Jack Heysel
a73a7531a9
This is an authenticated RCE against BoidCMS versions 2.0.0 and earlier. The underlying issue is that the file upload check allows a php file to be uploaded and executes as a media file if the GIF header is present in the PHP file.
Folder Purpose
This folder is primarily used to hold documentation for Metasploit's various modules, as well as the developers guide
at developers_guide.pdf.
Metasploit Developer Documentation
Metasploit is actively supported by a community of hundreds of contributors and thousands of users world-wide. As a result, the accompanying documentation moves quite quickly.
The best source of documentation on Metasploit development is https://docs.metasploit.com/. There are many treasures there, such as:
- Evading Antivirus
- How Payloads Work
- How to use Datastore Options
- How to write browser exploits with BES
- How to write a bruteforcer
...and many, many more.
API Documentation
If you are looking for API documentation, you may run rake yard to
generate a navigable view of the comment documentation used throughout
Metasploit, or visit https://rapid7.github.io/metasploit-framework/api
for a recently generated online version.
Contributing
If you would like to contribute to the documentation effort, please see http://yardoc.org/ for details on how to write YARD-compatible comments, and send us a Pull Request with your contribution.