adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
47,482 Commits 27 Branches 1,043 Tags
ffe4dbcc19def7a2e5e6140b83b514b1f30ded98
Commit Graph

2669 Commits

Author SHA1 Message Date
Wei Chen 28e3f3a5f0 Land #10327, Add CMS Made Simple Upload/Rename Authenticated RCE 2018-07-19 12:18:12 -05:00
Wei Chen c5ac4c791f Make changes based on community feedback 2018-07-19 12:17:02 -05:00
Jacob Robles 08e33cad0c Spelling fix 2018-07-17 20:12:37 -05:00
Jacob Robles 1e004769ca CMS Made Simple Upload/Rename Authenticated RCE 2018-07-17 09:00:39 -05:00
William Vu 9a7c34e6e9 Land #10064, Claymore Dual Miner API RCE 2018-07-16 18:02:20 -05:00
William Vu 2f37482535 Land #10278, gitlist_arg_injection fixes 2018-07-12 19:03:52 -05:00
asoto-r7 1a3a4ef5e4 Revised 88 aux and exploit modules to add CVEs / references 2018-07-12 17:34:52 -05:00
Shelby Pace 1ded8ffb29 Land #10260, Add phpMyAdmin v4.8.1/4.8.0 LFI RCE 2018-07-11 11:10:52 -05:00
Shelby Pace 10cd6c99d9 Land #10231, Monstra Fileupload Exec 2018-07-10 14:23:15 -05:00
Shelby Pace 07dca243ff changed grammar, removed redundant code 2018-07-10 14:13:57 -05:00
Shelby Pace 171fa562a3 added parsing for repos in Gitlist source 2018-07-10 11:32:46 -05:00
Shelby Pace 5776b64a1b modified exploit 2018-07-09 13:56:33 -05:00
Shelby Pace f5e40b14a3 removed double eval as suggested 2018-07-09 13:24:31 -05:00
Jacob Robles 4f039de2fc Fix CVE numbers 2018-07-09 13:22:08 -05:00
Shelby Pace 44b9798afb modified regex, id=filesmanager lines 2018-07-09 10:55:29 -05:00
Jacob Robles bf24ce847a Fix token issues 2018-07-09 09:29:11 -05:00
Touhid M Shaikh bc33078e01 fixed comma 
fixed comma
 2018-07-09 12:27:58 +05:30
Touhid M Shaikh 6f6ad86e2c fix tab 
fix tab and space.
 2018-07-09 11:49:11 +05:30
Wei Chen 5fc5a47cd2 Update CVE references for exploit modules 
These are based on cross references by EDB, OSVDB, module short
name, blog post and BID.
 2018-07-08 18:46:04 -05:00
Touhid M Shaikh 4a835b2493 fix warning, and version 
fix warning, and version and indentation
 2018-07-07 17:27:09 +05:30
Wei Chen 545e91af00 Land #10262, Add GitList argument injection exploit module 2018-07-06 14:28:20 -05:00
Wei Chen 82c74eb765 Small changes 2018-07-06 14:25:58 -05:00
Shelby Pace b1456df757 made suggested changes 2018-07-06 12:48:38 -05:00
Jacob Robles fe1b17684a Add Targets and Session file inclusion 2018-07-06 12:17:26 -05:00
Shelby Pace 5d0652fab1 changed inconsistent capitalization 2018-07-05 15:56:41 -05:00
Shelby Pace 2b452d5681 added documentation and check 2018-07-05 15:47:21 -05:00
Jacob Robles cb078b9586 Drop database 2018-07-05 14:58:30 -05:00
Jacob Robles 43096d9d78 Add phpMyAdmin v4.8.1/4.8.0 LFI RCE 
Module and Doc
 2018-07-05 13:33:35 -05:00
Shelby Pace 507fd22958 added http post and generating payload 2018-07-05 13:21:22 -05:00
Shelby Pace 7d0b8dee4a making request for Gitlist source 2018-07-03 14:27:46 -05:00
Wei Chen 12141136d7 Land #9896, Java JMX Package Name Randomization 
Land #9896
 2018-07-02 13:41:39 -05:00
Ishaq Mohammed 70eb943b5a Update monstra_fileupload_exec.rb 2018-06-30 13:40:12 +05:30
Ishaq Mohammed 89ba960309 username and password values removed 
username and password values removed
 2018-06-30 12:47:13 +05:30
Ishaq Mohammed 128438f444 Merge pull request #2 from touhidshaikh/monstra_fileupload_exec 
Monstra fileupload exec
 2018-06-30 12:03:14 +05:30
Touhid M Shaikh f3e3d0c30b monstra_fileupload_exec.rb 
Monstra CMS - Authenticated  Arbitrary File Upload / Remote Code Execution CVE 2017-18048
 2018-06-28 10:55:41 +05:30
phra 54c2bc36e9 fix: invert if else order 2018-06-28 01:33:56 +02:00
phra e614805948 chore: fix msftidy 2018-06-28 01:27:51 +02:00
phra da22b36997 chore: fix typo 2018-06-27 17:16:38 +02:00
phra 53f158ef4f refactor: universal check, payload platform check 2018-06-27 17:11:47 +02:00
Jacob Robles 00102a7413 oscommerce msftidy fix 2018-06-26 08:21:10 -05:00
Jacob Robles cb50d0fade Land #9825, Add 'phpMyAdmin Authenticated Remote Code Execution' 2018-06-18 08:51:53 -05:00
Jacob Robles 2e2ded22fc Use Gem::Version 
Simplify version comparisons
 2018-06-18 08:35:47 -05:00
Jacob Robles 122ea2ddcb Update module, Add docs 
Changed the module to an exploit module and
added documentation.
 2018-06-18 07:33:05 -05:00
phra e9db949418 refactor: replace last string with hash 2018-06-01 16:59:38 +02:00
phra ae3e8dab78 chore: update references 2018-06-01 16:58:26 +02:00
phra 5649dd0598 refactor: use Hash.to_json instead of strings 2018-06-01 16:57:57 +02:00
Brent Cook fad5a99c7d fix incorrect disclosure date 2018-05-25 02:59:08 -05:00
phra 6d4ad57beb refactor: use Rex built-in encoders 2018-05-21 22:14:39 +02:00
phra c9ab44234a refactor: remove predefined cmd stager flavor, increase linemax 2018-05-19 15:55:11 +02:00
phra d239fb17db refactor: update code as requested 2018-05-19 15:50:10 +02:00