metasploit-gs

Files

T

Valentin Lobstein 4aeacb7456 Fix: CmdStager compatibility with dash shell in openDCIM module

PHP exec() uses sh -c which is dash on Ubuntu. Dash echo does not
support -en flag, breaking the echo CmdStager flavor. Switch to
printf (octal) and bourne (base64) flavors which work in dash.

Also split backup_and_poison into backup_config and poison_dot so
CmdStager chunks don't overwrite the backup table, and escape
backslashes in SQL to preserve octal/hex sequences through MySQL.

2026-02-28 21:39:16 +01:00

auxiliary

Merge pull request #21012 from adfoster-r7/improve-graphql-introspection-detection-scanner

2026-02-23 16:06:10 +00:00

encoders

Updates modules to remove non-printable chars

2025-06-25 14:19:56 +01:00

evasion

chore: moved aarch64 rc4 packer to arch specific folder

2026-02-25 09:56:38 -05:00

exploits

Fix: CmdStager compatibility with dash shell in openDCIM module

2026-02-28 21:39:16 +01:00

nops

Add support for LoongArch64 payloads

2025-11-23 17:22:32 +11:00

payloads

Merge pull request #20861 from bcoles/post-linux-system-get_hostname

2026-01-17 19:38:21 +00:00

post

SIP proxt start action will now fail_with if it fails to write the origional config before making any changes

2026-02-23 11:30:06 +00:00

README.md

…

README.md

This is the folder where all of Metasploit's modules live. These modules are scripts in Ruby that interface with Metasploit itself to perform some specific task. There are various types of modules, such as exploit modules to exploit a vulnerability and gain a shell, auxiliary to perform a non-shell gaining activity, payloads for Metasploit's various payloads (which are also modules), and post for post exploitation modules.