32 +08:00
Christophe De La Fuente 828d974db5 Update code and documentation 
- Add `OperationMaxRetries` option documentation
- Add default value to `TARGETURI` and update the documentation
- Remove `PosOffset` advanced option and hardcode the value
- Update `Description`
- Move URI encoding logic to `send_crafted_request`
- Refactor `send_crafted_request` to handle the HTTP parameter and final & (%26)
 2020-02-17 18:25:10 +01:00
Christophe De La Fuente 226f4b0a53 Line wrap to 80 columns and small fix 
- Line wrap documentation to 80 columns
- Line wrap `Description` field to 80 columns
- Remove unnecessary unless statement
 2020-02-17 13:06:32 +01:00
Christophe De La Fuente 9193ace50b Add documentation 2020-02-14 17:17:45 -06:00
h00die ca59b06fd3 module doc standardizations 2020-01-20 21:26:59 -05:00
h00die 50881c899a h1 to h2 2020-01-16 11:46:36 -05:00
h00die f970ea7963 example output to scenarios 2020-01-16 11:41:12 -05:00
h00die 947102e2fe sample output to scenarios 2020-01-16 11:15:06 -05:00
h00die a1978c76a6 fix up spaces on options header 2020-01-16 10:52:13 -05:00
h00die 4b0ab94043 module options to options 2020-01-16 10:49:22 -05:00
h00die 2fff1f66e9 vulnerable application h1 to h2 2020-01-16 10:44:35 -05:00
h00die 3a4209a092 verification to verification steps 2020-01-16 10:41:12 -05:00
h00die c904b9d2f2 scenario to scenarios 2020-01-16 10:36:38 -05:00
h00die fa73709b3e documentation standardization 2020-01-14 21:02:53 -05:00
Brent Cook e1e668d7da Land #12651, add OpenMRS deserialization exploit 2019-12-16 11:31:24 -06:00
Shelby Pace a4ed143af6 Land #12364, add vBulletin widgetconfig RCE 2019-12-10 12:12:47 -06:00
Shelby Pace 3ddef6091c update scenarios section 2019-12-04 12:19:58 -06:00
Shelby Pace c7125b1b5f remove options section 2019-12-03 12:06:44 -06:00
Shelby Pace 6f153a885a add tested version 2019-12-02 08:42:45 -06:00
RAMELLA Sébastien eb2817b51f fix. typo into the documentation. 2019-11-22 20:10:29 +04:00
Shelby Pace 407adca9ec add docs 2019-11-21 14:15:57 -06:00
scanu92 a307f4f41a Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-11-03 00:32:10 +01:00
scanu92 1a4777670b Apply suggestions from code review 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-11-03 00:30:18 +01:00
sk4 af0761bcfd Add CMS Made Simple object injection exploit module 2019-11-01 12:11:38 +01:00
Shelby Pace 0b4a0b3148 Land #12476, add Nostromo dir traversal RCE 2019-10-31 08:24:41 -05:00
Quentin Kaiser a55c5c6765 Update documentation/modules/exploit/multi/http/nostromo_code_exec.md 
s/Nostrom/Nostromo/

Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2019-10-30 15:38:50 +01:00
Quentin Kaiser f03f5e4904 Documentation updated based on latest module version. 2019-10-29 16:13:25 +01:00
William Vu 3565b0efb8 Land #12365, Total.js CMS widget creation RCE 2019-10-21 15:22:09 -05:00
Quentin Kaiser 295d609595 Add CVE-2019-16278 exploit documentation. 2019-10-21 21:15:04 +02:00
RAMELLA Sébastien 861dc9969f fix. typo in documentation file. 2019-10-18 16:07:55 +04:00
RAMELLA Sébastien 25f60b07ed compliance for the framework 2019-10-18 15:51:58 +04:00
Wei Chen a3331dba9f Move totaljs cms module and doc 2019-10-15 10:11:14 -05:00
William Vu ade9c23772 Don't be lazy and spell out "introduction" in docs 
This was unfortunately my doing, and then people copied me.
 2019-09-30 16:58:00 -05:00
RAMELLA Sébastien 28bbcd5402 fix. linux stager and add. documentation 2019-09-26 16:26:44 +04:00
Wei Chen 8dc238e687 Add TotaJS CMS Code Injection in Widget Creation 2019-09-25 16:54:44 -05:00
Shelby Pace c4bd91f505 Land #12272, add October CMS file upload 2019-09-06 10:13:33 -05:00
Shelby Pace b0625012c4 add vulnerable software version 2019-09-06 10:12:08 -05:00
Shelby Pace 5f7c243b48 add filedropper, fix check, add to docs 2019-09-06 09:49:09 -05:00
Touhid M Shaikh b9e702458d Update documentation/modules/exploit/multi/http/october_upload_bypass_exec.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-09-04 23:01:44 +05:30
Touhid M Shaikh 9179ce1de1 Update documentation/modules/exploit/multi/http/october_upload_bypass_exec.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-09-04 12:32:23 +05:30
Touhid M Shaikh 90b639da71 Update documentation/modules/exploit/multi/http/october_upload_bypass_exec.md 
Co-Authored-By: bcoles <bcoles@gmail.com>
 2019-09-04 12:32:15 +05:30
Touhid M Shaikh c9b0054629 october_upload_bypass_exec Doc 
october_upload_bypass_exec Documetation
 2019-09-03 12:26:41 +05:30
William Vu 042c181f67 Land #12058, cisco_dcnm_upload_2019 exploit 2019-08-30 13:33:19 -05:00
Pedro Ribeiro 23d7a0ed2b Create cisco_dcnm_upload_2019.md 2019-08-29 22:45:03 +07:00
Wei Chen 967b2a018f Land #12010, Add exploit module for wp-database-backup Wordpress plugin 2019-07-23 12:21:23 -05:00
William Vu cf140f0840 Make SRVHOST the callback address 2019-06-25 12:43:04 -05:00
Shelby Pace 2af76c1997 add documentation and finished module 2019-06-25 11:21:15 -05:00
William Vu 801af31d6f Update documentation 2019-05-22 15:03:44 -05:00