adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f255724e0101bea134a18eaaebcbcb2929e554e9
metasploit-gs/modules/exploits/multi/http
T
History
James Lee f255724e01 Changes to support older Solr (tested 5.3.0) 
Use a new parameter instead of a header because older versions don't
have access to the request object.

There was an issue where the exploit would fail if the exec returned -1
despite the payload otherwise working, fixed by not trying to return
output in that case.

Also updates the documentation to reflect that we have a Java target now
and quoting is no longer a concern.
2020-12-13 19:05:47 -06:00
..
activecollab_chat.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
agent_tesla_panel_rce.rb
Update autocheck to use prepend instead of include, add ForceExploit functionality
2020-06-30 11:40:46 +01:00
ajaxplorer_checkinstall_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
apache_activemq_upload_jsp.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
apache_jetspeed_file_upload.rb
Fix exploit/multi/http/apache_jetspeed_file_upload
2019-02-25 11:32:06 -06:00
apache_mod_cgi_bash_env_exec.rb
Update DisclosureDate to ISO 8601 in my modules
2018-11-16 12:18:28 -06:00
apache_roller_ognl_injection.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
apprain_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
atutor_sqli.rb
more ruby style
2019-10-02 20:23:12 -04:00
atutor_upload_traversal.rb
Update recent modules to use prepend
2020-07-01 14:43:15 -05:00
auxilium_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
axis2_deployer.rb
Correct false negative post_auth? status
2018-08-09 23:34:03 -05:00
baldr_upload_exec.rb
Further edits for RuboCop and msftidy_docs.rb compliance
2020-08-06 11:18:39 -05:00
bassmaster_js_injection.rb
Fix #9307, credit to @r0610205
2017-12-18 03:55:01 -06:00
bolt_file_upload.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
builderengine_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
caidao_php_backdoor_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
cisco_dcnm_upload_2019.rb
Cisco DCNM Module upload directory location regex filter corrected to allow for paths such as C:\Cisco System\
2020-03-12 17:08:33 -04:00
cisco_dcnm_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
clipbucket_fileupload_exec.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
cmsms_object_injection_rce.rb
check response
2019-11-13 08:34:23 -06:00
cmsms_showtime2_rce.rb
Use instance variables instead of datastore options
2019-03-27 15:17:32 -05:00
cmsms_upload_rename_rce.rb
Register files on same line
2018-07-31 10:03:59 -05:00
coldfusion_ckeditor_file_upload.rb
Fix targets and syntax changes
2019-01-10 06:39:45 -06:00
coldfusion_rds_auth_bypass.rb
Fix style, once more with feeling
2019-10-31 09:59:35 -05:00
confluence_widget_connector.rb
Fix target_platform check (it's empty, not nil)
2019-06-25 12:56:36 -05:00
cups_bash_env_exec.rb
revisionism
2019-01-10 19:19:14 +00:00
cuteflow_upload_exec.rb
revisionism
2019-01-10 19:19:14 +00:00
dexter_casinoloader_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
drupal_drupageddon.rb
style
2019-12-11 06:44:35 -05:00
eaton_nsm_code_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
eventlog_file_upload.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
extplorer_upload_exec.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
familycms_less_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
freenas_exec_raw.rb
doc cleanup
2020-03-24 08:47:21 -04:00
gestioip_exec.rb
This fixes broken links to the community.rapid7.com blog
2020-02-18 09:06:11 -06:00
getsimplecms_unauth_code_exec.rb
added checks to at, changed some uris
2019-05-15 15:40:27 -05:00
git_client_command_exec.rb
This fixes broken links to the community.rapid7.com blog
2020-02-18 09:06:11 -06:00
git_submodule_command_exec.rb
Add timwr as an author to his own modules
2019-03-29 10:44:58 -05:00
git_submodule_url_exec.rb
Add timwr as an author to his own modules
2019-03-29 10:44:58 -05:00
gitlab_shell_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
gitlist_arg_injection.rb
Land #10278, gitlist_arg_injection fixes
2018-07-12 19:03:52 -05:00
gitorious_graph.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
glassfish_deployer.rb
Update auth requirement for json metadata
2018-08-07 16:42:00 -05:00
glossword_upload_exec.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
glpi_install_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
horde_csv_rce.rb
randomize file name
2020-03-23 07:28:04 -05:00
horde_form_file_upload.rb
changed if not to unless
2019-04-09 13:43:54 -05:00
horde_href_backdoor.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
hp_sitescope_issuesiebelcmd.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
hp_sitescope_uploadfileshandler.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
hp_sys_mgmt_exec.rb
Correct false negative post_auth? status
2018-08-09 23:34:03 -05:00
hyperic_hq_script_console.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
ibm_openadmin_tool_soap_welcomeserver_exec.rb
Base64 enc payload to bypass escaping quotes etc.
2020-06-12 13:44:00 +08:00
ispconfig_php_exec.rb
This fixes broken links to the community.rapid7.com blog
2020-02-18 09:06:11 -06:00
jboss_bshdeployer.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
jboss_deploymentfilerepository.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
jboss_invoke_deploy.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
jboss_maindeployer.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
jboss_seam_upload_exec.rb
40% done
2017-08-28 20:17:58 -04:00
jenkins_metaprogramming.rb
Don't be lazy anymore and pack lengths as shorts
2020-04-15 15:47:51 -05:00
jenkins_script_console.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
jenkins_xstream_deserialize.rb
Add ARCH_CMD and general fixup
2018-02-26 16:59:36 -05:00
jira_hipchat_template.rb
Correct false negative post_auth? status
2018-08-09 23:34:03 -05:00
jira_plugin_upload.rb
add checks for xsrf_token
2019-04-26 11:09:33 -05:00
joomla_http_header_rce.rb
40% done
2017-08-28 20:17:58 -04:00
kordil_edms_upload_exec.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
lcms_php_exec.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
liferay_java_unmarshalling.rb
Backport miscellaneous fixes to my modules
2020-08-14 13:40:23 -05:00
log1cms_ajax_create_folder.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
magento_unserialize.rb
doc cleanup
2020-03-24 08:47:21 -04:00
makoserver_cmd_exec.rb
Bump ranking to Excellent
2017-11-15 15:00:47 -06:00
manage_engine_dc_pmp_sqli.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
manageengine_auth_upload.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
manageengine_sd_uploader.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
manageengine_search_sqli.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
mantisbt_manage_proj_page_rce.rb
store credential, use vprints
2018-05-09 11:50:07 -05:00
mantisbt_php_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
maracms_upload_exec.rb
Use register_for_cleanup instead of on_new_session for cleanup
2020-09-25 08:11:02 -04:00
mediawiki_syntaxhighlight.rb
Correct false negative post_auth? status
2018-08-09 23:34:03 -05:00
mediawiki_thumb.rb
40% done
2017-08-28 20:17:58 -04:00
metasploit_static_secret_key_base.rb
This fixes broken links to the community.rapid7.com blog
2020-02-18 09:06:11 -06:00
metasploit_webui_console_command_execution.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
mma_backdoor_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
mobilecartly_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
monstra_fileupload_exec.rb
changed grammar, removed redundant code
2018-07-10 14:13:57 -05:00
moodle_cmd_exec.rb
This fixes broken links to the community.rapid7.com blog
2020-02-18 09:06:11 -06:00
movabletype_upgrade_exec.rb
40% done
2017-08-28 20:17:58 -04:00
mutiny_subnetmask_exec.rb
adress a spelling problem
2019-10-05 14:22:18 -04:00
nas4free_php_exec.rb
This fixes broken links to the community.rapid7.com blog
2020-02-18 09:06:11 -06:00
navigate_cms_rce.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
netwin_surgeftp_exec.rb
Add applicable notes to my exploit modules
2018-10-27 20:54:14 -04:00
nibbleblog_file_upload.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
nostromo_code_exec.rb
add reference
2019-10-31 08:23:57 -05:00
novell_servicedesk_rce.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
nuuo_nvrmini_upgrade_rce.rb
Make minor changes for nuuo module
2019-02-06 22:26:31 -06:00
october_upload_bypass_exec.rb
add filedropper, fix check, add to docs
2019-09-06 09:49:09 -05:00
op5_license.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
op5_welcome.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
openfire_auth_bypass.rb
Update false negatives on post auth information
2018-08-20 15:43:07 -05:00
openmediavault_cmd_exec.rb
This fixes broken links to the community.rapid7.com blog
2020-02-18 09:06:11 -06:00
openmrs_deserialization.rb
use printf command stager
2019-12-04 12:17:35 -06:00
openx_backdoor_php.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
opmanager_socialit_file_upload.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
oracle_ats_file_upload.rb
Fix exploit/multi/http/oracle_ats_file_upload
2019-02-25 11:35:34 -06:00
oracle_reports_rce.rb
40% done
2017-08-28 20:17:58 -04:00
oracle_weblogic_wsat_deserialization_rce.rb
Update payload and disable check functionality
2018-01-18 13:26:44 -05:00
orientdb_exec.rb
Make msftidy happy
2019-08-02 11:17:41 -05:00
oscommerce_installer_unauth_code_exec.rb
oscommerce msftidy fix
2018-06-26 08:21:10 -05:00
pandora_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phoenix_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
php_cgi_arg_injection.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
php_fpm_rce.rb
Ensure client is disconnected when leaving the check method
2020-03-06 17:38:37 +01:00
php_utility_belt_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
php_volunteer_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phpfilemanager_rce.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
phpldapadmin_query_engine.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phpmailer_arg_injection.rb
Add applicable notes to my exploit modules
2018-10-27 20:54:14 -04:00
phpmoadmin_exec.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
phpmyadmin_3522_backdoor.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phpmyadmin_lfi_rce.rb
Additional path for Linux target
2018-08-24 07:18:24 -05:00
phpmyadmin_null_termination_exec.rb
Fix msftdiy EDB link check
2018-08-26 04:18:38 +00:00
phpmyadmin_preg_replace.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phpscheduleit_start_date.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
phpstudy_backdoor_rce.rb
set default index.php
2020-03-05 10:24:22 +08:00
phptax_exec.rb
40% done
2017-08-28 20:17:58 -04:00
phpwiki_ploticus_exec.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
pimcore_unserialize_rce.rb
removed version from module title
2019-04-29 08:43:33 -05:00
playsms_filename_exec.rb
store credentials
2018-05-07 07:26:28 -05:00
playsms_template_injection.rb
Cleanup more status methods and move the module
2020-04-03 10:21:27 -04:00
playsms_uploadcsv_exec.rb
Fix indentation, documentation update
2018-05-07 09:22:21 -05:00
plone_popen2.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
pmwiki_pagelist.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
polarcms_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
processmaker_exec.rb
revisionism
2019-01-10 19:19:14 +00:00
processmaker_plugin_upload.rb
Update all module splats from http:// to https://
2019-08-15 18:10:44 -05:00
qdpm_upload_exec.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
rails_actionpack_inline_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
rails_double_tap.rb
Add a ZDI reference for CVE-2019-5420 Rails exploit
2019-06-20 10:43:21 -05:00
rails_dynamic_render_code_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
rails_json_yaml_code_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
rails_secret_deserialization.rb
Fix CVE numbers
2018-07-09 13:22:08 -05:00
rails_web_console_v2_code_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
rails_xml_yaml_code_exec.rb
This fixes broken links to the community.rapid7.com blog
2020-02-18 09:06:11 -06:00
rocket_servergraph_file_requestor_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
sflog_upload_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
shiro_rememberme_v124_deserialize.rb
Update Apache Shiro RCE module docs
2020-04-28 14:24:17 -04:00
shopware_createinstancefromnamedarguments_rce.rb
Add correct CVE for shopware module
2019-09-12 16:09:32 -05:00
simple_backdoors_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
sit_file_upload.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
snortreport_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
solarwinds_store_manager_auth_filter.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
solr_velocity_rce.rb
Changes to support older Solr (tested 5.3.0)
2020-12-13 19:05:47 -06:00
sonicwall_gms_upload.rb
40% done
2017-08-28 20:17:58 -04:00
sonicwall_scrutinizer_methoddetail_sqli.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
splunk_mappy_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
splunk_upload_app_exec.rb
Update splunk_upload_app_exec.rb
2019-11-26 15:38:34 +01:00
spree_search_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
spree_searchlogic_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts2_code_exec_showcase.rb
Clean up module
2018-05-16 05:39:17 -05:00
struts2_content_type_ognl.rb
Don't worry about response code
2019-06-24 13:53:31 -05:00
struts2_namespace_ognl.rb
Fix TARGETURI support in struts2_namespace_ognl
2018-12-14 13:08:50 -06:00
struts2_rest_xstream.rb
Fix missing split in struts2_rest_xstream
2019-07-10 11:15:36 -05:00
struts_code_exec_classloader.rb
Fix HTTP/SMB mixin order to restore SSL option
2019-01-29 11:09:34 -06:00
struts_code_exec_exception_delegator.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
struts_code_exec_parameters.rb
Move EXE generation in struts_code_exec_parameters
2018-05-16 06:15:40 -05:00
struts_code_exec.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
struts_default_action_mapper.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
struts_dev_mode.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts_dmi_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts_dmi_rest_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
struts_include_params.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
stunshell_eval.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
stunshell_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
sun_jsws_dav_options.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
sysaid_auth_file_upload.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
sysaid_rdslogs_file_upload.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
testlink_upload_exec.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
tomcat_jsp_upload_bypass.rb
Update all module splats from http:// to https://
2019-08-15 18:10:44 -05:00
tomcat_mgr_deploy.rb
Update false negatives on post auth information
2018-08-20 15:43:07 -05:00
tomcat_mgr_upload.rb
Update false negatives on post auth information
2018-08-20 15:43:07 -05:00
totaljs_cms_widget_exec.rb
Use CmdStager mixin
2019-10-15 14:00:58 -05:00
traq_plugin_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
trendmicro_threat_discovery_admin_sys_time_cmdi.rb
doc cleanup
2020-03-24 08:47:21 -04:00
uptime_file_upload_1.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
uptime_file_upload_2.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
v0pcr3w_exec.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
vbseo_proc_deutf.rb
Update CVE references for exploit modules
2018-07-08 18:46:04 -05:00
vbulletin_getindexablecontent.rb
Update autocheck to use prepend instead of include, add ForceExploit functionality
2020-06-30 11:40:46 +01:00
vbulletin_unserialize.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
vbulletin_widget_template_rce.rb
Update vbulletin module with correct CVE
2020-08-14 08:25:57 -05:00
vbulletin_widgetconfig_rce.rb
replace strings with bools
2020-01-14 20:47:27 -05:00
visual_mining_netcharts_upload.rb
Update false negatives on post auth information
2018-08-20 15:43:07 -05:00
vtiger_install_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
vtiger_logo_upload_exec.rb
Change option type
2018-07-30 12:15:59 -05:00
vtiger_php_exec.rb
This fixes broken links to the community.rapid7.com blog
2020-02-18 09:06:11 -06:00
vtiger_soap_upload.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
webnms_file_upload.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
webpagetest_upload_exec.rb
Set needs_cleanup flag for exploits that need it
2019-08-02 10:23:53 -05:00
werkzeug_debug_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
wikka_spam_exec.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
wp_crop_rce.rb
added note in info
2019-04-04 15:19:58 -05:00
wp_db_backup_rce.rb
Minor corrections in check and a unsed return value
2019-07-23 12:20:14 -05:00
wp_dnd_mul_file_rce.rb
add session_created, fix typo
2020-06-04 10:32:17 -05:00
wp_ninja_forms_unauthenticated_file_upload.rb
Fix outdated metadata
2018-10-01 18:59:09 +01:00
wp_responsive_thumbnail_slider_upload.rb
Update module and its documentation
2018-07-26 23:08:20 -05:00
x7chat2_php_exec.rb
Revised 88 aux and exploit modules to add CVEs / references
2018-07-12 17:34:52 -05:00
zabbix_script_exec.rb
This fixes broken links to the community.rapid7.com blog
2020-02-18 09:06:11 -06:00
zemra_panel_rce.rb
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
zenworks_configuration_management_upload.rb
Fix http://seclists.org links to https://
2018-09-15 18:54:45 -05:00
zenworks_control_center_upload.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00
zpanel_information_disclosure_rce.rb
55 pages of spelling done
2017-09-07 21:18:50 -04:00