adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e0f6700a7edb71ddb9cda4a2bcf6e065fa485adf
metasploit-gs/modules/exploits/windows/http
T
History
Debjeet Banerjee 54dbedf181 URI.escape is obsolete and needs to be updated 
The current code results in the following error :
```
[*] Started reverse TCP handler on 192.168.1.105:4444 
[*] Using URL: http://0.0.0.0:8080/o6wYorU
[*] Local IP: http://192.168.1.105:8080/o6wYorU
[*] Server started.
[*] Sending a malicious request to /
/usr/share/metasploit-framework/modules/exploits/windows/http/rejetto_hfs_exec.rb:110: warning: URI.escape is obsolete
/usr/share/metasploit-framework/modules/exploits/windows/http/rejetto_hfs_exec.rb:110: warning: URI.escape is obsolete
[*] Server stopped.
[!] This exploit may require manual cleanup of '%TEMP%\jsywNguEzNXZF.vbs' on the target
[*] Exploit completed, but no session was created.
```

This minor edit should fix it.
2021-05-09 12:40:48 +05:30
..
adobe_robohelper_authbypass.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
advantech_iview_unauth_rce.rb
Fix the rest of the optional method
2021-03-26 01:29:47 -05:00
altn_securitygateway.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
altn_webadmin.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
amlibweb_webquerydll_app.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
apache_activemq_traversal_upload.rb
Rubocop recently landed modules continued
2021-02-25 14:13:40 +00:00
apache_chunked.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
apache_mod_rewrite_ldap.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
apache_modjk_overflow.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
apache_tika_jp2_jscript.rb
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
avaya_ccr_imageupload_exec.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
badblue_ext_overflow.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
badblue_passthru.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
bea_weblogic_jsessionid.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
bea_weblogic_post_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
bea_weblogic_transfer_encoding.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
belkin_bulldog.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ca_arcserve_rpc_authbypass.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ca_igateway_debug.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ca_totaldefense_regeneratereports.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
cayin_xpost_sql_rce.rb
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
cogent_datahub_command.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
cogent_datahub_request_headers_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
coldfusion_fckeditor.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
cyclope_ess_sqli.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
desktopcentral_deserialization.rb
Add a new Java Deserialization mixin and use it to set the shell
2021-03-11 12:09:29 -06:00
desktopcentral_file_upload.rb
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
desktopcentral_statusupdate_upload.rb
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
disk_pulse_enterprise_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
disk_pulse_enterprise_get.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
diskboss_get_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
disksavvy_get_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
disksorter_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
dlink_central_wifimanager_rce.rb
Rubocop recently landed modules continued
2021-02-25 14:13:40 +00:00
dnn_cookie_deserialization_rce.rb
Rubocop recently landed modules continued
2021-02-25 14:13:40 +00:00
dup_scout_enterprise_login_bof.rb
dup_scout_enterprise_login_bof: Add v9.9.14 target and auto targeting
2021-02-25 17:14:25 +00:00
dupscts_bof.rb
dupscts_bof: Add additional targets and auto targeting
2021-02-25 17:12:27 +00:00
easychatserver_seh.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
easyfilesharing_post.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
easyfilesharing_seh.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
easyftp_list.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
edirectory_host.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
edirectory_imonitor.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
efs_easychatserver_username.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
efs_fmws_userid_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ektron_xslt_exec_ws.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ektron_xslt_exec.rb
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
ericom_access_now_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
exchange_ecp_dlp_policy.rb
Update exchange ecp dlp policy to work with new cookie jar
2021-04-29 21:26:02 +01:00
exchange_ecp_viewstate.rb
Add a DOMAIN option to CVE-2020-0688 for consistency with other modules
2020-09-28 09:24:39 -04:00
exchange_proxylogon_rce.rb
Fixed generic cmd payload not echoing
2021-03-29 20:06:12 -04:00
ezserver_http.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
fdm_auth_header.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
file_sharing_wizard_seh.rb
Run rubocop -a on subset of files
2020-03-06 10:41:45 +00:00
flexdotnetcms_upload_exec.rb
Rubocop recently landed modules continued
2021-02-25 14:13:40 +00:00
fortilogger_arbitrary_fileupload.rb
Fix rubocop complaint
2021-03-24 17:38:11 -05:00
generic_http_dll_injection.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
geutebrueck_gcore_x64_rce_bo.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
gitstack_rce.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_autopass_license_traversal.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_imc_bims_upload.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_imc_java_deserialize.rb
Add a new Java Deserialization mixin and use it to set the shell
2021-03-11 12:09:29 -06:00
hp_imc_mibfileupload.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_loadrunner_copyfiletoserver.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_mpa_job_acct.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
hp_nnm_getnnmdata_hostname.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_getnnmdata_icount.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_getnnmdata_maxage.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_nnmrptconfig_nameparams.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_nnmrptconfig_schdparams.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_openview5.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_ovalarm_lang.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_ovas.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_ovbuildpath_textfile.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_ovwebhelp.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_ovwebsnmpsrv_main.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_ovwebsnmpsrv_ovutil.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_ovwebsnmpsrv_uro.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_snmp.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_snmpviewer_actapp.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_toolbar_01.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_toolbar_02.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_webappmon_execvp.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_nnm_webappmon_ovjavalocale.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_openview_insight_backdoor.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_pcm_snac_update_certificates.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_pcm_snac_update_domain.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_power_manager_filename.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_power_manager_login.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hp_sitescope_dns_tool.rb
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
hp_sitescope_runomagentcommand.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
hpe_sim_76_amf_deserialization.rb
Rubocop module again and also update the documentation to reflect recent changes
2021-03-08 16:08:36 -06:00
httpdx_handlepeer.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
httpdx_tolog_format.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ia_webmail.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ibm_tivoli_endpoint_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ibm_tpmfosd_overflow.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ibm_tsm_cad_header.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
icecast_header.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
integard_password_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
intersystems_cache.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
intrasrv_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ipswitch_wug_maincfgret.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
jira_collector_traversal.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
kaseya_uploader.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
kaseya_uploadimage_file_upload.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
kentico_staging_syncserver.rb
Rubocop recently landed modules
2021-02-16 15:08:08 +00:00
kolibri_http.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
landesk_thinkmanagement_upload_asp.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
lexmark_markvision_gfd_upload.rb
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
mailenable_auth_header.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
manage_engine_opmanager_rce.rb
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
manageengine_adshacluster_rce.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
manageengine_appmanager_exec.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
manageengine_apps_mngr.rb
Update false negatives
2018-08-20 18:08:19 -05:00
manageengine_connectionid_write.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
maxdb_webdbm_database.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
maxdb_webdbm_get_overflow.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
mcafee_epolicy_source.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
mdaemon_worldclient_form2raw.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
minishare_get_overflow.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
miniweb_upload_wbem.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
navicopa_get_overflow.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
netdecision_http_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
netgear_nms_rce.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
novell_imanager_upload.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
novell_mdm_lfi.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
novell_messenger_acceptlang.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
nowsms.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
oats_weblogic_console.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
octopusdeploy_deploy.rb
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
oracle9i_xdb_pass.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
oracle_beehive_evaluation.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
oracle_beehive_prepareaudiotoplay.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
oracle_btm_writetofile.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
oracle_endeca_exec.rb
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
oracle_event_processing_upload.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
osb_uname_jlist.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
peercast_url.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
php_apache_request_headers_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
plesk_mylittleadmin_viewstate.rb
Remove CmdStagerFlavor from a couple modules
2021-03-31 12:08:46 -05:00
plex_unpickle_dict_rce.rb
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
privatewire_gateway.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
prtg_authenticated_rce.rb
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
psoproxy91_overflow.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
rabidhamster_r4_log.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
rejetto_hfs_exec.rb
URI.escape is obsolete and needs to be updated
2021-05-09 12:40:48 +05:30
sambar6_search_results.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
sap_configservlet_exec_noauth.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
sap_host_control_cmd_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
sapdb_webtools.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
savant_31_overflow.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
sepm_auth_bypass_rce.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
serviio_checkstreamurl_cmd_exec.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
servu_session_cookie.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
sharepoint_data_deserialization.rb
Rubocop recently landed modules
2021-02-16 15:08:08 +00:00
sharepoint_ssi_viewstate.rb
Remove CmdStagerFlavor from a couple modules
2021-03-31 12:08:46 -05:00
sharepoint_workflows_xoml.rb
Rubocop recently landed modules continued
2021-02-25 14:13:40 +00:00
shoutcast_format.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
shttpd_post.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
solarwinds_fsm_userlogin.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
solarwinds_storage_manager_sql.rb
guard when spawn is used with TcpServer mixin
2021-02-18 10:42:56 -06:00
sonicwall_scrutinizer_sqli.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ssrs_navcorrector_viewstate.rb
Rubocop recently landed modules
2021-02-16 15:08:08 +00:00
steamcast_useragent.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
sws_connection_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
sybase_easerver.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
syncbreeze_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
sysax_create_folder.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
telerik_rau_deserialization.rb
Rubocop recently landed modules continued
2021-02-25 14:13:40 +00:00
tomcat_cgi_cmdlineargs.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
trackercam_phparg_overflow.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
trackit_file_upload.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
trendmicro_officescan_widget_exec.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
trendmicro_officescan.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
ultraminihttp_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
umbraco_upload_aspx.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
vmware_vcenter_chargeback_upload.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
vxsrchs_bof.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
webster_http.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
xampp_webdav_upload_php.rb
Update false negatives
2018-08-20 18:08:19 -05:00
xitami_if_mod_since.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
zentao_pro_rce.rb
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
zenworks_assetmgmt_uploadservlet.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
zenworks_uploadservlet.rb
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00