adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
92ebabf168fea16e392ece1f806ace4aa55d299c
metasploit-gs/modules/exploits/multi/http
T
History
Brendan 9bd8590b99 Merge pull request #19793 from sfewer-r7/CVE-2024-55956 
Cleo LexiCom, VLTrader, and Harmony Unauthenticated Remote Code Execution (CVE-2024-55956)
2025-01-15 15:04:45 -06:00
..
acronis_cyber_protect_unauth_rce_cve_2022_3405.rb
move acronis_cyber_protect_unauth_rce_cve_2022_3405 inside the http folder
2025-01-09 16:32:42 -05:00
activecollab_chat.rb
adobe_coldfusion_rce_cve_2023_26360.rb
agent_tesla_panel_rce.rb
ajaxplorer_checkinstall_exec.rb
apache_activemq_upload_jsp.rb
apache_apisix_api_default_token_rce.rb
apache_commons_text4shell.rb
Update other modules to use java_class_loader_start_service and cmdstager_start_service
2024-06-14 12:57:42 +02:00
apache_couchdb_erlang_rce.rb
Extra ',' is causing ruby issues
2024-03-30 17:02:13 +03:00
apache_druid_cve_2023_25194.rb
apache_flink_jar_upload_exec.rb
apache_jetspeed_file_upload.rb
apache_mod_cgi_bash_env_exec.rb
apache_nifi_processor_rce.rb
apache_normalize_path_rce.rb
Fix apache_normalize_path_rce check method
2024-05-01 20:01:38 +01:00
apache_ofbiz_forgot_password_directory_traversal.rb
Minor update
2024-08-16 12:17:56 -07:00
apache_rocketmq_update_config.rb
RocketMQ fixes
2024-04-26 14:24:08 -07:00
apache_roller_ognl_injection.rb
apprain_upload_exec.rb
atlassian_confluence_namespace_ognl_injection.rb
atlassian_confluence_rce_cve_2023_22515.rb
atlassian_confluence_rce_cve_2023_22527.rb
atlassian_confluence_rce_cve_2024_21683.rb
Apply suggestions from code review
2024-07-10 20:45:53 -04:00
atlassian_confluence_unauth_backup.rb
atlassian_confluence_webwork_ognl_injection.rb
atlassian_crowd_pdkinstall_plugin_upload_rce.rb
atutor_sqli.rb
atutor_upload_traversal.rb
Update rubocop target ruby version
2024-07-24 16:47:17 +01:00
auxilium_upload_exec.rb
avideo_wwbnindex_unauth_rce.rb
Lint
2024-05-15 22:13:53 +02:00
axis2_deployer.rb
baldr_upload_exec.rb
bassmaster_js_injection.rb
Removed "ssl_restore = true"
2024-07-26 17:30:25 +02:00
bitbucket_env_var_rce.rb
bolt_file_upload.rb
builderengine_upload_exec.rb
cacti_package_import_rce.rb
Code review
2024-06-12 19:47:02 +02:00
cacti_pollers_sqli_rce.rb
Update cacti_pollers_sqli_rce to use the new library
2024-05-23 11:30:48 +02:00
caidao_php_backdoor_exec.rb
churchinfo_upload_exec.rb
cisco_dcnm_upload_2019.rb
cisco_dcnm_upload.rb
cleo_rce_cve_2024_55956.rb
improve the regex by removing the unnecessary word boundrys, and add a non matching group for the product name. Thanks jvoisin
2025-01-09 11:43:58 +00:00
clinic_pms_fileupload_rce.rb
Modified the code logic as instructed by the reviewer & removed the instance variable
2024-12-17 21:39:30 +05:30
clipbucket_fileupload_exec.rb
cmsms_object_injection_rce.rb
cmsms_showtime2_rce.rb
cmsms_upload_rename_rce.rb
cockpit_cms_rce.rb
coldfusion_ckeditor_file_upload.rb
coldfusion_rds_auth_bypass.rb
confluence_widget_connector.rb
connectwise_screenconnect_rce_cve_2024_1709.rb
use the Faker module to gen the plugins metadata.
2024-02-23 17:48:01 +00:00
crushftp_rce_cve_2023_43177.rb
Fixes from code review
2024-03-29 12:18:16 +01:00
cups_bash_env_exec.rb
cuteflow_upload_exec.rb
cve_2021_35464_forgerock_openam.rb
cve_2023_38836_boidcms.rb
Updates based on jheysel-r7's suggestions
2024-02-29 12:42:22 -06:00
dexter_casinoloader_exec.rb
replace uri unescape with new proper methods
2024-07-01 15:52:01 -05:00
dotcms_file_upload_rce.rb
drupal_drupageddon.rb
eaton_nsm_code_exec.rb
eventlog_file_upload.rb
extplorer_upload_exec.rb
familycms_less_exec.rb
fortra_goanywhere_mft_rce_cve_2024_0204.rb
store the credentials we create in the DB
2024-02-01 19:48:01 +00:00
fortra_goanywhere_rce_cve_2023_0669.rb
freenas_exec_raw.rb
gambio_unauth_rce_cve_2024_23759.rb
Apply suggestions from code review
2024-04-19 13:44:18 -04:00
geoserver_unauth_rce_cve_2024_36401.rb
some small final changes
2024-08-29 11:23:58 -05:00
gestioip_exec.rb
getsimplecms_unauth_code_exec.rb
gibbon_auth_rce_cve_2024_24725.rb
third release module based on smcintyre-r7 comments
2024-04-04 17:14:32 +00:00
git_client_command_exec.rb
git_lfs_clone_command_exec.rb
git_submodule_command_exec.rb
git_submodule_url_exec.rb
gitea_git_fetch_rce.rb
gitea_git_hooks_rce.rb
gitlab_exif_rce.rb
gitlab_file_read_rce.rb
Update rubocop target ruby version
2024-07-24 16:47:17 +01:00
gitlab_github_import_rce_cve_2022_2992.rb
Update rubocop target ruby version
2024-07-24 16:47:17 +01:00
gitlab_shell_exec.rb
gitlist_arg_injection.rb
gitorious_graph.rb
glassfish_deployer.rb
glossword_upload_exec.rb
glpi_install_rce.rb
gogs_git_hooks_rce.rb
horde_csv_rce.rb
horde_form_file_upload.rb
horde_href_backdoor.rb
horizontcms_upload_exec.rb
hp_sitescope_issuesiebelcmd.rb
hp_sitescope_uploadfileshandler.rb
hp_sys_mgmt_exec.rb
hyperic_hq_script_console.rb
ibm_openadmin_tool_soap_welcomeserver_exec.rb
ispconfig_php_exec.rb
jboss_bshdeployer.rb
jboss_deploymentfilerepository.rb
jboss_invoke_deploy.rb
jboss_maindeployer.rb
jboss_seam_upload_exec.rb
jenkins_metaprogramming.rb
jenkins_script_console.rb
jenkins_xstream_deserialize.rb
jetbrains_teamcity_rce_cve_2023_42793.rb
jetbrains_teamcity_rce_cve_2024_27198.rb
reduce the size of teh exploit method by spinngin out two new methods create_payload_plugin and auth_new_admin_user. several if/unless blocks were flattened to be inline if/unless
2024-03-13 09:58:51 +00:00
jira_hipchat_template.rb
jira_plugin_upload.rb
joomla_http_header_rce.rb
kong_gateway_admin_api_rce.rb
kordil_edms_upload_exec.rb
lcms_php_exec.rb
liferay_java_unmarshalling.rb
Update other modules to use java_class_loader_start_service and cmdstager_start_service
2024-06-14 12:57:42 +02:00
log1cms_ajax_create_folder.rb
log4shell_header_injection.rb
lucee_scheduled_job.rb
magento_unserialize.rb
makoserver_cmd_exec.rb
manage_engine_dc_pmp_sqli.rb
manageengine_adselfservice_plus_saml_rce_cve_2022_47966.rb
manageengine_auth_upload.rb
manageengine_sd_uploader.rb
manageengine_search_sqli.rb
manageengine_servicedesk_plus_saml_rce_cve_2022_47966.rb
Update manageengine_servicedesk_plus_saml_rce_cve_2022_47966 module
2024-06-13 16:53:07 +02:00
mantisbt_manage_proj_page_rce.rb
mantisbt_php_exec.rb
maracms_upload_exec.rb
mediawiki_syntaxhighlight.rb
mediawiki_thumb.rb
metasploit_static_secret_key_base.rb
metasploit_webui_console_command_execution.rb
microfocus_obm_auth_rce.rb
Update other modules to use java_class_loader_start_service and cmdstager_start_service
2024-06-14 12:57:42 +02:00
microfocus_ucmdb_unauth_deser.rb
mirth_connect_cve_2023_43208.rb
mma_backdoor_upload.rb
mobilecartly_upload_exec.rb
monitorr_webshell_rce_cve_2020_28871.rb
monstra_fileupload_exec.rb
moodle_admin_shell_upload.rb
moodle_spelling_binary_rce.rb
moodle_spelling_path_rce.rb
moodle_teacher_enrollment_priv_esc_to_rce.rb
movabletype_upgrade_exec.rb
mutiny_subnetmask_exec.rb
Removed "ssl_restore = true"
2024-07-26 17:30:25 +02:00
mybb_rce_cve_2022_24734.rb
nas4free_php_exec.rb
navigate_cms_rce.rb
netwin_surgeftp_exec.rb
nibbleblog_file_upload.rb
nostromo_code_exec.rb
novell_servicedesk_rce.rb
nuuo_nvrmini_upgrade_rce.rb
october_upload_bypass_exec.rb
op5_license.rb
op5_welcome.rb
open_web_analytics_rce.rb
openfire_auth_bypass_rce_cve_2023_32315.rb
openfire_auth_bypass.rb
openmrs_deserialization.rb
openx_backdoor_php.rb
opmanager_socialit_file_upload.rb
opmanager_sumpdu_deserialization.rb
oracle_ats_file_upload.rb
oracle_reports_rce.rb
oracle_weblogic_wsat_deserialization_rce.rb
orientdb_exec.rb
oscommerce_installer_unauth_code_exec.rb
pandora_upload_exec.rb
papercut_ng_auth_bypass.rb
pentaho_business_server_authbypass_and_ssti.rb
pgadmin_session_deserialization.rb
Clean up some of the module's documentation
2024-04-16 13:36:21 -04:00
phoenix_exec.rb
php_cgi_arg_injection.rb
php_fpm_rce.rb
php_utility_belt_rce.rb
php_volunteer_upload_exec.rb
phpfilemanager_rce.rb
phpldapadmin_query_engine.rb
phpmailer_arg_injection.rb
phpmoadmin_exec.rb
phpmyadmin_3522_backdoor.rb
phpmyadmin_lfi_rce.rb
phpmyadmin_null_termination_exec.rb
phpmyadmin_preg_replace.rb
phpscheduleit_start_date.rb
phpstudy_backdoor_rce.rb
Update rubocop target ruby version
2024-07-24 16:47:17 +01:00
phptax_exec.rb
phpwiki_ploticus_exec.rb
pimcore_unserialize_rce.rb
playsms_filename_exec.rb
playsms_template_injection.rb
playsms_uploadcsv_exec.rb
plone_popen2.rb
pmwiki_pagelist.rb
polarcms_upload_exec.rb
primefaces_weak_encryption_rce.rb
Standardize capitalization of Java Expression Language
2024-12-06 16:00:58 -08:00
processmaker_exec.rb
processmaker_plugin_upload.rb
qdpm_authenticated_rce.rb
qdpm_upload_exec.rb
rails_actionpack_inline_exec.rb
rails_double_tap.rb
rails_dynamic_render_code_exec.rb
Removed "ssl_restore = true"
2024-07-26 17:30:25 +02:00
rails_json_yaml_code_exec.rb
rails_secret_deserialization.rb
rails_web_console_v2_code_exec.rb
rails_xml_yaml_code_exec.rb
rocket_servergraph_file_requestor_rce.rb
rudder_server_sqli_rce.rb
sflog_upload_exec.rb
shiro_rememberme_v124_deserialize.rb
shopware_createinstancefromnamedarguments_rce.rb
simple_backdoors_exec.rb
sit_file_upload.rb
snortreport_exec.rb
solarwinds_store_manager_auth_filter.rb
solr_velocity_rce.rb
Update other modules to use java_class_loader_start_service and cmdstager_start_service
2024-06-14 12:57:42 +02:00
sonicwall_gms_upload.rb
sonicwall_scrutinizer_methoddetail_sqli.rb
sonicwall_shell_injection_cve_2023_34124.rb
spip_bigup_unauth_rce.rb
fix(modules): spip_bigup_unauth_rce minor fix
2024-09-11 11:46:52 -04:00
spip_connect_exec.rb
Change version fingerprinting
2024-09-08 07:01:23 +02:00
spip_porte_plume_previsu_rce.rb
Fix bug
2024-09-08 07:54:11 +02:00
spip_rce_form.rb
Change version fingerprinting
2024-09-08 07:01:23 +02:00
splunk_mappy_exec.rb
splunk_privilege_escalation_cve_2023_32707.rb
Update rubocop target ruby version
2024-07-24 16:47:17 +01:00
splunk_upload_app_exec.rb
spree_search_exec.rb
spree_searchlogic_exec.rb
spring_cloud_function_spel_injection.rb
spring_framework_rce_spring4shell.rb
struts2_code_exec_showcase.rb
struts2_content_type_ognl.rb
struts2_multi_eval_ognl.rb
struts2_namespace_ognl.rb
struts2_rest_xstream.rb
struts_code_exec_classloader.rb
struts_code_exec_exception_delegator.rb
struts_code_exec_parameters.rb
struts_code_exec.rb
struts_default_action_mapper.rb
Removed "ssl_restore = true"
2024-07-26 17:30:25 +02:00
struts_dev_mode.rb
struts_dmi_exec.rb
struts_dmi_rest_exec.rb
struts_include_params.rb
stunshell_eval.rb
stunshell_exec.rb
subrion_cms_file_upload_rce.rb
sugarcrm_webshell_cve_2023_22952.rb
sun_jsws_dav_options.rb
sysaid_auth_file_upload.rb
sysaid_rdslogs_file_upload.rb
testlink_upload_exec.rb
tomcat_jsp_upload_bypass.rb
tomcat_mgr_deploy.rb
tomcat_mgr_upload.rb
torchserver_cve_2023_43654.rb
Update other modules to use java_class_loader_start_service and cmdstager_start_service
2024-06-14 12:57:42 +02:00
totaljs_cms_widget_exec.rb
traq_plugin_exec.rb
trendmicro_threat_discovery_admin_sys_time_cmdi.rb
Removed "ssl_restore = true"
2024-07-26 17:30:25 +02:00
ubiquiti_unifi_log4shell.rb
uptime_file_upload_1.rb
uptime_file_upload_2.rb
v0pcr3w_exec.rb
vbseo_proc_deutf.rb
vbulletin_getindexablecontent.rb
vbulletin_unserialize.rb
vbulletin_widget_template_rce.rb
vbulletin_widgetconfig_rce.rb
visual_mining_netcharts_upload.rb
vmware_vcenter_log4shell.rb
vmware_vcenter_uploadova_rce.rb
vtiger_install_rce.rb
vtiger_logo_upload_exec.rb
vtiger_php_exec.rb
vtiger_soap_upload.rb
weblogic_admin_handle_rce.rb
webnms_file_upload.rb
webpagetest_upload_exec.rb
werkzeug_debug_rce.rb
Update werkzeug_debug_rce.rb
2024-12-08 21:01:17 +00:00
wikka_spam_exec.rb
wp_ait_csv_rce.rb
wp_automatic_sqli_to_rce.rb
Add suggestions
2024-10-29 20:42:13 +01:00
wp_backup_migration_php_filter.rb
Random parameter generation
2024-08-24 17:27:13 +02:00
wp_bricks_builder_rce.rb
Fix typos
2024-03-26 21:05:35 +01:00
wp_catch_themes_demo_import.rb
wp_crop_rce.rb
wp_db_backup_rce.rb
wp_dnd_mul_file_rce.rb
wp_file_manager_rce.rb
wp_givewp_rce.rb
Lint
2024-10-30 16:17:36 -04:00
wp_hash_form_rce.rb
PR-19208: Add DefaultTarget to the info hash
2024-06-05 10:14:48 +02:00
wp_litespeed_cookie_theft.rb
Respond to comments
2024-09-16 09:46:57 -07:00
wp_ninja_forms_unauthenticated_file_upload.rb
wp_plugin_backup_guard_rce.rb
wp_plugin_elementor_auth_upload_rce.rb
wp_plugin_fma_shortcode_unauth_rce.rb
update modules for inclusion into wordpress updater
2024-12-29 17:25:12 -05:00
wp_plugin_modern_events_calendar_rce.rb
wp_plugin_sp_project_document_rce.rb
wp_popular_posts_rce.rb
wp_reallysimplessl_2fa_bypass_rce.rb
update modules for inclusion into wordpress updater
2024-12-29 17:25:12 -05:00
wp_responsive_thumbnail_slider_upload.rb
wp_royal_elementor_addons_rce.rb
wp_simple_file_list_rce.rb
wp_time_capsule_file_upload_rce.rb
Remove potential NoMethodError in fail_with call
2024-12-12 18:04:10 -08:00
wso2_api_manager_file_upload_rce.rb
Enhance: Rollback to register_file_for_cleanup
2024-12-11 11:58:53 +01:00
wso2_file_upload_rce.rb
x7chat2_php_exec.rb
zabbix_script_exec.rb
zemra_panel_rce.rb
zenworks_configuration_management_upload.rb
zenworks_control_center_upload.rb
zpanel_information_disclosure_rce.rb