Jack Heysel
bea4207c62
This exploit module leverages an improper input validation vulnerability in MyBB prior to 1.8.30 to execute arbitrary code in the context of the user running the application.
Metasploit Developer Documentation
*(last updated December 1, 2014)
Metasploit is actively supported by a community of hundreds of contributors and thousands of users world-wide. As a result, the accompanying documentation moves quite quickly.
The best source of documentation on Metasploit development is https://github.com/rapid7/metasploit-framework/wiki. There are many treasures there, such as:
- Evading Antivirus
- How Payloads Work
- How to use Datastore Options
- How to write browser exploits with BES
- How to write a bruteforcer
...and many, many more.
API Documentation
If you are looking for API documentation, you may run rake yard to
generate a navigatable view of the comment documentation used throughout
Metasploit, or visit https://rapid7.github.io/metasploit-framework/api
for a recently generated online version.
Contributing
If you would like to contribute to the documentation effort, please see http://yardoc.org/ for details on how to write YARD-compatible comments, and send us a Pull Request with your contribution.