c6eb4994c1
Updating docs
2018-08-04 13:27:27 +05:30
1c82592882
Land #10358 , Add Dicoogle PACS Directory Traversal scanner module
2018-08-04 05:31:16 +00:00
e5dcfa62c9
remove encoding and escaping
2018-08-03 20:23:33 -04:00
0785d59146
Land #10412 , Add Cisco directory traversal auxiliary module
2018-08-02 16:44:59 -05:00
8785ec21b6
Land #9884 , add linux ufo priv esc module
2018-08-02 17:53:36 +08:00
bbe6206026
documentation for cisco dir traversal module
2018-08-01 13:04:09 -05:00
888dc43a7e
Land #10348 , Add REST API for module queries
...
This PR also updates the local module queries with more query parameters
and logic.
2018-07-31 16:06:31 -05:00
5308c5eca5
Land #10377 , update REST API JSON format
2018-07-31 16:59:05 -04:00
58b3f63c1a
Update to reflect new JSON models
2018-07-31 15:57:26 -05:00
458fb36ec8
Update API docs for GET resource/ID
2018-07-31 15:43:57 -05:00
3e8efea57a
Merge branch 'conform_to_api_standards' into exploit-query
...
Prepare for new JSON format.
2018-07-31 14:48:37 -05:00
3291931955
Merge branch 'upstream-master' into exploit-query
2018-07-31 11:51:14 -05:00
bdd2ceba2b
Documentation
2018-07-31 18:07:57 +05:30
bcfb3d099b
Land #10255 , Adding Micro Focus Secure Messaging Gateway RCE
2018-07-30 21:07:02 -05:00
7d08c71722
Update documentation about how to make it vulnerable again
2018-07-30 21:05:46 -05:00
129fd44350
Land #10305 , SonicWall XML-RPC RCE
2018-07-30 14:14:26 -05:00
51ffe7abba
Add header to doc
2018-07-30 14:07:54 -05:00
952ab801e8
Land #10060 , vTiger CRM v6.3.0 Upload RCE
2018-07-30 12:32:24 -05:00
fe9315dc89
Update module, Add documentation
2018-07-30 12:11:08 -05:00
d58785f959
Land #10247 , add WordPress Arbitrary File Deletion
2018-07-30 09:05:23 -05:00
53cca07442
bcoles suggestions
2018-07-29 10:31:01 -04:00
32384cf850
Land #10387 , Update mov_ss and add mov_ss_dll
2018-07-27 14:52:21 -05:00
3411d0bce2
Refactor error JSON responses to use a helper method
2018-07-27 13:59:17 -05:00
d343458dc5
Update documentation with build instructions
...
remove superfluous directory
2018-07-27 11:31:59 -05:00
1981c3c24b
Fix documentation
2018-07-27 11:21:06 -05:00
15fe80de06
Merge branch 'master' into conform_to_api_standards
2018-07-27 11:08:18 -05:00
eab62c18c6
Update mov_ss and add mov_ss_dll
2018-07-27 09:40:34 -05:00
7bbb44401d
added definition of IEC104
2018-07-27 15:21:00 +02:00
09320ece91
iec104 client
2018-07-27 11:46:26 +02:00
1bcf2f9b37
Land #10383 , Add WP Responsive Thumbnail Slider Plugin Exploit Module
2018-07-26 23:53:25 -05:00
72d634b10b
Update module and its documentation
2018-07-26 23:08:20 -05:00
32d6344e6b
Land #9964 , android post module to extract subscriber info
2018-07-26 16:58:27 -05:00
6accca4181
added documentation and check method
2018-07-26 15:32:37 -05:00
2572a297a2
clean up parameter delcarations in docs and rename doc files to module_search
2018-07-26 11:43:55 -05:00
b1022d16bf
Fix typo in delete response message in docs
2018-07-26 08:43:05 -05:00
ec62815d6e
Add error responses to API docs
2018-07-25 21:46:33 -05:00
cc21c0a673
Update documentation for new format
2018-07-25 18:01:05 -05:00
6c2e8f2402
Land #10300 , Add root exploit for Axis network cameras
2018-07-25 14:46:04 -05:00
f169afff6a
Add documentation and a new reference
2018-07-25 14:44:44 -05:00
bc89d7fe52
Land #10357 , CouchDB improvements and docs
2018-07-25 00:54:55 -05:00
625ea87ea9
Land #10368 , PhpMyAdmin Login Scanner Module
2018-07-24 23:25:27 -05:00
87434ef22d
pull changes
2018-07-24 15:42:31 -05:00
4f81fcdc87
retn versions in chk_setup, tests to reflect, doc
2018-07-24 14:51:00 -05:00
eccd223a3e
Merge branch 'master' into conform_to_api_standards
2018-07-24 12:11:14 -05:00
eb72edc84a
added documentation for aux module
2018-07-24 10:22:53 -05:00
dac5780feb
Land #10176 , creds data service CRUD operations
2018-07-23 23:36:32 -04:00
e3da0a6828
Merge branch 'master' into remote_creds_data
2018-07-23 16:39:13 -05:00
e1100572ac
add afp docs
2018-07-22 20:56:52 -04:00
83ae5cb14d
fix backup_file.rb and add a few docs
2018-07-22 20:50:22 -04:00
03e8f45634
add more version info for docs
2018-07-21 21:39:19 -04:00
2a969d70db
dicoogle
2018-07-21 21:31:45 -04:00
f1e1407901
add musl-cross info
2018-07-21 14:22:27 -04:00
17b94f7cf3
add smap disabling instructions
2018-07-21 14:20:24 -04:00
85c2e5298f
patch up docs
2018-07-21 14:06:57 -04:00
4a9e6fac66
patch up docs
2018-07-21 14:00:29 -04:00
abfed97e03
remove EOL spaces
2018-07-21 11:21:11 -04:00
357f221b93
update doc
2018-07-21 11:09:16 -04:00
8b324c19d8
update couchdb scanner
2018-07-21 11:02:50 -04:00
65d42380d3
Merge branch 'master' into remote_creds_data
2018-07-19 16:25:06 -05:00
04a6cf8f0a
pull latest changes and re-register module servlet in new sinatra base
2018-07-19 14:42:39 -05:00
ce7eb9f3fe
add list of valid fields to documenation and update aliases
2018-07-19 14:31:46 -05:00
462655dea1
update response example documentation
2018-07-19 14:10:04 -05:00
4c71268b38
add documentation for aliases
2018-07-19 13:38:18 -05:00
e3716305dc
add new fields to swagger doc
2018-07-19 13:31:41 -05:00
19239c72c0
Update cmsms_upload_rename_rce check and docs
2018-07-19 18:26:42 +00:00
28e3f3a5f0
Land #10327 , Add CMS Made Simple Upload/Rename Authenticated RCE
2018-07-19 12:18:12 -05:00
59962c5273
Merge branch 'master' into conform_to_api_standards
2018-07-19 09:26:17 -05:00
8010c58220
add module documentation to swagger (WIP)
2018-07-18 17:36:31 -05:00
4d2e0e51e4
Update docs for /endpoit/ID GET requests
2018-07-18 16:01:12 -05:00
70a1df70a1
Land #9753 , Linux BPF sign extension local privesc
2018-07-18 18:44:14 +08:00
1e004769ca
CMS Made Simple Upload/Rename Authenticated RCE
2018-07-17 09:00:39 -05:00
01e6362828
Fix documentation wording
2018-07-17 13:01:49 +02:00
6bf184dbcf
Update tested versions
2018-07-17 06:24:16 +00:00
9a7c34e6e9
Land #10064 , Claymore Dual Miner API RCE
2018-07-16 18:02:20 -05:00
bfd521f2cb
Small note about network not available
2018-07-16 11:56:55 +02:00
aa58634b24
Document rc.local
2018-07-16 09:34:20 +02:00
6e450973b9
Land #10295 , Add QNAP Q'Center change_passwd Command Execution exploit
2018-07-14 10:09:46 -05:00
9bdec97b2e
Fix bpf_sign_extension_priv_esc
2018-07-13 23:01:17 +00:00
b40a146723
Land #10297 , Add priv escalation mod for CVE-2018-8897
2018-07-13 10:54:25 -05:00
d7a0d7ecf3
Add some documentation for mov_ss.md
2018-07-13 01:17:28 -05:00
1ad571f136
Fix password typo
2018-07-13 16:02:15 +10:00
392cf3bbe1
Are hosts?
2018-07-13 15:00:31 +10:00
a020d48caf
Move module documentation to documentation directory
2018-07-13 04:46:25 +00:00
358347358f
Add documentation
2018-07-13 04:18:56 +00:00
ed163c11a0
Land #10296 , a few aux module docs
2018-07-12 22:20:25 -05:00
c9001699cd
Land #10027 , Hadoop unauthed command execution
2018-07-12 21:58:49 -05:00
50252c75d6
Clean up module
...
With a little rubocop -a.
2018-07-12 21:58:00 -05:00
6751d48564
A few aux module docs
2018-07-12 17:50:47 -04:00
acb20e5a29
Land #9780 , CouchDB auth bypass and RCE
2018-07-12 03:36:17 -05:00
a08420e0d0
Land #10286 , Docker server version scanner
2018-07-12 03:08:41 -05:00
e62dbecbef
Add module doc
2018-07-12 03:06:16 -05:00
1ded8ffb29
Land #10260 , Add phpMyAdmin v4.8.1/4.8.0 LFI RCE
2018-07-11 11:10:52 -05:00
c26fcc0af1
Merge branch 'master' into remote_creds_data
2018-07-11 10:27:49 -05:00
b119622408
GET with ID is NYI for credentials
2018-07-10 17:30:44 -05:00
0270b0269b
Update Credential API documentation
2018-07-10 17:29:25 -05:00
10cd6c99d9
Land #10231 , Monstra Fileupload Exec
2018-07-10 14:23:15 -05:00
e7ddb6fdf5
Add API docs for logins endpoints
2018-07-10 14:21:19 -05:00
476a3a276f
modified capitalization and wording
2018-07-10 14:12:02 -05:00
1af360d7e0
Land #10108 , add IBM QRadar SIEM exploit
2018-07-10 11:52:32 -05:00
625050767e
add module docs
2018-07-10 11:51:57 -05:00
bbc16e1873
Merge branch 'master' into remote_creds_data
2018-07-09 09:49:14 -05:00
1c448de882
Land #10107 , Add the scanner/smb/impacket/secretsdump module
2018-07-06 14:59:33 -05:00
b5fb970aec
Land #10133 , Add HID discoveryd RCE exploit
2018-07-06 14:32:29 -05:00
545e91af00
Land #10262 , Add GitList argument injection exploit module
2018-07-06 14:28:20 -05:00
fe1b17684a
Add Targets and Session file inclusion
2018-07-06 12:17:26 -05:00
43d71cdc09
Initial Claymore Dual Miner RCE doc commit
2018-07-06 02:50:16 +02:00
b4b7bf03da
Land #10171 , Implement desktop shell and screensaver post modules
2018-07-05 17:33:06 -05:00
a18e4a7d5c
Land #10246 , add documentation for APK injection
2018-07-05 17:26:56 -05:00
5d0652fab1
changed inconsistent capitalization
2018-07-05 15:56:41 -05:00
2b452d5681
added documentation and check
2018-07-05 15:47:21 -05:00
05a0d79be7
Land #10219 , Add HP VAN SDN Controller exploit
2018-07-05 14:21:44 -05:00
830c17f07e
Update outdated print in module doc
2018-07-05 14:18:33 -05:00
43096d9d78
Add phpMyAdmin v4.8.1/4.8.0 LFI RCE
...
Module and Doc
2018-07-05 13:33:35 -05:00
53d5d82498
Rename module to match new vector
2018-07-05 13:31:16 -05:00
b00f0e87e0
Add SonicWall XML-RPC Remote Code Execution exploit module
2018-07-05 12:06:13 -05:00
a272dcabd7
Fix typos and additional updates regarding to review
2018-07-05 13:33:40 +01:00
4c1c2e9288
Adding Micro Focus Secure Messaging Gateway RCE
2018-07-04 17:47:13 +01:00
12a0aaeaf1
Add module doc
2018-07-03 18:31:43 -05:00
e1a9aae109
Add Wordress Arbitrary File Deletion module
2018-07-03 12:21:38 +02:00
7fe41f5e4e
fix #10187 , add documentation for APK injection
2018-07-03 15:20:18 +08:00
8f8d015741
changed some wording
2018-07-02 09:57:28 -05:00
54fce378fa
added target versions to documentation
2018-07-02 09:20:17 -05:00
7a966e7b9d
Change unauthorized to unauthenticated
2018-07-01 22:43:54 -04:00
32db22804e
Docs Update
...
Docs Update
2018-06-30 12:45:43 +05:30
128438f444
Merge pull request #2 from touhidshaikh/monstra_fileupload_exec
...
Monstra fileupload exec
2018-06-30 12:03:14 +05:30
d0abe843c4
monstra_fileupload_exec doc
...
monstra_fileupload_exec Doc
2018-06-30 11:52:43 +05:30
3b5555542c
add exploit module and documentation
2018-06-29 15:17:12 -05:00
fc3199259b
Land #9958 , Nagios xi 2 electric
2018-06-29 12:16:18 -05:00
675a736ab7
Update Docs
2018-06-29 11:08:31 -05:00
c508a5f7f3
Land #10213 , Add FTPShell client 6.70 Stack Buffer Overflow exploit
2018-06-29 14:40:51 +00:00
cb0564913e
Land #9933 , auxiliary/scanner/db2/discovery docs
2018-06-27 16:00:39 -05:00
ce7d4cd280
Land #10109 , Teradata login scanner and SQL runner
2018-06-27 15:35:57 -05:00
fe8538a4a7
Add note about Teradata configuration for OS X
2018-06-27 15:33:50 -05:00
857dc39cd0
FTPShell client 6.70 (Enterprise edition)
2018-06-27 16:36:04 +01:00
c5e7184fdb
Land #10199 , Kace Systems Management Command Injection
2018-06-26 10:11:10 -05:00
510c2d04ef
add auxiliary module and documentation - SickRage
2018-06-22 11:18:02 -05:00
b8f0ca2cd7
Add documentation
2018-06-22 13:53:35 +00:00
74ed2a581a
Document post/multi/screensaver
2018-06-22 09:51:55 +00:00
7a4b00372e
Document post/multi/manage/open
2018-06-22 09:51:33 +00:00
eaf043d30b
Land #10156 , WebKit, as used in WebKitGTK+ Crash - CVE-2018-11646
2018-06-21 16:28:37 -05:00
a91ad8c09c
Land #10193 , Updated Documentation for httpdasm module
2018-06-21 13:04:45 -05:00
2277b13869
updated documentation
2018-06-20 16:30:19 -05:00
72432c200a
Land #10183 , Add auxiliary mod to exploit httpdasm dir traversal vuln
2018-06-19 14:56:36 -05:00
b78bb78f95
added auxiliary module and documentation
2018-06-18 10:25:33 -05:00
cb50d0fade
Land #9825 , Add 'phpMyAdmin Authenticated Remote Code Execution'
2018-06-18 08:51:53 -05:00
2e2ded22fc
Use Gem::Version
...
Simplify version comparisons
2018-06-18 08:35:47 -05:00
122ea2ddcb
Update module, Add docs
...
Changed the module to an exploit module and
added documentation.
2018-06-18 07:33:05 -05:00
2ded48a510
Merge branch 'master' into remote_creds_data
2018-06-15 10:26:10 -05:00
b733b79533
Land #10021 , post/multi/recon/sudo_commands module
2018-06-14 16:33:50 -05:00
aef74bf477
Add documentation
2018-06-14 13:21:34 +00:00
1cd76eb833
Land #10148 , Add New Module - Badpdf
...
Merge branch 'land-10148' into upstream-master
2018-06-12 17:19:32 -05:00
29f4870fa0
Land #10101 , Add glibc 'realpath()' Privilege Escalation exploit
2018-06-12 16:41:07 -05:00
c3c6bc19da
Land #10059 , CVE-2018-1111 exploit
2018-06-12 15:02:06 -05:00
4dd744495d
Add basic module doc
2018-06-12 15:01:40 -05:00
62a13430f7
Minor changes in documentation
2018-06-11 13:21:13 +05:30
be5bc3d2f8
Added documentation
2018-06-09 16:32:20 +05:30
992d2130aa
Updated Documentation
2018-06-07 21:05:56 +01:00
3036b62890
Update badpdf.md
2018-06-07 19:07:29 +01:00
85a32fcd32
BadPDF Documentation
2018-06-07 16:39:50 +01:00
f53d2a14df
Land #10067 , Added `auxiliary/fileformat/odt_badodt`
2018-06-06 11:27:23 -05:00
20e773498f
Moved to `auxiliary/fileformat/odt_badodt` and updated docs
2018-06-06 11:27:07 -05:00
2ec6d11663
Expanded documentation to discuss `auxiliary/server/capture/smb`
2018-06-06 11:19:04 -05:00
61074d1220
Land #10115 , Added module `auxiliary/fileformat/multidrop`
2018-06-05 16:30:30 -05:00
3b2889cd77
Land #10106 , Add the scanner/smb/impacket/wmiexec module
2018-06-05 08:33:34 -05:00
b256a99128
Updated
2018-06-04 23:02:27 +01:00
0719ca28c4
Minor Updates
...
Minor Updates as per recommendations by Aaron Soto.
2018-06-04 19:23:25 +01:00
2c0c99e980
Add documentation
2018-06-03 05:41:53 +00:00
61a98b94b6
Land #9528 , WebKit apple safari trident exploit (CVE-2016-4657)
2018-06-02 21:52:52 -05:00
742e7898f4
add documentation
2018-06-02 21:51:24 -05:00
f424a7f50e
Moved/deleted documentation, as appropriate
2018-06-01 14:22:55 -05:00
abe04edd10
Updated Multidrop Info
2018-06-01 11:12:22 +01:00
1a37289495
Updated Multidrop
...
Updated with changes suggested by bcoles
2018-06-01 11:09:55 +01:00
53d9dc75d8
Adding npm component "marked" ReDoS module
...
This commit adds a module for the npm component
"marked" which exploits a Regular Expression
Denial of Service (ReDoS) vulnerability in the
"heading" regular expression. Also included
is the documentation markdown for this module.
2018-05-31 13:33:09 -05:00
a8f19df4e6
Pass params through query string on creds GET
...
Also updated API docs to use correct params
2018-05-30 16:23:37 -05:00
1e57aa5a57
Land #9777 , Slui File Handler Hijack LPE
2018-05-30 15:22:12 -05:00
f7457c848e
Multidrop Documentation
...
Documentation to accompany multidrop module
2018-05-30 18:12:49 +01:00
d78b743ade
Land #10054 , add MSF5 REST API documentation
2018-05-29 17:58:55 -04:00
c8b2fc8a35
Land #9701 , Flexense HTTP Server DoS exploit
2018-05-29 16:19:59 -05:00
44812852e2
Merge branch 'local_api_docs' of github.com:jbarnett-r7/metasploit-framework into local_api_docs
2018-05-29 12:33:30 -05:00
f8317d3ae2
Address code review comments
...
- Don't document unsupported session POST
- Hide unimplemented loot/id and session/id GET methods
- Fix URL for msf doc
- Add missing workspace parament to vuln-attempts
- Remove unneccessary code for hosting the doc UI
2018-05-29 12:24:53 -05:00
b0d8e93e79
Added Teradata ODBC Login and SQL modules and documentation
2018-05-29 10:12:43 -05:00
28d15a113f
Add the secretsdump impacket module and docs
2018-05-27 17:09:59 -04:00
9fab2316c5
Add the wmiexec impacket module and documentation
2018-05-27 16:24:56 -04:00
83fceba92f
Add documentation
2018-05-26 21:51:45 +00:00
e52b065b26
Manual rewritten for flexense_http_server_dos
2018-05-25 20:18:54 +03:00
59e084aa46
Remote local version of remote data service help
2018-05-24 11:07:37 -05:00
050b52cf91
badodt documentation
...
Documentation of how to use badodt
2018-05-24 11:49:33 +01:00
8acc6daf9b
Add doc for running the remote data service
2018-05-23 11:54:57 -05:00
b83ee106f7
Merge branch 'master' into local_api_docs
2018-05-23 10:06:12 -05:00
7d7f405234
Describe ALL the attributes!
2018-05-22 14:57:21 -05:00
40d5f46277
Lad #10017 , D-Link DSL-2750B Unauthenticated OS Command Injection
...
Merge branch 'land-10017' into upstream-master
2018-05-22 10:54:33 -05:00
e4038af79e
Merge branch 'master' into local_api_docs
2018-05-21 13:44:34 -05:00
88ab836e15
Land #9987 , AF_PACKET chocobo_root exploit
2018-05-21 17:05:53 +08:00
6ae55aadd4
Fixing documentation, improving exploits code
2018-05-20 12:55:46 -04:00
294b263159
Land #9966 , Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit
...
Merge branch 'land-9966' into upstream-master
2018-05-18 17:06:04 -05:00
6858a1caf9
Add compilation instructions to documentation
2018-05-18 22:10:47 +10:00
132313ef34
Minor updates across all API docs.
2018-05-17 16:56:22 -05:00
94b32a3888
Workspace API Doc second pass
2018-05-17 11:22:43 -05:00
91d0b0be12
fix documentation for android/gather/wireless_ap
2018-05-17 21:17:00 +08:00
a3879f0109
Land #9956 , add module to extract wireless credentials on Android
2018-05-17 21:04:56 +08:00
Dhiraj Mishra
Brendan Coles
h00die
Wei Chen
Tim W
Shelby Pace
James Barnett
Matthew Kienow
Erin Bleiweiss
William Vu
Jacob Robles
bwatters-r7
michaelj0hn
Brent Cook
Eliott Teissonniere
ReverseBrain
flandini
Mehmet İnce
Aloïs Thévenot
Green-m
Ishaq Mohammed
Touhid M Shaikh
Adam Cammack
Daniel Teixeira
rmdavy
Aaron Soto
Nicholas Starke
actuated
Spencer McIntyre
Ege Balcı
jbarnett-r7
lucyoa