34f074441d
Move doc
2017-02-16 12:33:05 -06:00
c9e8254611
Update netgear_r7000_cgibin_exec.md
2017-02-16 09:00:27 -05:00
af62fe9f6d
Update netgear_r7000_cgibin_exec.md
2017-02-16 08:58:45 -05:00
d775c66adf
Start docs
2017-02-16 08:44:36 -05:00
843f559069
land #7917 piwik exploit module
2017-02-14 00:52:27 -05:00
d7f675534b
add documention
2017-02-13 23:11:46 +01:00
272d1845fa
Land #7934 , Add exploit module for OpenOffice with a malicious macro
2017-02-09 13:42:58 -06:00
188f7370d4
Fix grammar issues
2017-02-09 11:53:11 -06:00
cf8aad9ee5
Add demo
2017-02-08 16:51:25 -06:00
3e2e15c7b8
Add doc for openoffice_document_macro
2017-02-08 16:41:42 -06:00
fdbed0f6db
Updating documentation with a new download page url
2017-02-03 23:39:43 +03:00
e891063b74
Update doc
2017-02-03 14:29:29 -06:00
5db1d958b0
Update doc
2017-02-03 14:08:28 -06:00
6e692b1a1c
Update doc
2017-02-03 14:03:48 -06:00
f3f774b9c7
Add demo
2017-02-03 12:01:51 -06:00
92e065c21b
Update doc
2017-02-03 11:48:18 -06:00
2457968a24
Update doc
2017-02-03 11:45:34 -06:00
e9ba6fe7fd
Add doc
2017-02-02 20:42:46 -06:00
40108c2374
first commit
2017-01-31 14:15:46 +03:00
eef61cb3a4
Update harakiri.md
...
Based on review from @h00die
2017-01-29 18:02:12 +01:00
dd60fc3598
move cisco_webex_ext to exploits/windows/browser/
2017-01-27 16:59:20 -06:00
6a58a3d8e5
Update cisco_webex_ext doc
2017-01-27 15:36:57 -06:00
a2eb380fd9
Update harakiri.md
2017-01-27 10:32:43 +01:00
651f1a0870
Create harakiri.md
2017-01-27 10:31:12 +01:00
cc9ecf34c9
remove mention of hp dataprotector from module doc
2017-01-26 13:42:34 -06:00
94f9971300
add module doc and remove the word EXPLOIT from document title
2017-01-26 13:36:18 -06:00
f4db90edeb
Land #7852 , Firefox nsSMILTimeContainer::NotifyTimeChange() rce
2017-01-23 11:56:01 -06:00
ff2b8dcf99
Revert "Land #7605 , Mysql privilege escalation, CVE-2016-6664" - premature merge
...
This reverts commit 92a1c1ece49b16cdf602
2017-01-22 19:16:33 -06:00
92a1c1ece4
Land #7605 , Mysql privilege escalation, CVE-2016-6664
2017-01-22 17:17:28 -06:00
19f485b0ef
Land #7830 , Added docs for tomcat_mgr_deploy and tomcat_mgr_upload
2017-01-22 11:04:13 -06:00
58c1f6f67d
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into trend_micro_imsva_exec
2017-01-22 11:18:34 +03:00
b6d93c05c8
actually save the correct module doc
2017-01-20 12:15:59 -06:00
2513b5bbe5
add inital module documentation
2017-01-20 11:52:09 -06:00
905213cc41
Add module for DiskSavvy Enterprise (EDB-40854)
2017-01-19 20:34:00 +01:00
c2c352c2ac
Adding Trend Micro IMSVA module
2017-01-18 11:34:16 +03:00
4c5e046146
fixes deploy and upload
2017-01-15 20:31:33 -05:00
32271318e5
removed gui stuff since it should be in tomcat_mgr_upload
2017-01-15 19:11:58 -05:00
b61ca669cf
more fixes
2017-01-15 13:13:18 -05:00
8e988460b5
more fixes with check
2017-01-15 13:10:49 -05:00
f7276a6a39
more cleanup
2017-01-15 11:56:11 -05:00
bed08db43c
more to edit
2017-01-14 19:17:37 -05:00
1615df92ef
first add still incomplete
2017-01-14 13:31:39 -05:00
b4c8a50c00
first add still incomplete
2017-01-14 13:26:02 -05:00
64550a188a
Land #7797 , Add module for DiskBoss Enterprise (EDB-40869)
2017-01-13 08:55:24 -06:00
abab1f17c9
Merge master to cisco_cve_2016_6433 and make sure I have the latest
2017-01-11 14:39:52 -06:00
a3930d3488
Minor documentation improvements
2017-01-11 08:00:12 +01:00
960c1a1434
Update docs to reflect the final phpmailer module
2017-01-10 17:44:22 -05:00
1a00ef3679
Add documentation
2017-01-10 23:00:18 +01:00
704604066b
Update doc
2017-01-09 13:25:37 -06:00
b2dc8c25f8
Update doc
2017-01-09 13:24:38 -06:00
a59ca569e7
Add doc
2017-01-09 11:55:01 -06:00
1a4c239120
added default password of root account to documentation
2017-01-03 12:51:27 -05:00
245a7deb67
correct copy&paste mistake in module documentation
2017-01-03 06:51:50 -05:00
a3ad3803df
added module documentation
2017-01-03 06:49:50 -05:00
6584da718a
got docs
2016-12-30 15:16:08 -05:00
10e419e979
Land #7454 , add CVE-2013-6282, put_user/get_user exploit for Android
2016-12-24 14:46:54 -06:00
de9b8da12e
add device information to documentation
2016-12-24 15:34:02 +05:30
16f2dc43e0
add documentation for put_user_vroot
2016-12-24 00:33:48 +08:00
c5d7fba3bf
Fix missing space
2016-12-22 03:36:58 -06:00
934b05e736
Land #7310 , at(1) persistence module
2016-12-22 03:33:58 -06:00
b65a62ba93
Clean up module
2016-12-22 03:33:08 -06:00
1d6ee7192a
Land #7427 , new options for nagios_xi_chained_rce
2016-11-30 17:11:02 -06:00
b0cd28ef4c
Update module docs
2016-11-30 17:10:57 -06:00
6f70323460
Minor misspelling mistakes and corrected the check of the mysqld process
2016-11-25 19:03:23 +00:00
acfd214195
Mysql privilege escalation
...
Documentation, compiled binary and final implementation.
Completed the documentation, added the missing compiled binary and a
final and tested implementation of the module.
2016-11-19 11:24:29 +00:00
0182594fb0
fix docs to reflect name change
2016-11-18 13:55:29 -05:00
cfd31e32c6
renaming per @bwatters-r7 comment in #7491
2016-11-18 13:52:09 -05:00
b6f097c035
Correct a few misspellings
2016-11-15 08:08:20 -06:00
b56b6a49ac
Land #7328 , Extend lsa_transname_heap exploit to MIPS
2016-11-15 07:37:19 -06:00
312f33afa3
minor formatting updates
2016-11-15 07:36:54 -06:00
1dae206fde
Land #7379 , Linux Kernel BPF Priv Esc (CVE-2016-4557)
2016-11-11 16:50:20 -06:00
31b593ac67
Land #7402 , Add Linux local privilege escalation via overlayfs
2016-11-01 12:46:40 -05:00
97b7819a08
Adding documentation for lsatransnames_heap
2016-10-31 14:47:19 +00:00
c38281706d
h00die's suggested changes
2016-10-30 23:22:09 +00:00
efc65dbb0c
Language
2016-10-30 04:59:40 +00:00
48e585b66c
Removing sample documentation lines.
2016-10-30 04:58:02 +00:00
1ddd31029e
Adding documentation for ektron_xslt_exec_ws exploit module.
2016-10-30 04:52:36 +00:00
f9041bc89a
Address pull request feedback for module docs
2016-10-29 18:50:16 -04:00
89376102db
Add documentation for jenkins_script_console
2016-10-29 16:50:47 -04:00
d918e25bde
Land #7439 , Add Ghostscript support to ImageMagick Exploit
2016-10-28 17:07:13 -05:00
d6785a437e
Add module docs for imagemagick_delegate
2016-10-28 17:02:09 -05:00
9a0307b0c0
Land #7369 , Panda Antivirus Priv Esc
2016-10-21 13:20:41 -05:00
40054a6c01
docs table
2016-10-20 20:54:35 -04:00
12e4fe1c5c
updated dlls and docs
2016-10-20 20:45:50 -04:00
0d1fe20ae5
revamped
2016-10-15 20:57:31 -04:00
dd1e8ff964
fix a few typos in KB
2016-10-14 13:01:51 -05:00
cfddc734a8
Land #7286 , WiFi pineapple preconfig command injection module
2016-10-14 12:57:42 -05:00
e05a325786
Land #7285 , WiFi pineapple command injection via authentication bypass
2016-10-14 12:57:05 -05:00
1c9914acb1
add module doc
2016-10-14 12:46:19 -05:00
d36940260f
add module doc
2016-10-14 12:44:17 -05:00
2a308f76b1
Update rails_dynamic_render_code_exec.md
2016-10-10 22:43:24 -05:00
f2252bb179
fixed a few things, thanks @h00die
2016-10-10 22:30:01 -05:00
2ad82ff8e3
more nagios versatility
2016-10-10 10:21:49 -04:00
d1a11f46e8
Land #7418 , Linux recvmmsg Priv Esc (CVE-2014-0038)
2016-10-09 18:37:52 -05:00
f9060b0ac7
fixed doc numbering
2016-10-09 00:02:18 -04:00
2dfebe586e
working cve-2014-0038
2016-10-08 23:58:09 -04:00
b77a910205
Land #7355 , allwinner post to local exploit conversion
2016-10-08 21:38:54 -05:00
df597a7bb7
add module documentation
2016-10-08 20:17:54 -05:00
27cf5c65c4
working module
2016-10-04 23:21:53 -04:00
7b0a8784aa
additional doc updates
2016-09-29 19:02:16 -04:00
c036c258a9
cve-2016-4557
2016-09-29 05:23:12 -04:00
7a108e2102
updated docs w/ error codes on failed attempts
2016-09-27 20:26:04 -04:00
35a2b3e59d
working panda
2016-09-27 20:15:17 -04:00
6382fffc75
Land #7326 , Linux Kernel Netfilter Privesc
2016-09-26 12:38:50 -05:00
23e5556a4c
binary drops work!
2016-09-24 21:31:00 -04:00
cba297644e
post to local conversion
2016-09-22 22:08:24 -04:00
3dff41c833
documentation update
2016-09-22 21:06:31 -04:00
04f8f7a0ea
Land #7266 , Add Kaltura Remote PHP Code Execution
2016-09-21 17:14:49 -05:00
fb00d1c556
Another minor grammer changes
2016-09-20 19:23:28 +03:00
513d8a8163
Edit fail
2016-09-20 10:51:12 -05:00
e1155fed77
Minor changes to grammar
2016-09-20 10:34:03 -05:00
385428684f
Move module and docs under the exploit/linux/http folder
2016-09-20 12:45:23 +03:00
0a58ada1da
Add missing steps and cite original wiki URL
2016-09-20 01:38:46 +03:00
4f85a1171f
reexploit and other docs and edits added
2016-09-18 08:51:27 -04:00
d70cbf4ba7
Add documentation includes how to install Kaltura
2016-09-17 23:12:47 +03:00
1b7f706c6b
added doc note
2016-09-16 01:57:36 -04:00
2e42e0f091
first commit
2016-09-16 01:54:49 -04:00
030e09c9c6
Land #7322 , drupal_drupageddon module docs
2016-09-16 00:40:18 -05:00
a9502bfe9e
drupageddon docs
2016-09-15 13:29:06 -04:00
373655c41d
Land #7314 , Module documentation for exagrid_privkey
2016-09-14 20:41:25 -05:00
18fa897644
Add initial at_persistence documentation
2016-09-14 16:06:15 -07:00
01327f0265
Land #7245 , NetBSD mail.local privilege escalation module
2016-09-14 16:07:12 -05:00
10dc30fe2a
remove example line
2016-09-14 09:27:22 -04:00
117790caac
adding docs
2016-09-14 01:13:13 -04:00
82da4b5072
forgot to save docs
2016-08-26 20:02:20 -04:00
5dff01625d
working code
2016-08-25 21:32:25 -04:00
0b73786e10
avoid bad filter
2016-08-22 11:47:39 -05:00
1065b4cfe2
Linked the zip file
2016-08-23 00:33:04 +08:00
f2e2cb6a5e
cant transfer file
2016-08-21 19:42:29 -04:00
139d431230
eliminate space
2016-08-20 04:17:22 +08:00
51a2354fea
Add KB for multi/http/caidao_php_backdoor_exec
2016-08-20 04:12:31 +08:00
2b6576b038
Land #7012 , Linux service persistence module
2016-08-17 22:45:35 -05:00
c64d91457f
Land #7003 , cron/crontab persistence module
2016-08-17 22:45:16 -05:00
8654baf3dd
Land #6880 , add a module for netcore/netdis udp 53413 backdoor
2016-08-08 15:43:34 -05:00
89417304b0
Fix format for netcore_udp_53413_backdoor.md
2016-08-08 15:42:46 -05:00
a48487578c
Land #7165 , Add documentation for juniper_backdoor, brocade_enable_login, and werkzeug_debug_rce
2016-08-01 15:46:20 -05:00
abf435d6c2
Land #6960 , Auth bypass for Polycom HDX video endpoints
2016-08-01 14:02:50 -05:00
5309f2e4fb
endpoints, not end points
2016-08-01 14:02:17 -05:00
50c918f889
update documentation with verification
2016-08-01 13:59:00 -05:00
38138e66d2
adding docs for #4888 #5697 #6731
2016-07-29 23:11:57 -04:00
b2a521475a
adding sparse docs
2016-07-29 22:02:11 -04:00
be65f2c4d3
add module doc
2016-07-26 20:26:22 -05:00
4720d77c3a
Land #6965 , centreon useralias exec
2016-07-26 15:02:36 -07:00
c21971cb4e
Added some info on problems encountered during testing.
2016-07-26 14:59:18 -07:00
5a9f2423c4
forgot python
2016-07-20 14:16:57 -04:00
56b1565955
updated docs for step by step install of software
2016-07-20 12:48:28 -04:00
d0e1c67c18
Land #7026 , Add Action Pack render exploit CVE-2016-2098
2016-07-07 16:16:37 -05:00
201750a31b
Add documentation for rails_actionpack_inline_exec
2016-07-07 16:15:51 -05:00
d923a5d42d
typos in mod docs
2016-07-05 22:52:35 -05:00
899ea558e3
added module doc for ms16_016_webdav
2016-07-05 22:12:35 -05:00
70a79bb0e8
Land #7014 , Nagios remote root shell exploit
2016-07-01 08:17:38 -07:00
d42d9f8557
Add module docs to appease the Thao god
2016-07-01 01:17:27 -05:00
c2b4e22b46
updated with discovered changes from k kali & documentation update changes requested.
2016-06-27 01:53:20 -04:00
1c20122648
fedora compatibility, added naming options
2016-06-25 08:43:55 -04:00
5e1b7d8c0f
even more clean up.
2016-06-23 14:59:11 -07:00
63d8787101
added back (new) usage examples for nodejs,java,ruby,php.
2016-06-23 14:56:46 -07:00
ff741fbc35
Rename for docs
2016-06-23 14:53:49 -05:00
92522138c5
Remove the RC files
2016-06-23 14:52:23 -05:00
fbd0bc4308
updated as per @egypt & @todb-r7 recommendations.
2016-06-23 11:41:54 -04:00
47e4321424
CVE-2016-5641
2016-06-23 06:09:37 -07:00
a3b08418b9
fixed markdown
2016-06-22 20:32:51 -04:00
35e3fb3e2f
fixed markdown
2016-06-22 20:15:29 -04:00
bc293e2a8b
fixed bad markup
2016-06-22 20:10:25 -04:00
18a3bf5f62
service persistence
2016-06-22 19:22:18 -04:00
de5152401a
Land #6992 , Add tiki calendar exec exploit
2016-06-22 11:18:14 -05:00
8697d3d6fb
Update tiki_calendar_exec module and documentation
2016-06-22 11:17:45 -05:00
9cb57d78d7
updated check and docs that 14.2 may not be vuln
2016-06-21 16:48:09 -04:00
4b8f572976
cron persistence
2016-06-20 21:45:04 -04:00
6fe7698b13
follow redirect automatically
2016-06-19 20:24:54 -04:00
ddfd015310
functionalized calendar call, updated docs
2016-06-19 08:53:22 -04:00
1db10eec39
slight documentation update
2016-06-18 13:27:46 -04:00
3feff7533b
tiki calendar
2016-06-18 13:11:11 -04:00
9ea0b8f944
Land #6934 , Adds exploit for op5 configuration command execution
2016-06-16 14:36:10 -05:00
cfb034fa95
fixes all previously identified issues
2016-06-15 20:58:04 -04:00
1d27538545
Missing a word
2016-06-14 14:15:28 -05:00
a7c778b852
Update magento_unserialize.md
2016-06-14 11:15:25 -05:00
bd6eecf7b0
centreon useralias first add
2016-06-11 20:57:18 -04:00
7cdadca79b
Land #6945 , Add struts_dmi_rest_exec exploit
2016-06-08 23:16:46 -05:00
dff60d96c8
Add mod doc for struts_dmi_rest_exec and update struts_dmi_exec.md
2016-06-08 23:15:44 -05:00
c4aa99fdac
Land #6925 , ipfire proxy exec
2016-06-07 10:24:59 -05:00
7e84c808b2
Merge remote-tracking branch 'upstream/pr/6924' into dev
2016-06-07 09:24:25 -05:00
b59d10d9c4
Land #6929 , Add HP Data Protector Encrypted Comms exploit
2016-06-06 22:45:53 -05:00
d8d6ab3ae8
Add hp_dataprotector_encrypted_comms.md
2016-06-06 22:45:17 -05:00
1dad9bf7fa
Correct module doc path for magento_unserialize.md
2016-06-02 17:12:39 -05:00
184802d7d1
Add documentation for magento_unserialize
2016-06-02 17:10:26 -05:00
68d647edf1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into op5
2016-06-01 18:05:18 -04:00
52d5028548
op5 config exec
2016-06-01 15:07:31 -04:00
3163af603d
md fix
2016-05-30 10:25:49 -04:00
057947d7e8
ipfire proxy exec
2016-05-30 10:24:17 -04:00
9b5e3010ef
doc/module cleanup
2016-05-30 06:33:48 -04:00
df55f9a57c
first add of ipfire shellshock
2016-05-29 20:40:12 -04:00
cf0176e68b
Land #6867 , Add Dell SonicWALL Scrutinizer 11.0.1 MethodDetail SQL Injection
2016-05-16 19:00:10 -05:00
21d74a64fe
Land #6874 , Improve exploit for CVE-2016-0854
2016-05-14 11:08:17 -05:00
9114e01ed9
update doc
2016-05-13 23:31:38 -05:00
a940481f62
Land #6834 , Authorized FTP JCL exploit for z/OS
2016-05-13 21:29:45 -05:00
3b5db26ff5
Fix #6872 , change upload action for CVE-2016-0854 exploit
...
This patch includes the following changes:
* Instead of the uploadFile action, this patch uses uploadImageCommon
to be able to support both Advantech WebAccess builds: 2014 and
2015.
* It uses an explicit check instead of the passive version check.
* It cleans up the malicious file after getting a session.
* Added module documentation to explain the differences between
different builds of Advantech WebAccess 8.0s, and 8.1.
Fix #6872
2016-05-13 19:47:18 -05:00
2d5cf6cfe4
Authorized FTP JCL exploit for z/OS
...
This exploit module allows a user with credentials to execute JCL on a
vulnerable mainframe system running z/OS and an appropriately configured
FTP server.
2016-05-12 14:46:31 -05:00
756673fcd7
Fix another typo
2016-05-12 00:13:53 -05:00
9d128cfd9f
Add Dell SonicWALL Scrutinizer 11.0.1 MethodDetail SQL Injection
2016-05-11 22:27:18 -05:00
027855def4
Add module documentation for struts_dmi_exec
2016-05-02 15:43:34 -05:00
7e5fced46b
MS-1196 Minor edits to the kb for the web_delivery module
2016-03-22 12:26:55 -05:00
4c42a74d48
MS-1195 minor grammatical edits to psexec kb
2016-03-21 14:18:16 -05:00
698f425821
Auto <hr>
2016-03-08 11:25:15 -06:00
03eb568af7
Add --- to make sections to stand out more
2016-03-05 15:17:19 -06:00
f4866fd5f0
Update template and web_delivery doc
2016-03-03 01:27:14 -06:00
11964c5c1a
Add remote exploit demo and web_delivery doc
2016-03-02 19:52:11 -06:00
eede7c9193
Link to WbemExec writeup
2016-03-02 11:05:33 -06:00
e615e1072e
Update information about SMBv1
2016-03-02 10:51:45 -06:00
d4c433e29f
Update psexec.md
2016-03-01 19:29:25 -06:00
876a5b55f9
Update psexec.md
2016-03-01 19:06:40 -06:00
f27d24fd60
Add module documentation for psexec
2016-03-01 18:52:47 -06:00
99d593e9a0
missing an of
2016-03-01 15:11:29 -06:00
552f2a148b
Add documentation for ms08_067_netapi
2016-03-01 15:09:30 -06:00
3125c99e45
Remove this fake doc
2016-02-24 15:17:18 -06:00
509a1e8de1
Add manual for demo purposes
2016-02-16 23:18:29 -06:00
wchen-r7
Carter
h00die
Christian Mehlmauer
bwatters-r7
Mehmet Ince
Mark Bergman (aka xychix)
William Webb
Brent Cook
Gabor Seljan
Spencer McIntyre
phroxvs
Tim
William Vu
x2020
Pearce Barry
Jan Mitchell
Catatonic Prime
dmohanty-r7
mr_me
Brent Cook
Jon Hart
h00die
Jay Turla
Vex Woo
Scott Lee Davis
Tod Beardsley
Bigendian Smalls
tdoan-r7