adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5faa0a5b6b705f99cb39b597201af2aa2e7fcbfd
metasploit-gs/documentation/modules/exploit/linux/http
T
History
Chocapikk 39a5d710aa Refactor module: modularization, session-path leak, randomized key, improved check 
- Centralized fetch_cookies_and_csrf and execute_via_session methods for clarity
- Added leak_session_path() to call send_transform("phpinfo") and parse session.save_path via XPath
- In check(): first try to leak the PHP session directory (report vulnerable if successful), then perform a simple RCE check by summing two 4-digit random numbers with print_r()
- Stub injection now happens once in fetch_cookies_and_csrf; execute_via_session only needs the payload
- Randomized the "as hack" key in send_transform
- Simplified exploit() to reuse execute_via_session with a Base64-encoded payload
- Big thanks to @jvoisin for the suggestions!
2025-04-30 00:24:25 +02:00
..
acronis_cyber_infra_cve_2023_45249.md
Fixed cluster ID issue
2024-09-26 21:53:27 +00:00
alienvault_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
apache_airflow_dag_rce.md
Move module and documentation from multi/http to linux/http
2023-09-17 22:42:26 +08:00
apache_couchdb_cmd_exec.md
remove and check for instruction text
2020-03-24 09:15:04 -04:00
apache_druid_js_rce.md
Update apache_druid_js_rce.md
2021-04-10 10:43:00 +08:00
apache_hugegraph_gremlin_rce.md
Responded to comments
2024-08-02 10:47:53 -07:00
apache_nifi_h2_rce.md
apache nifi h2 rce
2023-08-08 17:44:35 -04:00
apache_ofbiz_deserialization_soap.md
remove spare comma
2021-04-05 09:33:20 -05:00
apache_ofbiz_deserialization.md
fix ofbiz auto detection
2024-02-06 16:45:02 -05:00
apache_spark_rce_cve_2022_33891.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
apache_superset_cookie_sig_rce.md
superset rce more stable
2023-09-15 16:29:05 -04:00
appsmith_rce_cve_2024_55964.md
Add Appsmith RCE module (CVE-2024-55964)
2025-04-05 14:56:04 +09:00
artica_proxy_auth_bypass_service_cmds_peform_command_injection.md
Remove AUTH_BYPASS target
2020-09-15 01:51:34 +02:00
artica_proxy_unauth_rce_cve_2024_2054.md
module and documentation updates based on review comments (bwatters-r7/cgranleese-r7)
2024-03-21 16:13:55 +00:00
asuswrt_lan_rce.md
Add sploit doc
2018-02-20 19:35:10 +00:00
axis_app_install.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
axis_srv_parhand_rce.md
Add documentation and a new reference
2018-07-25 14:44:44 -05:00
bentoml_rce_cve_2025_27520.md
Make user be able to specify a particular endpoint
2025-04-16 21:47:31 +09:00
bentoml_runner_server_rce_cve_2025_32375.md
Add BentoML RCE module (CVE-2025-32375)
2025-04-17 20:46:43 +09:00
beyondtrust_pra_rs_unauth_rce.md
rename the module
2025-02-13 12:51:46 +00:00
bitbucket_git_cmd_injection.md
add documentation
2022-09-20 18:45:48 -05:00
bludit_upload_images_exec.md
Fix typos and format
2019-11-11 14:47:56 -06:00
cacti_unauthenticated_cmd_injection.md
fix typo and add credit for discovery
2022-12-23 11:11:31 +02:00
cayin_cms_ntp.md
cleanup
2020-06-12 10:46:44 -04:00
centreon_pollers_auth_rce.md
fix somes code review comments.
2020-03-15 13:30:23 +04:00
centreon_useralias_exec.md
Fix uneven quotes in various documentation files
2017-08-26 19:12:48 -05:00
chamilo_bigupload_webshell.md
Updated docs
2024-11-11 12:40:56 -08:00
chamilo_unauth_rce_cve_2023_34960.md
Final minor updates
2023-08-23 11:38:07 +00:00
chaos_rat_xss_to_rce.md
review of chaos rat
2024-05-13 16:55:43 -04:00
cisco_asax_sfr_rce.md
Added module for CVE-2022-20828
2022-08-19 12:29:37 -07:00
cisco_firepower_useradd.md
typo fixes in cisco_firepower_useradd.md
2019-01-10 10:47:53 +01:00
cisco_hyperflex_file_upload_rce.md
Cisco HyperFlex File Upload RCE module
2021-06-17 12:38:47 -04:00
cisco_hyperflex_hx_data_platform_cmd_exec.md
Backport print changes to recent modules
2021-07-08 21:26:35 -05:00
cisco_prime_inf_rce.md
Update cisco_prime_inf_rce.md
2018-10-15 22:37:47 +07:00
cisco_rv32x_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
cisco_rv340_lan.md
Fix up remaining review comments
2023-02-13 15:07:25 -06:00
cisco_rv_series_authbypass_and_rce.md
Update documentation/modules/exploit/linux/http/cisco_rv_series_authbypass_and_rce.md
2022-02-01 06:41:26 -05:00
cisco_ucs_cloupia_script_rce.md
Add Cisco UCS Director Cloupia script RCE
2020-06-02 22:13:07 -05:00
cisco_ucs_rce.md
module doc standardizations
2020-01-20 21:26:59 -05:00
control_web_panel_login_cmd_exec.md
Fix a typo
2023-01-25 13:45:18 -05:00
cpi_tararchive_upload.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
craftcms_ftp_template.md
Responded to comments
2025-01-15 09:22:44 -08:00
craftcms_preauth_rce_cve_2025_32432.md
Refactor module: modularization, session-path leak, randomized key, improved check
2025-04-30 00:24:25 +02:00
craftcms_unauth_rce_cve_2023_41892.md
Some minor changes to the module and documentation
2023-12-18 08:23:16 +00:00
cve_2019_1663_cisco_rmi_rce.md
Updated documentation.
2019-07-27 11:09:34 +02:00
dcos_marathon.md
example output to scenarios
2020-01-16 11:41:12 -05:00
denyall_waf_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
dlink_dir850l_unauth_exec.md
Clean up module
2017-11-10 18:15:22 -06:00
dlink_dsl2750b_exec_noauth.md
Fixing documentation, improving exploits code
2018-05-20 12:55:46 -04:00
dlink_dwl_2600_command_injection.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
docker_daemon_tcp.md
example output to scenarios
2020-01-16 11:41:12 -05:00
dtale_rce_cve_2025_0655.md
Use FETCH_DELETE as default
2025-03-03 20:52:55 +09:00
elfinder_archive_cmd_injection.md
escapeshellcmd -> escapeshellarg
2021-09-09 17:28:05 -05:00
empire_skywalker.md
Update document
2024-07-31 15:43:03 +09:00
epmp1000_get_chart_cmd_shell.md
sample output to scenarios
2020-01-16 11:15:06 -05:00
epmp1000_ping_cmd_shell.md
sample output to scenarios
2020-01-16 11:15:06 -05:00
eramba_rce.md
Adding more clear installation steps
2025-03-20 19:54:57 +01:00
eyesofnetwork_autodiscovery_rce.md
Minor doc changes, add module notes and SQLi progress output
2020-05-21 16:31:45 -04:00
f5_bigip_tmui_rce_cve_2020_5902.md
Rename the other TMUI RCE module
2023-11-01 16:55:42 -04:00
f5_bigip_tmui_rce_cve_2023_46747.md
Add check code annotations, update AJP link
2023-11-02 08:53:56 -04:00
f5_icontrol_rce.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
f5_icontrol_rest_ssrf_rce.md
Add module doc
2021-03-31 14:02:32 -05:00
f5_icontrol_rpmspec_rce_cve_2022_41800.md
Check in exploit module for CVE-2022-41800
2022-11-16 12:04:18 -08:00
f5_icontrol_soap_csrf_rce_cve_2022_41622.md
Check in exploit script for CVE-2022-41622 (CSRF into SOAP)
2022-11-16 11:58:15 -08:00
flir_ax8_unauth_rce_cve_2022_37061.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
fortinac_keyupload_file_write.md
Update documentation to provide better installation instructions
2023-03-14 10:13:27 -05:00
fortinet_authentication_bypass_cve_2022_40684.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
froxlor_log_path_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
geutebruck_cmdinject_cve_2021_335xx.md
Add in documentation and module code cleanness improvements and also make the output easier for readers to understand should something fail midway through.
2021-08-31 18:24:57 -05:00
geutebruck_instantrec_bof.md
Add CVE-2021-33549 exploit for Geutebruck G-CAM
2021-08-27 01:28:26 +01:00
geutebruck_testaction_exec.md
Minor updates to the documentation to reflect the fact that the username and password could be something other than root/admin
2020-08-17 09:12:02 -05:00
github_enterprise_secret.md
spelling change per review
2022-11-23 13:26:19 -06:00
glinet_unauth_rce_cve_2023_50445.md
Capitalize remaining references to Meterpreter
2024-01-23 13:11:03 -05:00
glpi_htmlawed_php_injection.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
goahead_ldpreload.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
goautodial_3_rce_code_injection.md
verification to verification steps
2020-01-16 10:41:12 -05:00
grandstream_gxv31xx_settimezone_unauth_cmd_exec.md
Add support for GXV3140 models and ARCH_CMD busybox telnetd payload
2022-01-29 19:38:57 +00:00
grandstream_ucm62xx_sendemail_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
gravcms_exec.md
chore: remove repetitive words
2024-04-15 11:06:50 +08:00
h2_webinterface_rce.md
h2 doc addition
2023-08-08 17:15:22 -04:00
hadoop_unauth_exec.md
Change docs to reflect the truth of the "vuln"
2020-11-16 11:38:00 -06:00
hikvision_cve_2021_36260_blind.md
Fixed a couple of typos. Changed a CheckCode. Randomized the replaced tmp file name
2022-02-24 06:38:36 -08:00
hp_van_sdn_cmd_inject.md
Don't be lazy and spell out "introduction" in docs
2019-09-30 16:58:00 -05:00
huawei_hg532n_cmdinject.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
ibm_drm_rce.md
Update IBM DRM RCE docs
2020-06-26 11:29:59 +07:00
ibm_qradar_unauth_rce.md
add module docs
2018-07-10 11:51:57 -05:00
imperva_securesphere_exec.md
Update to use CmdStager
2019-01-08 20:07:35 -08:00
invoiceninja_unauth_rce_cve_2024_55555.md
docs: update docs for rubocop
2025-02-25 12:15:52 +01:00
invoiceshelf_unauth_rce_cve_2024_55556.md
small update on module and documentation
2025-03-10 19:35:37 +00:00
invokeai_rce_cve_2024_12029.md
Update document
2025-02-17 20:32:43 +09:00
ipfire_bashbug_exec.md
doc/module cleanup
2016-05-30 06:33:48 -04:00
ipfire_oinkcode_exec.md
module working and docs
2017-06-14 21:15:56 -04:00
ipfire_pakfire_exec.md
added cve
2021-06-10 09:35:42 -05:00
ipfire_proxy_exec.md
md fix
2016-05-30 10:25:49 -04:00
ivanti_connect_secure_rce_cve_2023_46805.md
Update documentation/modules/exploit/linux/http/ivanti_connect_secure_rce_cve_2023_46805.md
2024-01-18 09:18:28 +00:00
ivanti_connect_secure_rce_cve_2024_21893.md
remove the linux and unix targets in favor of a single automatic target
2024-02-09 09:26:08 +00:00
ivanti_connect_secure_rce_cve_2024_37404.md
Code review
2024-12-02 14:02:07 +01:00
ivanti_csa_unauth_rce_cve_2021_44529.md
Apply fixes per code review
2023-01-17 12:44:22 -06:00
ivanti_sentry_misc_log_service.md
Thanks to Spencer improved execute_command method
2023-09-12 15:14:10 -04:00
jenkins_cli_deserialization.md
add steps for producing serialized object
2020-09-17 13:58:48 -05:00
judge0_sandbox_escape_cve_2024_28189.md
Add Judge0 module and document
2024-11-20 14:15:38 -08:00
kafka_ui_unauth_rce_cve_2023_52251.md
added base64 encoder module of zerosteiner
2024-02-14 21:33:50 +00:00
kaltura_unserialize_cookie_rce.md
Updates to documentation per h00die
2018-01-23 12:44:39 -06:00
kaltura_unserialize_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
kibana_timelion_prototype_pollution_rce.md
kibana exploit
2023-08-24 16:08:08 -04:00
kibana_upgrade_assistant_telemetry_rce.md
Update documentation/modules/exploit/linux/http/kibana_upgrade_assistant_telemetry_rce.md
2023-10-06 16:45:52 -04:00
klog_server_authenticate_user_unauth_command_injection.md
Add Klog Server authenticate.php user Unauthenticated Command Injection
2021-02-12 17:07:52 +00:00
lexmark_faxtrace_settings.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
librenms_addhost_cmd_inject.md
made suggested changes
2019-05-30 14:09:40 -05:00
librenms_authenticated_rce_cve_2024_51092.md
Update vulnerable version
2025-01-18 10:18:10 +09:00
librenms_collectd_cmd_inject.md
finish documentation and module
2019-08-13 09:47:24 -05:00
linear_emerge_unauth_rce_cve_2019_7256.md
Fix up missing option in documentation and also add some additional validation on server response.
2023-01-04 17:02:05 -06:00
linksys_wvbr0_user_agent_exec_noauth.md
Clarification in product linkage and small syntax fixup in repro steps
2018-01-03 17:00:26 -06:00
linuxki_rce.md
Update linuxki_rce.md
2020-06-10 02:13:38 +03:00
logsign_exec.md
spelling change per review
2022-11-23 13:26:19 -06:00
lucee_admin_imgprocess_file_write.md
Add Lucee Administrator CVE-2021-21307 exploit
2021-08-16 10:09:34 -05:00
magento_xxe_to_glibc_buf_overflow.md
Fixed multiple sessions and instability
2024-10-10 11:36:16 -07:00
magnusbilling_unauth_rce_cve_2023_30258.md
third release module with minor text changes
2023-10-31 09:29:13 +00:00
mailcleaner_exec.md
Update doc
2019-01-08 13:25:13 -06:00
majordomo_cmd_inject_cve_2023_50917.md
Add suggested changes
2023-12-22 00:04:54 +01:00
metabase_setup_token_rce.md
Fix metabase rce to support older versions
2024-10-17 10:10:50 +01:00
microfocus_obr_cmd_injection.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
microfocus_secure_messaging_gateway.md
fix install lines
2020-03-24 09:36:17 -04:00
mida_solutions_eframework_ajaxreq_rce.md
resolve qa comments
2020-09-11 17:16:10 +00:00
mobileiron_core_log4shell.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
mobileiron_mdm_hessian_rce.md
Add module doc
2021-01-22 01:06:14 -06:00
moodle_rce.md
CVE-2024-6670
2024-09-01 23:26:11 +01:00
mvpower_dvr_shell_exec.md
Add documentation
2017-02-23 07:44:45 +00:00
nagios_xi_autodiscovery_webshell.md
Used suggested method for defining user webshell, used suggested depth configuration, and used vars_get in a couple of places
2022-02-08 18:20:03 -08:00
nagios_xi_chained_rce_2_electric_boogaloo.md
Update Docs
2018-06-29 11:08:31 -05:00
nagios_xi_chained_rce.md
Don't be lazy and spell out "introduction" in docs
2019-09-30 16:58:00 -05:00
nagios_xi_configwizards_authenticated_rce.md
Add example for version 5.5.6 with CVE-2021-25297
2023-02-07 14:18:53 -06:00
nagios_xi_magpie_debug.md
nagios_xi_magpie_debug: add writable paths, improvements, cleanup, fixes
2021-03-16 07:13:55 +00:00
nagios_xi_mibs_authenticated_rce.md
Add in fixes to documentation and module from review
2021-04-16 13:14:17 -05:00
nagios_xi_plugins_check_plugin_authenticated_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
nagios_xi_plugins_filename_authenticated_rce.md
Update scenarios in documentation and also update the module to handle cases where the version number may not be in a format that Rex::Text can immediately handle.
2021-04-14 16:32:53 -05:00
nagios_xi_snmptrap_authenticated_rce.md
Add in CentOS 7 with NagiosXI 5.6.5 scenario
2021-04-20 14:12:56 -05:00
netalertx_rce_cve_2024_46506.md
Update FETCH_COMMAND default to curl
2025-02-10 22:00:52 +09:00
netgear_dgn1000_setup_unauth_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
netgear_dnslookup_cmd_exec.md
Fix broken link
2018-02-02 20:08:38 -05:00
netgear_r7000_cgibin_exec.md
Update netgear_r7000_cgibin_exec docs
2018-02-02 20:23:43 -05:00
netgear_unauth_exec.md
Minor changes to module, updated documentation.
2018-10-09 20:39:00 +06:30
netis_unauth_rce_cve_2024_22729.md
Updated check method
2024-06-06 22:23:35 +00:00
netis_unauth_rce_cve_2024_48456_and_48457.md
Apply suggestions from code review
2025-01-07 09:25:41 +01:00
netsweeper_webadmin_unixlogin.md
Add Netsweeper WebAdmin unixlogin.php pre-auth RCE
2020-05-12 08:34:20 -05:00
nexus_repo_manager_el_injection.md
Fix nexus_repo_manager_el_injection.md scenario
2020-09-15 13:14:36 -05:00
op5_config_exec.md
fixes all previously identified issues
2016-06-15 20:58:04 -04:00
openmetadata_auth_bypass_rce.md
Fourth release module and documentation
2024-08-02 21:04:50 +00:00
opennms_horizon_authenticated_rce.md
Add check to see if notifications are enabled
2024-03-20 11:33:15 -07:00
opentsdb_key_cmd_injection.md
Add docs for opentsdb_key_cmd_injection
2023-09-08 16:08:18 +01:00
opentsdb_yrange_cmd_injection.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
optergy_bms_backdoor_rce_cve_2019_7276.md
updated module and documentation with SUDO option
2023-03-26 18:31:25 +00:00
oracle_ebs_rce_cve_2022_21587.md
improve the documentation, mention some steps required during setup.
2023-02-22 09:42:11 +00:00
paloalto_expedition_rce.md
Update documentation/modules/exploit/linux/http/paloalto_expedition_rce.md
2024-11-12 09:03:51 -06:00
pandora_fms_auth_rce_cve_2024_11320.md
Third release of module + Documentation
2024-12-22 11:41:05 +00:00
pandora_fms_auth_rce_cve_2024_12971.md
small update in description of the module and documentation
2025-04-06 10:49:03 +00:00
pandora_fms_events_exec.md
Add installation instructions to docs
2020-07-09 17:20:07 -04:00
pandora_ping_cmd_exec.md
Update documentation/modules/exploit/linux/http/pandora_ping_cmd_exec.md
2020-03-23 17:24:28 +03:00
panos_management_unauth_rce.md
typo 2
2024-12-17 17:26:20 +00:00
panos_op_cmd_exec.md
Updated error handling
2022-09-13 12:40:59 -04:00
panos_readsessionvars.md
Doc typo
2018-05-06 22:32:26 -05:00
panos_telemetry_cmd_exec.md
Added note about shell from a different IP than RHOST IP
2024-04-19 11:45:56 -05:00
php_imap_open_rce.md
horde imp h3 imap_open
2019-01-18 19:38:30 -05:00
pineapple_bypass_cmdinject.md
module doc standardizations
2020-01-20 21:26:59 -05:00
pineapple_preconfig_cmdinject.md
module doc standardizations
2020-01-20 21:26:59 -05:00
progress_flowmon_unauth_cmd_injection.md
Minor fixes, respond to comments
2024-05-23 14:02:28 -04:00
progress_kemp_loadmaster_unauth_cmd_injection.md
Remove Priv Esc to add it to another module and update it to only run once
2024-04-15 15:44:22 -05:00
projectsend_unauth_rce.md
Create projectsend_unauth_rce
2024-11-21 09:34:58 -08:00
pulse_secure_cmd_exec.md
Code-block env(1)
2019-11-12 02:46:18 -06:00
pulse_secure_gzip_rce.md
Update the documentation
2020-12-07 10:54:20 -05:00
pyload_js2py_cve_2024_39205.md
Pyload RCE (CVE-2024-39205) with js2py sandbox escape (CVE-2024-28397)
2024-11-12 16:05:07 -08:00
pyload_js2py_exec.md
Add module docs
2023-02-15 16:29:42 -05:00
qnap_qcenter_change_passwd_exec.md
Fix password typo
2018-07-13 16:02:15 +10:00
qnap_qts_rce_cve_2023_47218.md
Docs plus minor edits
2024-02-15 17:12:11 -05:00
rancher_server.md
example output to scenarios
2020-01-16 11:41:12 -05:00
raspberrymatic_unauth_rce_cve_2024_24578.md
added default options and updated documentation
2025-02-20 13:19:41 -06:00
ray_agent_job_rce.md
Add cve ref
2024-08-20 12:59:52 +09:00
ray_cpu_profile_cmd_injection_cve_2023_6019.md
Add module docs
2024-08-10 10:59:00 +09:00
rconfig_ajaxarchivefiles_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
rconfig_vendors_auth_file_upload_rce.md
rename files, change version check, use cookie jar
2021-06-24 09:47:38 -05:00
roxy_wi_exec.md
Add in updated scenario documentation
2022-07-25 14:14:52 -05:00
saltstack_salt_api_cmd_exec.md
Fix AutoCheck
2020-11-11 15:57:38 -06:00
saltstack_salt_wheel_async_rce.md
add wait time line to test output
2021-03-31 14:47:34 -05:00
samsung_srv_1670d_upload_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
selenium_greed_chrome_rce_cve_2022_28108.md
Improve check
2024-12-30 13:36:15 +09:00
selenium_greed_firefox_rce_cve_2022_28108.md
Apply suggestions from #19769
2025-01-04 10:12:57 +09:00
solarview_unauth_rce_cve_2023_23333.md
Apply grammatical suggestions from code review
2023-09-05 17:06:01 -04:00
sonicwall_cve_2021_20039.md
Initial commit of CVE-2021-20039 exploit
2022-01-10 12:43:50 -08:00
sophos_utm_webadmin_sid_cmd_injection.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
sourcegraph_gitserver_sshcmd.md
Add sourcegraph RCE module docs
2022-07-08 17:27:27 -04:00
spark_unauth_rce.md
module options to options
2020-01-16 10:49:22 -05:00
spring_cloud_gateway_rce.md
Add in some missing info to examples, set default port, and update IOCs to note we include some IOCs in the logs
2022-10-12 11:19:47 -05:00
suitecrm_log_file_rce.md
Added module and documentation for SuiteCRM Log File RCE
2021-05-22 00:11:19 -05:00
supervisor_xmlrpc_exec.md
cleaned up version, and docs
2017-09-23 10:51:52 -04:00
symantec_messaging_gateway_exec.md
Adding Symantec messaging gateway rce
2017-06-10 12:23:12 +03:00
symmetricom_syncserver_rce.md
add module documentation
2023-06-13 13:14:51 -05:00
synology_dsm_smart_exec_auth.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
terramaster_unauth_rce_cve_2020_35665.md
Updates based on space-r7 comments
2023-06-08 07:39:44 +00:00
terramaster_unauth_rce_cve_2021_45837.md
Updated NAS model and version check
2023-06-08 09:12:45 +00:00
terramaster_unauth_rce_cve_2022_24990.md
Updates based on review comments from space-r7 and jvoisin
2023-06-12 19:28:08 +00:00
tiki_calendar_exec.md
Update tiki_calendar_exec module and documentation
2016-06-22 11:17:45 -05:00
totolink_unauth_rce_cve_2023_30013.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
tp_link_ncxxx_bonjour_command_injection.md
msftidy_docs changes
2020-09-18 09:42:14 -05:00
traccar_rce_upload.md
PoC & Documentation
2024-08-23 23:21:49 +01:00
trend_micro_imsva_exec.md
Adding Trend Micro IMSVA module
2017-01-18 11:34:16 +03:00
trendmicro_imsva_widget_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
trendmicro_websecurity_exec.md
fixing up some styles and such
2020-06-20 12:05:48 -04:00
ueb_api_rce.md
finish up docs and 10 exploit
2018-09-10 21:08:30 -04:00
unraid_auth_bypass_exec.md
spelling change per review
2022-11-23 13:26:19 -06:00
vestacp_exec.md
Fix up clarity and spelling issues in module and documentation
2020-04-13 16:28:39 -05:00
vinchin_backup_recovery_cmd_inject.md
Update
2023-11-21 18:28:28 +01:00
vmware_nsxmgr_xstream_rce_cve_2021_39144.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
vmware_vcenter_analytics_file_upload.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
vmware_vcenter_vsan_health_rce.md
Add log IOC
2021-07-12 20:54:54 -05:00
vmware_view_planner_4_6_uploadlog_rce.md
Update the exploit to use Python as its payload since this is a lot more flexible, allows Meterpreter, returns a shell faster, and we are already injecting into and executing a Python file
2021-03-14 00:00:06 -06:00
vmware_vrli_rce.md
Add and use a Thrift client object
2023-09-11 14:37:38 -04:00
vmware_vrni_rce_cve_2023_20887.md
Fix incomplete copy pasta in docs
2023-07-21 14:38:07 -04:00
vmware_vrops_mgr_ssrf_rce.md
Update vmware_vrops_mgr_ssrf_rce documentation
2021-05-06 18:30:20 -05:00
vmware_workspace_one_access_cve_2022_22954.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
vmware_workspace_one_access_vmsa_2022_0011_chain.md
docs fix
2023-04-17 16:41:35 -04:00
watchguard_firebox_unauth_rce_cve_2022_26318.md
added documentation
2024-03-05 18:42:09 +00:00
wd_mycloud_multiupload_upload.md
Add wd_mycloud_multiupload_upload exploit
2017-11-28 07:12:00 -06:00
wd_mycloud_unauthenticated_cmd_injection.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
webmin_backdoor.md
Move unix/webapp/webmin_backdoor to linux/http
2020-01-14 00:50:04 -06:00
webmin_file_manager_rce.md
Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md
2022-11-01 10:40:01 -05:00
webmin_package_updates_rce.md
Fix from code review
2022-08-09 15:09:25 +02:00
webmin_packageup_rce.md
removed some whitespace, added a check
2019-06-17 15:29:08 -05:00
wepresent_cmd_injection.md
Switched to vars_post in send_request_cgi and removed unnecessary documentation
2020-01-14 05:42:06 -05:00
wipg1000_cmd_injection.md
added version numbers
2017-04-22 09:45:55 -04:00
xplico_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
zimbra_cpio_cve_2022_41352.md
Fix the doc to make msftidy_docs.rb happy
2022-10-20 14:33:40 +02:00
zimbra_mboximport_cve_2022_27925.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
zimbra_unrar_cve_2022_30333.md
Add module docs for the split-up unrar modules
2022-07-27 13:24:29 -07:00
zimbra_xxe_rce.md
Fix words because words...
2019-04-01 17:21:23 -05:00
zyxel_lfi_unauth_ssh_rce.md
Updates based on cdelafuente-r7 comments
2023-05-06 19:05:21 +00:00
zyxel_parse_config_rce.md
Lowered rank and explained mock testing
2024-06-24 09:13:46 -07:00
zyxel_ztp_rce.md
Revised setup guidance
2022-05-13 13:41:05 -07:00