http

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 9, 2026 License: AGPL-3.0 Imports: 1 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type GeoServer added in v0.5.0 

type GeoServer struct {
	sdk.Pik
	// contains filtered or unexported fields
}

GeoServer exploits unauthenticated RCE via XPath expression injection in OGC request parameters (CVE-2024-36401).

func (*GeoServer) Check added in v0.5.0 

func (m *GeoServer) Check(run *sdk.Context) (sdk.CheckResult, error)

func (*GeoServer) Exploit added in v0.5.0 

func (m *GeoServer) Exploit(run *sdk.Context) error

func (*GeoServer) Info added in v0.5.0 

func (m *GeoServer) Info() sdk.Info

type MajorDoMoConsoleEval added in v0.5.0 

type MajorDoMoConsoleEval struct{ sdk.Pik }

MajorDoMoConsoleEval exploits CVE-2026-27174: unauthenticated PHP code evaluation via the admin panel console. The admin.php redirect() in panel.class.php lacks an exit statement, so execution continues into inc_panel_ajax.php which passes the command parameter directly to eval() via evalConsole().

func (*MajorDoMoConsoleEval) Check added in v0.5.0 

func (m *MajorDoMoConsoleEval) Check(run *sdk.Context) (sdk.CheckResult, error)

func (*MajorDoMoConsoleEval) Exploit added in v0.5.0 

func (m *MajorDoMoConsoleEval) Exploit(run *sdk.Context) error

func (*MajorDoMoConsoleEval) Info added in v0.5.0 

func (m *MajorDoMoConsoleEval) Info() sdk.Info

type MajorDoMoSupplyChain added in v0.5.0 

type MajorDoMoSupplyChain struct {
	sdk.Pik
	sdk.WithHTTPServer // Tells the runner to start an HTTP server on SRVPORT.
}

MajorDoMoSupplyChain exploits CVE-2026-27180: unauthenticated RCE via update poisoning in MajorDoMo's saverestore module. The attack poisons MASTER_UPDATE_URL, triggers a forced update, and serves a malicious tarball containing a PHP webshell that gets extracted to the webroot.

This module demonstrates the exploit HTTP server pattern:

  • Embed sdk.WithHTTPServer to signal the runner to start an HTTP server.
  • Use run.ServeRoute(pattern, contentType, body) to register routes. Patterns support wildcards: "*.tar.gz" (suffix), "prefix*", "*contains*", or exact match without wildcards.
  • Use run.ExploitURL() to get the server's base URL (scheme://LHOST:SRVPORT).
  • Use run.WaitRoutes(timeout, patterns...) to block until the target fetches all registered routes.
  • The server lifecycle (bind, TLS, shutdown) is fully managed by the runner.

func (*MajorDoMoSupplyChain) Check added in v0.5.0 

func (m *MajorDoMoSupplyChain) Check(run *sdk.Context) (sdk.CheckResult, error)

func (*MajorDoMoSupplyChain) Exploit added in v0.5.0 

func (m *MajorDoMoSupplyChain) Exploit(run *sdk.Context) error

func (*MajorDoMoSupplyChain) Info added in v0.5.0 

func (m *MajorDoMoSupplyChain) Info() sdk.Info

func (*MajorDoMoSupplyChain) Options added in v0.5.0 

func (m *MajorDoMoSupplyChain) Options() []sdk.Option

type React2Shell 

type React2Shell struct{ sdk.Pik }

React2Shell exploits CVE-2025-55182: pre-auth RCE in React Server Components via Flight protocol deserialization and prototype pollution.

func (*React2Shell) Check 

func (m *React2Shell) Check(run *sdk.Context) (sdk.CheckResult, error)

func (*React2Shell) Exploit 

func (m *React2Shell) Exploit(run *sdk.Context) error

func (*React2Shell) Info 

func (m *React2Shell) Info() sdk.Info

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.