Jack Heysel
1174344b76
This exploit module leverages an Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability (CVE-2023-43177) to achieve unauthenticated remote code execution. This affects CrushFTP versions prior to 10.5.1.
Folder Purpose
This folder is primarily used to hold documentation for Metasploit's various modules, as well as the developers guide
at developers_guide.pdf.
Metasploit Developer Documentation
Metasploit is actively supported by a community of hundreds of contributors and thousands of users world-wide. As a result, the accompanying documentation moves quite quickly.
The best source of documentation on Metasploit development is https://docs.metasploit.com/. There are many treasures there, such as:
- Evading Antivirus
- How Payloads Work
- How to use Datastore Options
- How to write browser exploits with BES
- How to write a bruteforcer
...and many, many more.
API Documentation
If you are looking for API documentation, you may run rake yard to
generate a navigable view of the comment documentation used throughout
Metasploit, or visit https://rapid7.github.io/metasploit-framework/api
for a recently generated online version.
Contributing
If you would like to contribute to the documentation effort, please see http://yardoc.org/ for details on how to write YARD-compatible comments, and send us a Pull Request with your contribution.