adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
40,628 Commits 27 Branches 1,043 Tags
8534fde50fc495c94b081dfb6fe32eca975ba6e3
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
wizard32 8534fde50f Websphere Java Deserialization (RCE) 
This module exploits a vulnerability in IBM's WebSphere Application Server. An unsafe deserialization call of unauthenticated Java objects exists to the Apache Commons Collections (ACC) library, which allows remote arbitrary code execution. Authentication is not required in order to exploit this vulnerability.
2017-01-03 16:04:51 +02:00
.github
Fix link
2016-02-22 15:14:38 -06:00
app
Move shared example from pro into framework
2016-04-07 13:09:52 -05:00
config
Land #6556, include Vagrant development environment provisioner
2016-06-09 09:55:37 -05:00
data
add module binary
2016-12-22 03:25:10 -06:00
db
Bump version of framework to 4.13.10
2016-12-23 10:01:58 -08:00
documentation
Land #7730, add module to run exe as another user via powershell
2016-12-27 08:13:48 -06:00
external
fix double \n in printf
2016-12-13 17:02:23 +08:00
features
Fix #7765, history command fixes and improvements
2016-12-30 17:35:18 -06:00
lib
Land #7704, Update jobs output to show TCP listener information
2017-01-02 15:44:49 -06:00
modules
Websphere Java Deserialization (RCE)
2017-01-03 16:04:51 +02:00
plugins
Add database check to WMAP plugin
2016-12-31 17:39:46 -06:00
script
rails generate cucumber:install
2014-08-27 14:10:04 -05:00
scripts
Fix persistence script to work with new platform changes
2016-12-12 11:20:23 +10:00
spec
Land #7738, Add sort by column to services and hosts commands
2016-12-22 01:10:45 -06:00
test
make the stdapi_fs_file_move test unconditional
2016-11-29 14:37:19 +08:00
tools
revert unrelated changes
2016-12-22 00:36:41 -06:00
.gitignore
Merge branch 'master' into vagrant
2016-02-20 09:10:17 -07:00
.gitmodules
Add RDI submodule, port Kitrap0d
2013-11-27 16:04:41 +10:00
.mailmap
refine rageltman, add rwhitcroft
2016-12-22 00:58:58 -06:00
.rspec
Add modern --require to .rspec
2014-10-08 10:55:40 -05:00
.rubocop.yml
Reapply PR #4113 (removed via #4175)
2014-11-11 15:06:43 -06:00
.ruby-gemset
Restoring ruby and gemset files
2014-05-20 10:17:00 -05:00
.ruby-version
bump ruby version
2016-11-22 18:45:55 +01:00
.simplecov
Remove fastlib
2014-09-18 15:24:21 -05:00
.travis.yml
update to trusty
2016-12-23 16:47:03 -06:00
.yardopts
update .yardopts
2014-07-24 13:59:04 -05:00
CODE_OF_CONDUCT.md
Add individual contacts
2016-01-13 10:35:39 -06:00
CONTRIBUTING.md
Add note about release notes to CONTRIBUTING.md
2016-08-22 15:15:22 -05:00
COPYING
Update COPYING, too.
2016-01-04 16:31:01 -06:00
Gemfile
fix deps
2016-05-13 13:34:18 -05:00
Gemfile.local.example
Fix example Gemfile.local to work with existing
2014-06-24 00:00:47 -05:00
Gemfile.lock
Update rex-exploitation to 0.1.7
2016-12-30 00:56:02 -06:00
HACKING
Update link for The Metasploit Development Environment
2014-07-15 10:16:47 -05:00
LICENSE
Update copyright notice to 2016 [ci skip]
2016-01-03 20:25:47 +05:30
metasploit-framework.gemspec
bump payloads gem
2016-12-29 15:59:07 -06:00
msfconsole
Use Rex::Compat.open_file to open profiling report
2014-09-19 11:13:28 -05:00
msfd
Initialize the DisableBanner option
2015-10-08 14:08:45 -05:00
msfrpc
Change {} back to do/end
2015-03-09 00:00:49 -05:00
msfrpcd
allow overriding the default timeout for a session
2015-05-01 15:04:55 -05:00
msfupdate
File.exists? must die
2016-04-21 00:47:07 -04:00
msfvenom
Sort msfvenom --help-platforms
2016-08-25 14:02:58 -05:00
Rakefile
Merge branch 'feature/MSP-11130/metasploit-framework-spec-constants' into feature/MSP-11147/thread-leak-detection
2014-11-05 15:47:59 -06:00
README.md
Use SVG badges to please the eyes 👀
2015-12-13 00:28:14 +01:00
Vagrantfile
switch to inline provisioning, use official ubuntu vagrant box
2016-06-09 09:50:15 -05:00

README.md

Metasploit Build Status Code Climate

The Metasploit Framework is released under a BSD-style license. See COPYING for more details.

The latest version of this software is available from: https://metasploit.com

Bug tracking and development information can be found at: https://github.com/rapid7/metasploit-framework

New bugs and feature requests should be directed to: http://r-7.co/MSF-BUGv1

API documentation for writing modules can be found at: https://rapid7.github.io/metasploit-framework/api

Questions and suggestions can be sent to: https://lists.sourceforge.net/lists/listinfo/metasploit-hackers

Installing

Generally, you should use the free installer, which contains all of the dependencies and will get you up and running with a few clicks. See the Dev Environment Setup if you'd like to deal with dependencies on your own.

Using Metasploit

Metasploit can do all sorts of things. The first thing you'll want to do is start msfconsole, but after that, you'll probably be best served by reading Metasploit Unleashed, the great community resources, or the wiki.

Contributing

See the Dev Environment Setup guide on GitHub, which will walk you through the whole process from installing all the dependencies, to cloning the repository, and finally to submitting a pull request. For slightly more information, see Contributing.

Reference in New Issue View Git Blame Copy Permalink
S
Description
Metasploit Framework
Readme Multiple Licenses 1.6 GiB
Languages
Ruby 95%
PowerShell 2.7%
C 1.2%
Python 0.4%
HTML 0.2%
Other 0.1%