infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update template and web_delivery doc

bug/bundler_fix
wchen-r7 2016-03-03 01:27:14 -06:00
parent cececa749d
commit f4866fd5f0
2 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
data/markdown_doc/remote_exploit_demo_template.erb
View File

@ -1,3 +1,5 @@
**Using <%= mod.shortname %> against a single host**
Normally, you can use <%= mod.fullname %> this way:
```
@ -10,7 +12,9 @@ msf <%= mod.type %>(<%= mod.shortname %>) > show options
msf <%= mod.type %>(<%= mod.shortname %>) > exploit
```
But since this is a remote exploit module, you can also engage multiple hosts.
**Using <%= mod.shortname %> against multiple hosts**
But it looks like this is a remote exploit module, which means you can also engage multiple hosts.
First, create a list of IPs you wish to exploit with this module. One IP per line.

7
documentation/modules/exploit/multi/script/web_delivery.md
View File

@ -11,7 +11,7 @@ say the target supports Powershell.
## Verification Steps
To be able to use web_delivery, you must gain access to the target machine first, wit the ability
To be able to use web_delivery, you must gain access to the target machine first, with the ability
to execute either the Python, or PHP, or Powershell interpreter.
At that point, you would use web_delivery similar to the following example:
@ -56,7 +56,8 @@ PHP is a fairly popular language for web servers, especially Apache.
**Powershell/win**
Powershell is a popular language for newer Windows systems. Windows 7 and Windows Server 2008 R2
are the first Windows versions to come with Powershell by default, and not older systems.
are the first Windows versions to come with Powershell by default. Older Windows systems such as XP
don't come with it by default, but it is still possible to see it installed on a corporate network.
## Scenarios
@ -67,7 +68,7 @@ web_delivery would work nicely for a web application with a command execution vu
One way to approach this would be:
1. Start exploit/multi/script/web_delivery
2. Use Burp Suite to intercept the HTTP/HTTPS request, place the command in the parameter that
2. Use [Burp Suite](https://portswigger.net/burp/) to intercept the HTTP/HTTPS request, place the command in the parameter that
results in arbitrary code execution.
3. Hopefully the modified HTTP/HTTPS request is successful, and you should get a session.