Christian Mehlmauer
7d42dcee9c
Land #4769 , Wordpress holding-pattern theme file upload
2015-02-21 23:13:06 +01:00
rastating
708340ec5a
Tidy up various bits of code
2015-02-21 12:53:33 +00:00
rastating
76a64b31d7
Resolve msftidy issues
2015-02-21 01:41:29 +00:00
rastating
7d30b214ee
Add WordPress admin shell upload module
2015-02-21 01:31:33 +00:00
Tod Beardsley
6370c99755
Avoid version numbers in titles
2015-02-17 10:28:56 -06:00
Tod Beardsley
62a679ebb8
Avoid version numbers in titles
...
Usually, the versions are more of a range, and nearly always, the module
author never truly knows where the ranges are bounded. It's okay to
clarify in the description.
2015-02-17 10:26:40 -06:00
rastating
40c92f5fe3
Add URL reference
2015-02-14 13:09:37 +00:00
rastating
4dce589bbe
Add WordPress Holding Pattern file upload module
2015-02-14 12:54:03 +00:00
Christian Mehlmauer
55f57e0b9b
Land #4746 , WordPress photo-gallery exploit
2015-02-12 22:24:12 +01:00
Christian Mehlmauer
bce7211f86
added url and randomize upload directory
2015-02-12 22:16:37 +01:00
jvazquez-r7
155651e187
Make filename shorter
2015-02-12 11:45:51 -06:00
jvazquez-r7
95bfe7a7de
Do minor cleanup
2015-02-12 11:45:51 -06:00
rastating
30f310321d
Added CVE reference
2015-02-12 11:45:51 -06:00
rastating
38ad960640
Add Maarch LetterBox file upload module
2015-02-12 11:45:51 -06:00
rastating
cb1efa3edd
Improved error handling, tidied up some code
2015-02-11 10:16:18 +00:00
rastating
80a086d5f6
Add WordPress Photo Gallery upload module
2015-02-11 01:03:51 +00:00
Christian Mehlmauer
6d46182c2f
Land #4570 , @rastating 's module for wp-easycart
2015-02-07 23:42:23 +01:00
Christian Mehlmauer
f2b834cebe
remove check because the vuln is unpatched
2015-02-07 23:38:44 +01:00
Christian Mehlmauer
d2421a2d75
wrong version
2015-02-07 23:34:19 +01:00
Christian Mehlmauer
56d2bc5adb
correct version number
2015-02-07 23:22:43 +01:00
rastating
345d5c5c08
Update version numbers to reflect latest release
2015-02-07 19:09:16 +00:00
jvazquez-r7
1ea4a326c1
Land #4656 , @nanomebia's fixes for sugarcrm_unserialize_exec
2015-02-06 16:42:01 -06:00
jvazquez-r7
e511f72ab4
Delete final check
...
* A session is the best proof of success
2015-02-06 16:34:34 -06:00
Tod Beardsley
c633c710bc
Mostly caps/grammar/spelling, GoodRanking on MBAM
2015-02-05 12:36:47 -06:00
jvazquez-r7
c0e1440572
Land #4685 , @FireFart's module for Wordpress Platform Theme RCE
2015-02-03 17:35:59 -06:00
jvazquez-r7
28f303d431
Decrease timeout
2015-02-03 17:33:29 -06:00
jvazquez-r7
a1c157a4db
Land #4609 , @h0ng10's module for Wordpress Pixabay Images PHP Code Upload
2015-02-03 17:01:32 -06:00
jvazquez-r7
eebee7c066
Do better session creation handling
2015-02-03 17:00:37 -06:00
jvazquez-r7
4ca4fd1be2
Allow to provide the traversal depth
2015-02-03 16:38:40 -06:00
jvazquez-r7
e62a5a4fff
Make the calling payload code easier
2015-02-03 16:23:04 -06:00
jvazquez-r7
61cdb5dfc9
Change filename
2015-02-03 16:13:10 -06:00
jvazquez-r7
82be43ea58
Do minor cleanup
2015-02-03 16:07:27 -06:00
Christian Mehlmauer
2c956c0a0f
add wordpress platform theme rce
2015-01-31 22:02:44 +01:00
Nanomebia
d04fd3b978
Fixing Indentation
...
Small indentation fix
2015-01-29 13:03:19 +08:00
Nanomebia
af90c6482b
Sanity Changes
...
Reverted failure behaviour on line 70
Removed a space that prevented line 98 from working as intended
2015-01-28 18:40:43 +08:00
Nanomebia
27c412341f
Syntax Changes
...
Cleaned up this statement a tiny bit
2015-01-28 18:34:19 +08:00
Nanomebia
fc3094ec9b
Syntax changes
...
Fixed some more syntax - failures
2015-01-28 18:30:21 +08:00
Nanomebia
321eb452c5
Syntax Fixes
...
Fixed some or's to || - and's to &&.
Fixed failure if statement (fails using fail_with())
Fixed nested else (now and elsif)
Changed final execute logic - checks for success rather than failure.
2015-01-28 18:08:15 +08:00
Nanomebia
fefc3d088c
Cookie fix and success display
...
Added handling for if the server doesn't correctly assign a cookie using
Set-Cookie by changing the regex and doing an additional check. Also
fixed the success display - changed the if statement to match others in
this module and fixed the text output based on server response.
2015-01-28 17:11:05 +08:00
Tod Beardsley
bae19405a7
Various grammar, spelling, word choice fixes
2015-01-26 11:00:07 -06:00
Hans-Martin Münch (h0ng10)
419fa93897
Add OSVDB and WPScan references
2015-01-23 09:27:42 +01:00
Hans-Martin Münch (h0ng10)
dfbbc79e0d
make retries a datastore option
2015-01-23 09:23:09 +01:00
Hans-Martin Münch (h0ng10)
11bf58e548
Use metasploit methods
2015-01-23 08:48:52 +01:00
rastating
9d3397901b
Correct version numbers and code tidy up
2015-01-19 20:59:46 +00:00
Hans-Martin Münch (h0ng10)
5813c639d1
Initial commit
2015-01-19 17:23:48 +01:00
rastating
8a89b3be28
Cleanup of various bits of code
2015-01-13 22:20:40 +00:00
rastating
8246f4e0bb
Add ability to use both WP and EC attack vectors
2015-01-12 23:30:59 +00:00
rastating
e6f6acece9
Add a date hash to the post data
2015-01-12 21:21:50 +00:00
rastating
ea37e2e198
Add WP EasyCart file upload exploit module
2015-01-10 21:05:02 +00:00
Christian Mehlmauer
d4d1a53533
fix invalid url
2015-01-09 21:57:52 +01:00