This repository has been archived by the owner on Oct 22, 2020. It is now read-only.
v1.6.1
Bug Fixes
- Add better handling when trying to bind to an occupied port when using the reverse_tcp payload
- Fix major bug preventing the --update switch updating hidden files
Dependencies
- Upgrade Nokogiri to ~>1.8
- Upgrade supported Ruby version to >= 2.4.1
API Changes
- Add new method for generating random month names in Utility::Text
- Add method in HttpClient for normalising relative paths to absolute URLs
New Payloads
- Add meterpreter_bind_tcp payload (requires msfvenom)
- Add meterpreter_reverse_tcp payload (requires msfvenom)
New Modules
- Add AffiliateWP <= 2.0.9 reflected XSS shell upload
- Add All In One Schema.org Rich Snippets <= 1.4.4 reflected XSS shell upload
- Add Max Buttons <= 6.18 reflected XSS shell upload
- Add Newsletter by Supsystic CSRF stored XSS shell upload
- Add Simple Slideshow Manager <= 2.3 reflected XSS shell upload
- Add Spiffy Calendar <= 3.2.0 reflected XSS shell upload
- Add Tribulant Newsletters <= 4.6.4.2 reflected XSS shell upload
- Add WP Live Chat Support <= 7.0.06 reflected XSS shell upload
- Add WP No External Links <= 3.5.18 reflected XSS shell upload