9236aff6ee
forgot to add my docs
2017-11-04 13:51:41 -04:00
646c7f7c0a
update doc
2017-11-04 11:40:32 -04:00
40bcb3f0c8
update documentation
2017-11-03 09:09:51 -04:00
697031eb36
mysql UDF now multi
2017-11-03 05:26:05 -04:00
caad1bbf27
Create dlink_dir850l_unauth_exec.md
2017-11-02 15:54:45 -04:00
e3ac6b8dc2
Land #9109 , wp-mobile-detector upload and execute
2017-11-01 13:25:16 -05:00
8613852ee8
Add Mako Server v2.5 command injection module/docs
2017-10-26 23:29:11 -04:00
cd35ae4661
Land #9106 negear dgn1000 unauth rce module
2017-10-22 22:18:53 -04:00
210f6f80b7
netgear1000dng cleanup
2017-10-22 22:17:40 -04:00
e9fdb5bd94
Create netgear_dgn1000_unauth_setup_exec.md
2017-10-22 16:54:06 -04:00
cfd7761818
wp_mobile_detector rce
2017-10-20 23:19:58 -04:00
9658776adf
Land #9079 , adding @h00die's gopher scanner
2017-10-20 17:16:08 -07:00
f250e15b6e
Land #9105 rename psh to polycom for name collision
2017-10-20 20:10:57 -04:00
fd028338e1
move psh to polycom so no more powershell name collision
2017-10-20 20:08:11 -04:00
5a6da487ab
Land #9043 two exploit modules for unitrends backup
2017-10-20 20:00:35 -04:00
e8de6a46d5
Update ueb9_bpserverd.md
2017-10-20 12:21:17 -06:00
f938a1029b
Make note about stopping container after
2017-10-20 10:30:12 -07:00
e82cb4577d
Show module selection + config
2017-10-20 10:12:46 -07:00
a8b4d4e4a2
Link to gopher container
2017-10-20 10:04:09 -07:00
811bae7361
Add docker go(pher) example
2017-10-20 09:59:25 -07:00
c67a5872cd
Land #9055 , Add exploit for Sync Breeze HTTP Server
...
Land #9055
2017-10-13 17:34:03 -05:00
297ca25953
fix IPs
2017-10-12 21:40:27 -04:00
a63c947768
gopher proto
2017-10-12 21:32:01 -04:00
8cfd4928ed
Land #9069 , Add docs for scanner/http/open_proxy
2017-10-11 23:08:07 -05:00
d0e65a4177
Land #9068 , add doc for auxiliary/scanner/http/files_dir
...
Land #9068
2017-10-11 17:13:26 -05:00
eaf686f164
Fix format
2017-10-11 17:12:45 -05:00
3a8a85bbe5
Land #9065 , add doc for auxiliary/scanner/http/http_login
...
Land #9065
2017-10-11 17:09:35 -05:00
fc40fe0da2
Fix format
2017-10-11 17:08:49 -05:00
2503d2ab2e
Land #9067 , add doc for auxiliary/scanner/http/http_header
...
Land #9067
2017-10-11 17:03:29 -05:00
17b4678998
Fix format
2017-10-11 17:02:41 -05:00
72291d31fb
Update open_proxy.md
2017-10-12 03:29:49 +05:30
17d7faa96b
fixing typos
2017-10-12 03:00:09 +05:30
294230c455
Land #8509 , add Winsxs bypass for UAC
2017-10-11 16:24:52 -05:00
978ede363e
Land #9066 , add doc for http_version
...
Land #9066
2017-10-11 15:39:44 -05:00
1786634906
Land #9059 , Tomcat JSP Upload via PUT Bypass
2017-10-11 15:05:00 -05:00
8b3cc2b94f
Tweak format
2017-10-11 14:14:56 -05:00
03e7797d6c
fixed msftidy errors and added documentation
2017-10-11 07:57:01 -04:00
1c8871cbe3
Documentation on auxiliary module open_proxy
2017-10-11 16:29:56 +05:30
579cfed5f4
Documentation on auxiliary module files_dir
2017-10-11 16:15:19 +05:30
fcf6a1ec96
Documentation on http_header
2017-10-11 15:30:43 +05:30
e526b37e81
Fixing whitespaces
2017-10-11 15:18:51 +05:30
ee3b638b48
Changing description
2017-10-11 15:17:54 +05:30
7f1f862dc2
KB for http_version
2017-10-11 15:14:22 +05:30
ffa29de6c9
Update bypassuac_injection_winsxs.md
2017-10-11 11:43:28 +02:00
d64312c24f
Changing description
2017-10-11 14:55:48 +05:30
9ebf8328ee
adding colon
2017-10-11 14:51:53 +05:30
26c45f4c74
adding new sub heading
2017-10-11 14:47:19 +05:30
3f411a5559
separating sections
2017-10-11 14:45:34 +05:30
9ceaa39451
removing whitespaces
2017-10-11 14:44:01 +05:30
064f4d56aa
adding label
2017-10-11 14:43:06 +05:30
d32edfd53e
Documentation for http_login
2017-10-11 14:39:05 +05:30
e976a91b15
land #9053 RCE for rend micro imsva
2017-10-10 19:27:06 -04:00
59d03ec4db
Added markdown doc for documentation.
2017-10-10 13:05:29 -05:00
ab63caef7b
Land #9009 , Apache Optionsbleed module
2017-10-10 12:13:40 -05:00
fd0ce33341
Updated Module Documentation
2017-10-10 12:36:32 -04:00
850aeda097
land #9052 RCE of Trend Micro OfficeScan
2017-10-09 20:46:30 -04:00
a3d47ea838
Land #8989 , IBM Lotus Notes DoS (CVE-2017-1129)
2017-10-09 19:37:59 -05:00
b796c0be16
fixing docs
2017-10-09 20:31:23 -04:00
fd8b72ca66
Minor tweaks.
2017-10-09 17:02:24 -05:00
a2d32b460c
Fixing grammer issue
2017-10-09 22:31:13 +03:00
c14c93d450
Integrate OfficeScan 11 exploitation and fix grammer issues
2017-10-09 22:11:42 +03:00
395c82050b
Adding Trend Micro IMSVA Widget RCE
2017-10-08 18:15:32 +03:00
79c9123261
Adding Trend Micro OfficeScan widget rce module
2017-10-08 17:54:18 +03:00
d8ff99b1f6
Change to ARCH_X64, remove python dependency
2017-10-08 13:51:07 +02:00
015e30c4f3
land #9048 docs for xmas portscan
2017-10-07 15:50:41 -04:00
d28b023058
Update xmas.md
...
added requested changes.
2017-10-08 00:16:43 +05:30
7a87e11767
land #8781 Utilize Rancher Server to exploit hosts
2017-10-07 13:04:34 -04:00
fa98fe4fe6
Update xmas.md
...
removed blank spaces.
2017-10-07 14:20:19 +05:30
0e6843eae1
Update xmas.md
2017-10-07 04:40:28 -04:00
3092ad9ea0
Documentation for auxiliary/scanner/portscan/xmas
2017-10-07 04:23:40 -04:00
7535fe255f
land #8736 RCE for orientdb
2017-10-06 14:35:42 -04:00
e7aa06c1c4
fix documentation
2017-10-06 14:29:39 -04:00
36610b185b
initial commit for UEB9 exploits - CVE-2017-12477, CVE-2017-12478
2017-10-06 09:38:33 -06:00
7fe750422e
Update geutebrueck_gcore_x64_rce_bo.md
2017-10-06 15:41:12 +02:00
770547269b
added documentation, and fixed 4 to 2 indentation
2017-10-06 15:39:25 +02:00
c701a53def
Land #9018 , Add Bind Shell JCL Payload for z/OS
2017-10-05 17:24:50 -05:00
c5cc2f89a0
add docs for wlan_geolocate
2017-10-01 19:49:48 -04:00
701d628a1b
Features for selecting the target
2017-10-01 02:04:10 +02:00
9ae8bdda1c
Added Bind Shell JCL Payload for mainframe
...
The bind shell is the companion payload to the reverse_shell_jcl
payload for the mainframe platform.
2017-09-29 16:52:36 -05:00
9b75ef7c36
Land #8343 , qmail Shellshock module
2017-09-29 00:28:30 -05:00
f973ff13b6
Add some lines to Exploit Detection and Mitigation
2017-09-29 00:55:53 +02:00
40c58e3017
Function for selecting the target host
2017-09-28 23:43:59 +02:00
cc98e80002
Change arch to ARCH_X64
2017-09-28 20:50:18 +02:00
26108f5ac9
Create ibm_lotus_notes.md
2017-09-28 10:31:42 -05:00
2295146dcd
working optionsbleed module
2017-09-27 22:07:57 -04:00
66d6ac418a
Land #8978 , Add smb1 scanner
2017-09-26 16:06:41 -05:00
98ae054b06
Land #8931 , Node.js debugger exploit
2017-09-25 14:00:13 -05:00
273d49bffd
Land #8891 login scanner for Inedo BuildMaster
2017-09-24 13:30:17 -04:00
e6c4a87bda
documentation update
2017-09-24 13:29:34 -04:00
4d1e51a0ff
Land #8906 RCE for supervisor
2017-09-24 08:03:30 -04:00
9528f279a5
cleaned up version, and docs
2017-09-23 10:51:52 -04:00
3d543b75f5
Fixing typos and replacing double quotes with single
2017-09-21 23:48:12 +03:00
ee969ae8e5
Adding DenyAll RCE module
2017-09-19 14:53:37 +03:00
c584592a4b
Remove leftover IPs in docs
2017-09-18 15:12:42 -05:00
c953842c96
Added docs and additional dialects
2017-09-18 15:02:38 -05:00
d5362333e2
Land #8958 , Add Disk Pulse Enterprise web server buffer overflow
2017-09-15 13:34:22 -05:00
e3deaadcc7
Documentation added
2017-09-14 11:52:15 -05:00
b218cc3c7f
Merge branch 'master' into hw_auto_padding_fix
2017-09-11 18:30:34 -07:00
363e11850b
Added FC to documentation
2017-09-11 18:29:27 -07:00
5ae708081d
Wording, reviewer remarks
2017-09-11 23:25:10 +02:00
fc52ef9941
Land #8942 docs for syn port scanner
2017-09-10 10:03:34 -04:00
ddfa1d722b
fixed grammar
2017-09-10 10:02:07 -04:00
861f4a6201
Changes to buildmaster_login from code review
...
Use peer property in messages instead of rhost rport combination for consistency.
Documentation updated accordingly.
2017-09-09 18:00:04 -05:00
4ec72d7091
Update syn.md
2017-09-09 20:15:13 +05:30
8138396ab5
Update syn.md
2017-09-09 13:28:18 +05:30
8f864c27e3
Land #8924 , Add Apache Struts 2 REST Plugin XStream RCE
2017-09-08 13:59:52 -05:00
54a62976f8
update versions and add quick module docs
2017-09-08 13:59:29 -05:00
c91ef1f092
Land #8768 , Add Docker Daemon TCP exploit module
2017-09-08 12:50:00 -05:00
35ecc822f1
Update syn.md
2017-09-08 13:23:30 +05:30
bead7374de
syn.md
...
documentation for syn portscan
2017-09-08 02:57:46 -04:00
a0181a4d54
Land #8831 , Add Maven post-exploitation credential extraction module
...
Merge remote-tracking branch 'upstream/pr/8831' into upstream-master
2017-09-08 00:37:03 +02:00
c67e407c9c
Land #8880 , added Cisco Smart Install (SMI) scanner
2017-09-07 08:06:03 -05:00
a304df265c
fix spelling
2017-09-07 08:02:30 -05:00
637b83a0ea
add docs for nodejs debugger eval exploit
2017-09-06 22:29:46 -07:00
be66ed8af3
Land #8788 exploits for Gh0st and PlugX malware controllers
2017-09-05 20:42:07 -04:00
d05c401866
modules cleanup and add docs
2017-09-04 20:57:23 -04:00
52c8fff3cb
Make options a list
2017-08-30 03:10:46 +01:00
42ab00fd2c
Add documentation for module
2017-08-30 03:10:46 +01:00
202c936868
Land #8826 , git submodule remote command execution
2017-08-29 18:11:32 -05:00
8928197584
rename module docs so they are viewable
2017-08-29 18:09:30 -05:00
d5124fdc94
Land #8759 , Add TeamTalk Gather Credentials auxiliary module
2017-08-29 13:17:28 -05:00
e1b38ac3a3
fix malicious typo
2017-08-29 17:52:51 +08:00
5631ddc246
add docs for the git submodule vulnerability
2017-08-29 17:06:30 +08:00
5bf1d916bc
Fix uneven quotes in various documentation files
...
Uneven quotes lead to malformed markdown, which will not render as intended.
Even out the quotes in several files.
2017-08-26 19:12:48 -05:00
f785fe63ad
Grammar fix in buildmaster_login documentation
2017-08-26 18:35:13 -05:00
2e9d7cdf0a
Documentation formatting fix for buildmaster_login
2017-08-26 18:23:00 -05:00
7dfde651ea
Add login scanner module for Inedo BuildMaster
...
This module attempts to log into BuildMaster. BuildMaster is an application release automation tool.
More information about BuildMaster:
http://inedo.com/
2017-08-26 17:56:53 -05:00
682851ac59
Edit doc
2017-08-25 18:28:24 +02:00
899c2cc6fa
Land #8866 tcp scanner docs
2017-08-23 20:23:51 -04:00
a54ef94c79
style fixes
2017-08-23 20:20:31 -04:00
0fac36c2af
Update tcp.md
2017-08-23 10:36:56 +05:30
99dfc9901c
Update tcp.md
...
Adding documentation for tcp module
2017-08-23 10:36:08 +05:30
d254da5150
Update tcp.md
2017-08-23 10:23:28 +05:30
6fb90640b9
Update tcp.md
2017-08-23 10:02:21 +05:30
4c285c0129
Land #8827 , QNAP Transcode Server RCE
2017-08-22 23:07:01 -05:00
a0585dcb9e
Land #8872 docs for octopusdeploy_deploy
2017-08-22 21:36:44 -04:00
e4fc307ebb
Add docs
2017-08-22 15:12:02 -07:00
be2739d335
Transform loots into creds
2017-08-22 11:57:51 +02:00
7f8e6b83dc
Update documentation for exploit/windows/http/octopusdeploy_deploy
...
Remove self explanatory options.
2017-08-21 19:47:24 -05:00
60215297be
Update documentation for exploit/windows/http/octopusdeploy_deploy
...
Fix awkward wording.
2017-08-21 19:17:41 -05:00
de9392995a
Add documentation for exploit/windows/http/octopusdeploy_deploy
2017-08-21 19:11:36 -05:00
8f4fcb5094
tcp.md
...
This module does a complete full tcp scan of each port on the target host. It does a full 3 way handshake on each port.
2017-08-21 13:09:12 -04:00
eabe4001c2
Land #8492 , Add IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution module
2017-08-20 18:48:22 -05:00
cbd7790e95
Land #8751 , Add Asterisk Gather Credentials auxiliary module
2017-08-20 18:34:27 -05:00
840c0d5f56
Land #7808 , add exploit for VMware VDP with known ssh private key (CVE-2016-7456)
2017-08-20 17:36:45 -05:00
f7dc831e9a
Land #8799 , Add module to detect Docker, LXC, and systemd-nspawn containers
2017-08-20 14:45:57 -05:00
2eba188166
Land #8789 , Add COM class ID hijack method for bypassing UAC
2017-08-20 13:57:17 -05:00
cde319a5ec
Optim module and add doc
2017-08-18 19:30:41 +02:00
b0a4634b24
Update connect.md
...
Adding the command in installing gem "serialport".
2017-08-17 18:55:44 +08:00
3fcd248d3a
Add documentation
2017-08-17 09:51:09 +00:00
648dca7bdb
fix silly documentation mistake
2017-08-17 14:43:58 +08:00
1c44092ba9
Add module documentation for post/linux/gather/checkcontainer
2017-08-16 21:15:56 -05:00
408a83a36b
Added comhijack module documentation
2017-08-16 13:05:27 +10:00
6ac8ed490b
Add documentation file
2017-08-15 16:56:20 +02:00
60f7534969
Add documentation
2017-08-15 03:43:22 +00:00
68f569d8f5
Land #8809 , Add documentation for OSX meterpreter
2017-08-13 09:31:28 -04:00
4315c2d8ea
Land #8802 , single-char args for terp scripts
2017-08-10 01:29:55 -05:00
bb5fffebc4
Land #8796 , SMBLoris Denial of Service Module.
2017-08-09 16:24:55 -05:00
901a1fdd1b
Minor tweaks.
2017-08-09 15:44:32 -05:00
dd79aa3afb
Land #8627 , Add post module multi/gather/jenkins
2017-08-09 10:43:21 -05:00
9c87f5f52f
commands should be highlighted
2017-08-08 12:45:39 +08:00
eb3e07ee10
minor tweak since background is default now
2017-08-08 12:37:28 +08:00
61bb59d653
fix typos
2017-08-08 12:31:30 +08:00
0fde536691
add documentation for OSX meterpreter
2017-08-08 12:26:22 +08:00
46ca543712
add docs for Android APK injection
2017-08-07 15:56:48 +08:00
ed2286c637
Fix references to multi_console_command
2017-08-06 18:58:38 -05:00
e1576154fb
Document the new padding option.
2017-08-06 18:34:56 -05:00
289f03241b
add module documentation
...
add module docs for the new smbloris DoS
2017-08-04 16:10:44 -05:00
da3ca9eb90
update some documentation
2017-08-03 17:09:44 -05:00
67dddd2402
Typo reported by @nixawk
2017-08-02 15:47:21 -05:00
3229320ba9
Code review feedback from @nixawk
2017-08-02 15:46:51 -05:00
565a3355be
CVE-2017-8464 LNK Remote Code Execution Vulnerability
...
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain a dynamic icon, loaded from a
malicious DLL.
This vulnerability is a variant of MS15-020 (CVE-2015-0096). The
created LNK file is similar except in an additional
SpecialFolderDataBlock is included. The folder ID set in this
SpecialFolderDataBlock is set to the Control Panel. This is enought to
bypass the CPL whitelist. This bypass can be used to trick Windows into
loading an arbitrary DLL file.
2017-08-02 15:46:30 -05:00
d7d64286e2
Add documentation for exploit module Rancher Server - Docker Exploit
2017-07-28 08:04:59 +02:00
798dfe0b88
Add documentation
2017-07-26 10:18:23 +00:00
dd0c78484a
Fix mistake
2017-07-26 02:17:51 +02:00
cd418559bc
Docker Daemon - Unprotected TCP Socket Exploit
2017-07-26 00:21:35 +02:00
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
fe5c6dc28f
Orientdb 2.2.x RCE - Update documentation
2017-07-24 10:09:06 +01:00
7c55cdc1c8
fix some module documentation
...
3 modules got documentation landed in the wrong spot. This also fixes a few
typos and improves formatting.
2017-07-23 07:46:52 -07:00
6bb745744b
Land #8471 , Add VICIdial user_authorization Unauthenticated Command Execution module
2017-07-21 15:57:08 -05:00
00a817d228
Orientdb 2.2.x RCE - Add documentation
2017-07-20 09:03:26 +01:00
ffad0d1bbf
Land #8559 , Ipfire oinkcode exec
2017-07-19 14:31:18 -05:00
47f55b1c81
add documentation
2017-07-18 21:30:53 -04:00
e93e524c3b
Merge branch 'upstream-master' into feature/rdp-scanner
2017-07-17 13:46:59 -07:00
e5ef737c21
Add documentation
2017-07-17 13:45:12 -07:00
8f6cac9c37
Land #8652 , rpc console write exploit
...
lands pr for the metasploit rpc console write exploit
2017-07-14 14:47:35 -05:00
de230478eb
Land #8566 , Add ye olde NNTP Login Utility scanner module
2017-07-13 13:19:34 -05:00
59de7d3635
Land #8671 , Add a module for CVE-2017-7615
2017-07-12 14:58:02 -05:00
6cb956ea81
Update rfpwnon.md
2017-07-09 05:07:36 -04:00
f10cf75ae0
Fix some stuff
2017-07-09 10:45:15 +02:00
e1b9330136
Add some documentation
2017-07-09 02:25:11 +02:00
e3f95954ba
Minor doc update.
2017-07-07 16:54:56 -05:00
95ba5d61ce
Move documentation to correct folder
2017-07-07 16:54:56 -05:00
8e2ff7a4c5
Add command stager and code cleanup
2017-07-07 16:54:56 -05:00
8f464e17a1
Land #8658 , Add Gather PDF Authors auxiliary module
2017-07-07 16:20:29 -05:00
afc704aea5
Ad documentation
2017-07-07 18:54:48 +00:00
f4820d24fb
add a few more AKA references
2017-07-06 22:43:46 -05:00
b0c5d734ee
s/swith/switch/ - ok @bcoles
2017-07-06 07:03:06 -05:00
baff473cae
Add Metasploit RPC Console Command Execution module
2017-07-05 08:48:35 +00:00
aa387e96a7
Land #8577 , Add SurgeNews User Credentials scanner
2017-07-03 10:14:03 -05:00
h00die
Austin
William Vu
Steven Patterson
Jon Hart
caleBot
Wei Chen
William Webb
Indranil Roy
bwatters-r7
Jeffrey Martin
root
Ernesto Fernandez
jakxx
Pearce Barry
Mehmet Ince
Martin Pizala
Deepanshu Gajbhiye
M4P0
Maurice Popp
Brent Cook
bigendiansmalls
RootUp
loftwing
Craig Smith
james
dmohanty-r7
Patrick Thomas
Calum Hutton
Tim
Erik Lenoir
Jay Turla
Brendan Coles
OJ
Josh Hale
David Maloney
Yorick Koster
Ricardo Almeida
thesubtlety
Corey Harding
jvoisin