Commit Graph

1025 Commits (40fafaa270e6115a8460388a884414d2e7b38667)

Author SHA1 Message Date
nixawk 0a085c4e83 add doc for exploit/windows/fileformat/office_word_hta 2017-04-18 03:26:10 -05:00
itsmeroy2012 5f921859f0 adding hotlinks 2017-04-17 23:37:44 +05:30
itsmeroy2012 84220d6617 Minor edits 2017-04-17 23:30:07 +05:30
Brent Cook 7b936b0012
Land #8184, convert IPMI protocol and modules to bindata 2017-04-17 07:40:15 -05:00
Brent Cook 6f70efcfa1 add module documentation 2017-04-17 07:39:43 -05:00
Ahmed S. Darwish 7daec53106 huawei_hg532n_cmdinject: Improve overall documentation
- Add section on compiling custom binaries for the device
- Add documentation for Huawei's wget flavor (thanks @h00die)
- Abridge the module's info hash contents (thanks @wwebb-r7)
- Abridge the module's comments; reference documentation (@h00die)
2017-04-17 08:00:51 +02:00
mr_me f8c72df289 added some documentation 2017-04-16 08:41:52 -05:00
Ahmed S. Darwish 7b8e5e5016 Add Huawei HG532n command injection exploit 2017-04-15 21:01:47 +02:00
itsmeroy2012 477b78a75e adding : 2017-04-15 17:37:21 +05:30
itsmeroy2012 aae009a542 missed heading 2017-04-15 17:35:52 +05:30
itsmeroy2012 8ad80ea3d6 fixing whitespaces 2017-04-15 17:34:14 +05:30
itsmeroy2012 39b228bb39 fixing headings 2017-04-15 17:32:35 +05:30
itsmeroy2012 f573d004d2 KB for manageengine_connectionid_write 2017-04-15 17:30:44 +05:30
Brent Cook a9857eb1c2
Land #8099, Aux module to launch instances in AWS 2017-04-14 14:12:10 -05:00
Brent Cook eb61241673
Land #8228, New mainframe privesc payload for z/OS 2017-04-14 13:19:41 -05:00
dmohanty-r7 d75f852d01
Land #8167, Add MS17-010 auxiliary detection module 2017-04-14 13:00:16 -05:00
bigendiansmalls fa8011fd07 New mainframe privesc payload for z/OS
This module performs a privilege escaltion on mainframe systems
runing z/OS and using RACF for their security manager.  A user
with any non-privileged credentials and the ability to write to
an apf authorized library can use this payload to add "root level"
privileges (e.g. SPECIAL / BPX.SUPERUSER) to their profile.
2017-04-11 15:04:44 -05:00
William Webb c867b7e228
Land #8204, Add Cambian ePMP SNMP Configuration download 2017-04-11 10:59:13 -05:00
William Vu 288e384164
Land #8189, irssi password post gather module 2017-04-10 23:34:54 -05:00
h00die 376e791131 Merge branch 'master' into KB-for-rails_webconsole_v2 2017-04-10 20:03:03 -04:00
h00die 136030313d fix single tick to ` 2017-04-10 19:50:59 -04:00
Indranil Roy 7724797c73 fixing $ symbol 2017-04-10 19:45:48 -04:00
itsmeroy2012 c00fb64e9d Fixing code blocks 2017-04-10 19:45:48 -04:00
itsmeroy2012 b7562e5c36 Adding new lines 2017-04-10 19:45:48 -04:00
itsmeroy2012 88f6c90d4d Fixing white spaces 2017-04-10 19:45:48 -04:00
itsmeroy2012 53afe736af Fixing some headings 2017-04-10 19:45:48 -04:00
itsmeroy2012 16332cdf9b Adding KB for rails_webconsole_v2 2017-04-10 19:45:48 -04:00
Jonathan Claudius 4286559273
Update docs for irssi post gather 2017-04-10 15:35:05 -04:00
Jonathan Claudius 2dd60d8498
Add subsection to scenarios 2017-04-10 14:40:24 -04:00
Jonathan Claudius 70a41cfbce
Remove options section 2017-04-10 14:38:45 -04:00
Jonathan Claudius 17eb27002f
Remove unnecessary docs 2017-04-10 14:37:23 -04:00
Jonathan Claudius 211ee3f622
Add IRSSI docs 2017-04-10 14:35:47 -04:00
Indranil Roy 64aecb59a1 fixing $ symbol 2017-04-08 23:01:28 +05:30
itsmeroy2012 309876f2f6 Fixing code blocks 2017-04-08 22:43:58 +05:30
itsmeroy2012 8f6f3bdb20 Adding new lines 2017-04-08 20:17:23 +05:30
itsmeroy2012 a68b6f0ab9 Fixing white spaces 2017-04-07 04:29:31 +05:30
itsmeroy2012 604ba7f43b Fixing some headings 2017-04-07 04:27:50 +05:30
itsmeroy2012 0a98d0fa8d Adding KB for rails_webconsole_v2 2017-04-07 04:25:17 +05:30
juushya 074c4f6313 Minor update to description 2017-04-07 01:38:23 +05:30
juushya 3c189f0cb0 Adding Cambium SNMP Loot module 2017-04-07 01:32:45 +05:30
Christian Mehlmauer 74dc7e478f
update piwik module 2017-04-05 20:19:07 +02:00
Jonathan Claudius b6bf907cbd
Add docs for irssi_creds post gather 2017-04-05 09:54:22 -04:00
h00die 6c44edc58c
Land #8180 docs for iis_webdav_upload_asp 2017-04-04 16:37:08 -04:00
h00die a0ec93ded8 add newline 2017-04-04 16:35:46 -04:00
bwatters-r7 64c06a512e
Land #8020, ntfs-3g local privilege escalation 2017-04-04 09:48:15 -05:00
Indranil Roy 77d80b1a02 fixing newline 2017-04-03 17:04:45 +05:30
itsmeroy2012 fef10b7be8 fixing minor issues 2017-04-03 16:54:45 +05:30
Brent Cook 98ffa4d380
Land #7652, add varnish cache CLI authentication scanner module 2017-04-02 21:52:45 -05:00
Brent Cook 0c3ef4bf47 add note about later versions of Varnish 2017-04-02 21:52:20 -05:00
Brent Cook deb7701d3e tweak misshapen output in MD->HTML 2017-04-02 21:44:50 -05:00
h00die a34c01ebd2
Land #8137 shodan honeyscore module 2017-04-02 21:37:36 -04:00
Carter 3d860c2942 Change RHOST to TARGET 2017-04-02 21:10:42 -04:00
itsmeroy2012 3ada361357 removing twice exploit 2017-04-02 14:33:23 +05:30
itsmeroy2012 2c75526a12 Fixing white spaces 2017-04-02 14:31:11 +05:30
itsmeroy2012 da14a80e8d Fixing hashes 2017-04-02 14:28:04 +05:30
itsmeroy2012 85a95233c7 Documentation on iis_webdav_upload_asp 2017-04-02 14:26:29 +05:30
zerosum0x0 ff27edab14 added docs 2017-04-01 21:58:07 -06:00
William Webb 035f37cf42
Land #8144, Add Moxa Device Discovery Scanner Module 2017-03-31 19:11:27 -05:00
William Webb f870f94fa9
Land #8163, Add Cambium ePMP Arbitrary Command Execution 2017-03-31 19:06:19 -05:00
h00die 2b87923a19 fixes for markdown 2017-03-31 16:54:59 -04:00
h00die 823c1a6286 added more verifieds 2017-03-31 16:52:20 -04:00
dmohanty-r7 1ce7bf3938
Land #8126, Add SolarWind LEM Default SSH Pass/RCE 2017-03-31 11:21:32 -05:00
h00die eeea584bf8
Land #8152 docs for adobe_flash_hacking_team_uaf 2017-03-30 09:14:47 -04:00
h00die 9a0c455f9f add newline 2017-03-30 09:14:03 -04:00
bwatters-r7 691811af5a
Land #7994, Add Windows Gather DynaZIP Saved Password Extraction post module 2017-03-29 16:04:09 -05:00
wchen-r7 5bcddbd4a6
Land #8158, Add documentation for glassfish_deployer 2017-03-28 10:52:20 -05:00
wchen-r7 9f93bb052e Add installation instructions for GlassFish doc 2017-03-28 10:51:39 -05:00
itsmeroy2012 25f7835832 adding browser details 2017-03-28 08:09:28 +05:30
itsmeroy2012 4075580249 Correction a/an 2017-03-28 08:06:01 +05:30
h00die 09214bbb7d
land #8154 docs for axis2_deployer 2017-03-27 20:47:22 -04:00
juushya 30896d1fab Add Cambium ePMP Arbitrary Command Execution Module 2017-03-28 00:17:36 +05:30
William Webb 66a585ab41
Land #8050, Add Cambium ePMP System Hash Dumper 2017-03-27 12:08:53 -05:00
William Webb 935c59306b
Land #7897, Add Cambium ePMP 1000 Device Configuration file dumper 2017-03-27 12:05:11 -05:00
William Webb d705949b37
Land #7784, Cambium ePMP 1000 Login Scanner 2017-03-27 12:01:56 -05:00
Patrick DeSantis 925088bf2a Create moxa_discover.md 2017-03-27 11:44:03 -04:00
itsmeroy2012 a1a3a2af7c Documentation on glassfish_deployer updated 1.3 2017-03-27 19:26:51 +05:30
itsmeroy2012 ea9de67ebb Documentation on glassfish_deployer updated 1.2 2017-03-27 19:25:32 +05:30
itsmeroy2012 ccccb38a1a Documentation on glassfish_deployer updated 1.1 2017-03-27 19:24:46 +05:30
itsmeroy2012 8ad61a11c8 Documentation on glassfish_deployer 2017-03-27 19:23:39 +05:30
Carter b36836bb0a Fix grammar mistake 2017-03-27 00:05:18 -05:00
itsmeroy2012 4cba08a74d Documentation on adobe_flash_hacking_team_uaf updated 1.6 2017-03-26 22:55:13 +05:30
itsmeroy2012 48a56d8830 Documentation on axis2_deployer updated 1.4 2017-03-26 22:38:45 +05:30
itsmeroy2012 8d618ce6a3 Documentation on axis2_deployer updated 1.3 2017-03-26 22:36:41 +05:30
itsmeroy2012 2c47d798b6 Documentation on adobe_flash_hacking_team_uaf updated 1.5 2017-03-25 12:53:23 +05:30
itsmeroy2012 6b6dd73b09 Documentation on adobe_flash_hacking_team_uaf updated 1.4 2017-03-25 12:52:12 +05:30
Javier Godinez 6ba6cd01eb Updated documentation to detail aggregator 2017-03-24 22:57:48 -07:00
Carter 2a96190dac Create shodan_honeyscore.md 2017-03-24 22:25:33 -04:00
h00die 11b251b928
Land #8151 docs update for netgear_r7000_cgibin_exec 2017-03-24 19:49:53 -04:00
h00die 5f4e82bf69
Land #8131 docs for ms15-034 2017-03-24 19:45:36 -04:00
itsmeroy2012 b2e6c22fdf Documentation on adobe_flash_hacking_team_uaf updated 1.3 2017-03-25 04:02:43 +05:30
itsmeroy2012 cb65a4d909 Documentation on adobe_flash_hacking_team_uaf updated 1.2 2017-03-25 03:58:06 +05:30
itsmeroy2012 52ff073d51 Documentation on adobe_flash_hacking_team_uaf updated 1.1 2017-03-25 03:56:19 +05:30
itsmeroy2012 4b36a42eff Documentation on adobe_flash_hacking_team_uaf 2017-03-25 03:54:17 +05:30
Carter dd974612e8 Update netgear_r7000_cgibin_exec.md 2017-03-24 15:43:06 -04:00
Pearce Barry 9db2e9fbcd
Land #8146, Add Default Secret & Deserialization Exploit for Github Enterprise 2017-03-24 14:38:47 -05:00
wchen-r7 dfaec8bf3a
Land #8148, Add module documentation for axis2_deployer 2017-03-24 11:55:51 -05:00
dmohanty-r7 92c0748447
Land #8102, Add a plugin to notify new sessions via SMS 2017-03-24 11:17:59 -05:00
itsmeroy2012 03d6e4563c Documentation on axis2_deployer updated 1.2 2017-03-24 21:14:56 +05:30
itsmeroy2012 2f1eefebc7 Documentation on axis2_deployer updated 1.1 2017-03-24 21:12:33 +05:30
itsmeroy2012 ffacac10c7 Documentation on axis2_deployer 2017-03-24 21:06:19 +05:30
wchen-r7 3b062eb8d4 Update version info 2017-03-23 13:46:09 -05:00
wchen-r7 2488100996 Add bounty info 2017-03-23 11:13:47 -05:00
wchen-r7 196a0b6ac4 Add Default Secret & Deserialization Exploit for Github Enterprise 2017-03-23 10:40:31 -05:00
Mehmet Ince c87ea2107b
Add documentation 2017-03-23 12:49:50 +03:00
bwatters-r7 a93aef8b7a
Land #8086, Add Module Logsign Remote Code Execution 2017-03-22 11:33:49 -05:00
itsmeroy2012 b06d17baa1 Documentation on ms15_034_http_sys_memory_dump updated 1.5 2017-03-22 17:37:59 +05:30
William Vu 1a8e8402ae
Land #8113, SysGauge SMTP server validation sploit 2017-03-21 16:45:42 -05:00
bwatters-r7 69769b1ca4
Land #8036, Fix run_as_psh with domain accounts
Missed a commit in this PR last time due to typo updating
the PR before merge.
2017-03-21 09:17:59 -05:00
itsmeroy2012 00359b85c5 Documentation on ms15_034_http_sys_memory_dump updated 1.4 fixing white spaces 2017-03-21 19:43:35 +05:30
itsmeroy2012 d54e35f40e Documentation on ms15_034_http_sys_memory_dump updated 1.3 fixing white spaces 2017-03-21 17:40:07 +05:30
itsmeroy2012 07d88a71cf Documentation on ms15_034_http_sys_memory_dump updated 1.2 removing show opitions 2017-03-21 17:33:27 +05:30
Louis 662673ace8 Update run_as_psh.md 2017-03-21 10:51:04 +11:00
Pearce Barry c4279a837a Minor formatting/spelling/verbiage changes. 2017-03-20 17:37:12 -05:00
Craig Smith 2fde287424 Initial patch for rftransceiver (RfCat / YardstickOne) 2017-03-20 17:36:16 -05:00
itsmeroy2012 7ffa952dbb Documentation on ms15_034_http_sys_memory_dump updated 1.1 2017-03-20 21:33:33 +05:30
Pearce Barry 06ebb22a8f
Land #8065, Zigbee Hardware Bridge Extension 2017-03-20 10:44:15 -05:00
itsmeroy2012 46d46eef77 Documentation on ms15_034_http_sys_memory_dump 2017-03-20 19:18:58 +05:30
Louis e6afd68624 Update run_as_psh.md 2017-03-20 16:17:07 +11:00
h00die 35a952490d
Land #8130 docs for winrm_script_exec 2017-03-19 14:47:41 -04:00
itsmeroy2012 18fec876ce Documentation on winrm_script_exec updated 1.4 2017-03-19 23:43:08 +05:30
itsmeroy2012 90744b0162 Documentation on winrm_script_exec updated 1.3 2017-03-19 23:31:30 +05:30
itsmeroy2012 d22e43dedd Documentation on winrm_script_exec updated 1.2 2017-03-19 23:11:23 +05:30
itsmeroy2012 02a3b172b4 Documentation on winrm_script_exec updated 1.1 2017-03-19 21:52:46 +05:30
itsmeroy2012 5ab0129f0f Documentation on winrm_script_exec 2017-03-19 18:27:00 +05:30
Javier Godinez 26d344a0ef Initial checkin of launch instances module 2017-03-18 21:52:49 -07:00
h00die 06e6a973ce
land #7944 a scanner for Carlo Gavazzi energy meters 2017-03-18 10:35:43 -04:00
William Webb 1180bd6ed7
Land #8037, priv_migrate improvements 2017-03-17 13:19:51 -05:00
Pearce Barry 095a110e65
Code and doc tweaks (minor).
Only one behavior change in the scan loop of zstumbler.rb to, when doing a scan across all the channels, keep it from retrying channel 11 again one last time just before it exits.
2017-03-16 21:43:36 -05:00
Chris Higgins 7a12e446a0 Updated documentation and fixed module header. Whoops, copy/paste fail. 2017-03-16 21:28:24 -05:00
bwatters-r7 ab75794cd4
Land #8071, Add API to send an MMS message to mobile devices 2017-03-16 11:57:34 -05:00
James Lee 1daee6891e
Cosmetic 2017-03-16 11:37:14 -05:00
wchen-r7 d4ee254057
Land #8076, Add Easy File Sharing FTP Server Version 3.6 traversal 2017-03-15 16:17:13 -05:00
wchen-r7 8afe6a9061 Update easy_file_sharing_ftp and add documentation 2017-03-15 16:14:41 -05:00
Brent Cook b65919e7b1
Land #7956, Add QNAP NAS/NVR administrator hash disclosure 2017-03-15 11:12:59 -05:00
William Vu 94d445ff48 Remove an old habit with curl 2017-03-15 05:18:50 -05:00
William Vu f58c6b96d8 Add addendum to module doc 2017-03-15 05:03:35 -05:00
William Vu 559e426f37 Add module doc to appease the @h00die god 2017-03-15 04:48:49 -05:00
Chris Higgins b3fbbbee34 Spelling is hard 2017-03-14 23:34:00 -05:00
Chris Higgins cc4f18e6c5 Add sysgauge_client_bof module and documentation 2017-03-14 23:29:19 -05:00
wchen-r7 1736332638
Land #8103, Add CVE-2017-5638, Struts2 Content-Type OGNL injection 2017-03-14 16:10:49 -05:00
wchen-r7 295ac63a1c Add doc for struts2_content_type_ognl 2017-03-14 16:09:44 -05:00
wchen-r7 bb4d6e17c8 Resolve #8026, Add a plugin to notify new sessions via SMS
This plugin will notify you of a new session via SMS.

It also changes the SMS text format to MIME.

Resolve #8026
2017-03-13 16:13:59 -05:00
William Vu fe4f20c0cc
Land #7968, NETGEAR R7000 exploit 2017-03-10 16:02:30 -06:00
dmohanty-r7 25bfa88c46
Land #7877, Add mDNS query spoofing service 2017-03-10 15:44:57 -06:00
dmohanty-r7 45e0a3d0f8
Add module docs for mdns_response 2017-03-10 15:42:07 -06:00
Mehmet Ince 3ed42e5937
Adding iso download link to doc 2017-03-10 17:50:21 +03:00
Mehmet Ince f6bac3ae31
Add iso link to md file and change CheckCode code 2017-03-10 13:00:49 +03:00
wchen-r7 d6bc56d665 Update doc 2017-03-08 11:49:19 -06:00
wchen-r7 ed22902fd4 Support the subject field 2017-03-08 11:40:08 -06:00
William Vu 1c9a8907b6
Land #7949, nfsmount and snmp_login docs 2017-03-08 06:37:55 -06:00
Brent Cook 419a7d991f
Land #8057, web_deliver documentation improvements 2017-03-08 05:34:30 -05:00
Brent Cook 3820de67c3 style consistency, simplifications, and clarifications 2017-03-08 05:33:44 -05:00
Brent Cook 974e351300
Land #7953, rpc_portmapper docs
Merge remote-tracking branch 'upstream/pr/7953' into upstream-master
2017-03-08 05:11:33 -05:00
wchen-r7 036a443a41 Add Google Fi gateway 2017-03-07 17:02:32 -06:00
wchen-r7 dc13b84189 Bring mms branch up to date w/ master 2017-03-07 16:13:39 -06:00
Jin Qian 7e19486a97
Merge branch 'wchen-r7-sms' into upstream-master
Merged #8047
2017-03-07 15:56:00 -06:00
wchen-r7 d32f08f969 Add doc and fix mms message class 2017-03-07 14:40:37 -06:00
wchen-r7 6c53dd5231 Fix a typo 2017-03-07 12:50:59 -06:00
Craig Smith 97ad8be7ff Added some Zigbee Documentation 2017-03-06 22:42:15 -08:00
wchen-r7 34bca9055e Update doc 2017-03-06 11:08:51 -06:00
wchen-r7 7e16fc97f5 Update doc 2017-03-06 10:47:46 -06:00
h00die dfd492611c add shell to meterpreter upgrade example 2017-03-05 20:10:26 -05:00
h00die 4317aa10e1 @hurdlecrew recommendation 2017-03-05 13:45:23 -05:00
h00die 4f61fe992b spelling, formatting 2017-03-04 15:51:11 -05:00
h00die e2468d8f1e spelling, formatting 2017-03-04 15:48:26 -05:00
h00die feaa4b08e9 include example vuln pages 2017-03-04 15:40:52 -05:00
wolfthefallen 6c69e13e00 Updated based on comments 2017-03-04 11:28:30 -05:00
wolfthefallen 3e9480ebfa Added documentation 2017-03-04 09:50:30 -05:00
h00die f02c323c7e
land #8040, docs for ms14-064 2017-03-03 21:26:35 -05:00
h00die 8486624ed1 box to boxes 2017-03-03 21:19:01 -05:00
William Webb d76e80bc44
Land #7424, Ektron Webservices XSLT Remote Code Execution 2017-03-03 12:12:21 -06:00
wchen-r7 4d44911d5c Do doc for google fi 2017-03-03 11:38:47 -06:00
wchen-r7 d9b21b16a9 Support Google Project Fi gateway 2017-03-03 11:36:13 -06:00
wchen-r7 fa43928a8e Rm Sprint from doc 2017-03-03 11:27:31 -06:00
Rok Ajdnik 354fabe123
Address pull request feedback 2017-03-03 15:37:01 +01:00
wchen-r7 6ad8afb8b3 Add API to send a text message (SMS) to mobile devices 2017-03-02 16:47:55 -06:00
juushya fafd35330d Add epmp1000 dump hashes module 2017-03-03 02:22:34 +05:30
juushya 6bd09c142f Minor edits 2017-03-03 00:53:17 +05:30
Rok Ajdnik 6dbb7a2975
Add documentation for ms14_064_ole_code_execution 2017-03-01 20:05:20 +01:00
h00die fb5e090f15 fixes from jvoisin 2017-02-28 20:09:26 -05:00
Mehmet Ince e5636d6ce1
Adding logsign rce module and doc 2017-02-28 21:04:37 +03:00
Josh Hale e05e08a54f Update module doc 2017-02-27 20:33:45 -06:00
h00die da1e58d907 updates to doc template 2017-02-27 21:08:18 -05:00
h00die a910f38a11
land #8029 syntax fixes for some docs 2017-02-27 21:01:46 -05:00
h00die 8197d14f30 fix some documentation 2017-02-27 20:58:03 -05:00
h00die a8609f5c66 ntfs-3g lpe 2017-02-25 23:09:22 -05:00
h00die 041238f77c
land #7896 Binom3 power meter scanner and brute 2017-02-23 19:49:50 -05:00
wchen-r7 6a6c8c9828
Land #7997, Add SSH login and pubkey docs 2017-02-23 13:38:10 -06:00
wchen-r7 af8e64958e Small changes 2017-02-23 13:36:39 -06:00
William Vu 236606838a
Land #7987, MVPower DVR exploit 2017-02-23 01:46:04 -06:00
Brendan Coles c9e09491dd Add documentation 2017-02-23 07:44:45 +00:00
Brendan Coles 0b34efab43 Add documentation 2017-02-23 06:59:05 +00:00
William Vu bf47ac2fa9
chmod -x a couple module docs
Hat tip @bcoles.
2017-02-22 23:43:54 -06:00
h00die 6a7dab0b1c add key explain line 2017-02-22 22:15:05 -05:00
h00die aee6707713 ssh_login docs 2017-02-22 22:13:07 -05:00
bwatters-r7 40e6413867
Land #7980, Add a sploit for CVE-2017-5982, kodi file traversal 2017-02-22 13:11:48 -06:00
wchen-r7 48f6740fee
Land #7969, Add Module Trend Micro IMSVA Remote Code Execution 2017-02-21 17:29:04 -06:00
bwatters-r7 a9b9a58d4d
Land #7893, Add Module AlienVault OSSIM/USM Remote Code Execution 2017-02-21 13:35:56 -06:00
William Webb 83cc28a091
Land #7972, Microsoft Office Word Macro Generator OS X Edition 2017-02-21 13:26:42 -06:00
jvoisin 73eed104a9 Take into account @h00die's comments. 2017-02-20 13:22:20 +01:00