adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dfe73bb4c52640d1cb2a08620ccf8f94a053acbf
metasploit-gs/modules
T
History
Valentin Lobstein dfe73bb4c5 Add exploit for AVideo Encoder getImage.php command injection (CVE-2026-29058) 
Unauthenticated OS command injection via the base64Url parameter in
getImage.php. The URL is interpolated into an ffmpeg shell command
without escapeshellarg(), and FILTER_VALIDATE_URL does not block
shell metacharacters in the URL path.
2026-03-06 21:30:12 +01:00
..
auxiliary
Working Kerberoast and AS-REP modules with LDAP sessions
2026-03-02 15:33:36 +00:00
encoders
feat: change Base64Decoder option type from OptString to OptEnum
2026-01-09 05:51:46 -05:00
evasion
Merge pull request #20965 from litemars/add_Linux_evasion_module-rc4_packer_x86
2026-03-03 04:36:51 -05:00
exploits
Add exploit for AVideo Encoder getImage.php command injection (CVE-2026-29058)
2026-03-06 21:30:12 +01:00
nops
Add support for LoongArch64 payloads
2025-11-23 17:22:32 +11:00
payloads
Merge pull request #20861 from bcoles/post-linux-system-get_hostname
2026-01-17 19:38:21 +00:00
post
Fix broken module url references
2026-03-02 14:35:48 +00:00
README.md

README.md

This is the folder where all of Metasploit's modules live. These modules are scripts in Ruby that interface with Metasploit itself to perform some specific task. There are various types of modules, such as exploit modules to exploit a vulnerability and gain a shell, auxiliary to perform a non-shell gaining activity, payloads for Metasploit's various payloads (which are also modules), and post for post exploitation modules.

Reference in New Issue View Git Blame Copy Permalink