Skip to content
This repository has been archived by the owner on Oct 22, 2020. It is now read-only.

v1.5
Compare
Choose a tag to compare
@rastating rastating released this 07 Feb 22:31
· 384 commits to master since this release
v1.5
a06e17c

Core / API Changes

  • Add a hook that is called before an upload operation starts using the ShellUpload mixin
  • Add a hook that is called before downloads start in the FileDownload mixin
  • Add ability to register commands to be automatically executed when a session is established (currently supported by the bind_php and reverse_tcp payloads)
  • Add custom validation method in the ShellUpload mixin
  • Add flag to allow module description text to be treated as pre-formatted text
  • Add method for specifying parameters to be used in upload requests made by the ShellUpload mixin
  • Add method to allow important usage information to be emitted when a module is loaded
  • Add method to override the expected status code of successful uploads in the ShellUpload mixin
  • Add the REST API introduced in WordPress 4.7 into the Urls mixin
  • Allow the extension name in the ShellUpload mixin to be customised
  • Remove module naming restrictions, allowing for the use of dots in file names

CLI Changes

  • Add auto-complete suggestions for the gset command
  • Add new command: exit

Bug Fixes

  • Fix a null reference error occurring when using ^D
  • Fix broken CVE links being generated
  • Fix custom payload invocation to properly expand the path

New Modules

  • Add ACF Frontend display <= v2.0.5 unauthenticated shell upload
  • Add Content Slide <= v1.4.2 reflected XSS shell upload
  • Add DesignFolio Plus Theme <= v1.2 unauthenticated shell upload
  • Add Estatik <= v2.2.5 unauthenticated shell upload
  • Add Fast Image Adder <= v1.1 unauthenticated RFI shell upload
  • Add Gravity Forms <= 1.9.15.11 reflected XSS shell upload
  • Add Gravity Forms <= v1.8.19 unauthenticated shell upload
  • Add MailCWP 1.100 shell upload
  • Add MailCWP <= v1.99 unauthenticated shell upload
  • Add Neosense theme <= v1.7 unauthenticated shell upload
  • Add Premium SEO Pack < v1.9 unauthenticated shell upload
  • Add Ultimate Product Catalogue <= v3.1.1 unauthenticated shell upload
  • Add WP Front-End Repository Manager unauthenticated shell upload
  • Add WP Marketplace <= v2.4 file download
  • Add WP Marketplace unauthenticated shell upload
  • Add Windows Desktop And iPhone Photo Uploader unauthenticated shell upload
  • Add WooCommerce Amazon Affiliates < v9.0 unauthenticated shell upload
  • Add WordPress v4.7.0 - v4.7.1 content injection module
Assets 2
Loading