Brent Cook
520e890520
Land #8581 , VMware Workstation ALSA Config File Local Privilege Escalation
2018-01-03 21:35:57 -06:00
Wei Chen
b8dde2e650
Land #9360 , Ayukov NFTP FTP client buffer overflow vulnerability
...
Land #9360
2018-01-03 20:56:12 -06:00
Wei Chen
04cf3017c0
Update ayukov_nftp exploit and module documentation
2018-01-03 20:52:57 -06:00
William Vu
c3f10c1d57
Land #9336 , Linksys WVBR0-25 exploit
2018-01-03 18:13:44 -06:00
headlesszeke
589de0483b
Clarification in product linkage and small syntax fixup in repro steps
2018-01-03 17:00:26 -06:00
dmohanty-r7
a5fa63405f
Land #9206 , Add Xplico RCE exploit module
2018-01-03 16:02:51 -06:00
headlesszeke
3b0f0aa358
Adding doc file for module linksys_wvbr0_user_agent_exec_noauth
2018-01-02 14:54:18 -06:00
wetw0rk
8f0e41e159
requested changes
2018-01-01 17:30:43 -06:00
wetw0rk
bc088cb379
added md
2018-01-01 05:46:04 -06:00
Daniel Teixeira
76d345039d
Create ayukov_nftp.md
2017-12-31 15:42:32 +00:00
HD Moore
54159c29eb
Add documentation line from h00die
2017-12-29 16:14:28 -06:00
h00die
3516305517
land #9191 an exploit against HP LoadRunner magentproc
2017-12-29 16:35:43 -05:00
h00die
b698095c49
slight updates to magentproc docs
2017-12-29 16:30:32 -05:00
Jeffrey Martin
bb97467b31
docs for auxiliary/scanner/http/directadmin_login
2017-12-29 14:43:20 -06:00
h00die
67c2119736
oh brother
2017-12-29 14:16:34 -05:00
Vishal Gupta
b43c6078a1
updated
2017-12-28 18:24:57 -05:00
Vishal Gupta
1a7850bd51
updated
2017-12-28 18:21:55 -05:00
Vishal Gupta
2672550c62
deprecated
2017-12-28 18:19:04 -05:00
Vishal Gupta
53fc25560e
updated
2017-12-28 18:13:41 -05:00
Vishal Gupta
d3fdc539b7
updated
2017-12-28 18:09:27 -05:00
Vishal Gupta
6736b125f6
updated
2017-12-28 18:08:28 -05:00
Vishal Gupta
398fe3c8e8
updated
2017-12-28 18:07:04 -05:00
Vishal Gupta
59940feacc
corrected grammatical error
2017-12-28 17:55:04 -05:00
Vishal Gupta
339c7b3bc2
Updated
2017-12-28 17:53:02 -05:00
HD Moore
eb696ee5cf
Documentation update
2017-12-28 16:30:04 -06:00
Brent Cook
5e71be7772
add ard_root_pw documentation
2017-12-28 14:37:25 -06:00
HD Moore
b86fd551a3
Add a WIP of the module documentation
2017-12-28 14:00:03 -06:00
Brent Cook
ae17943d4c
fix documentation preformat blocks
2017-12-27 22:32:26 -06:00
Jon Hart
bbed7db13c
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-27 13:08:44 -08:00
Tod Beardsley
e6de25d63b
Land #9316 Cambium modules and mixins, tx @juushya
...
These cover several of the CVEs mentioned in
https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
2017-12-26 12:39:51 -06:00
b0yd
7aa296577e
Added readme
2017-12-22 14:34:35 -05:00
Jon Hart
d4bc98c13f
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-22 08:07:40 -08:00
William Vu
caae33b417
Land #9170 , Linux UDF for mysql_udf_payload
2017-12-21 20:48:24 -06:00
Jon Hart
917e9aa328
Doc READ_TIMEOUT
2017-12-20 19:10:49 -08:00
Jon Hart
962bc71d10
Merge branch 'feature/mqtt' into feature/mqtt-login
2017-12-20 18:58:36 -08:00
Jon Hart
9c0df54f36
syntax
2017-12-20 18:54:09 -08:00
Jon Hart
fa1536209a
syntax
2017-12-20 18:52:34 -08:00
Jon Hart
508253eadc
More docs
2017-12-20 18:51:44 -08:00
Jon Hart
0f72ce1ee5
Add WIP documentation for auxiliary/scanner/mqtt/connect
2017-12-20 18:45:10 -08:00
Nick Marcoccio
86ce3c8781
Made suggested changes and added documentation
2017-12-20 15:54:16 -05:00
Brent Cook
a8b845fff9
Land #9283 , Add node.js ws websocket library DoS module
2017-12-20 14:20:42 -06:00
Tod Beardsley
8c1f1696af
Kill trailing whitespace in docs
2017-12-18 17:35:49 -06:00
Tod Beardsley
4aa480d655
Land #9311 , docs for #9180
2017-12-18 17:34:55 -06:00
Tod Beardsley
c2b8d23854
Kill trailing whitespace
2017-12-18 16:56:09 -06:00
Tod Beardsley
65da14c165
Adding docs for modules
2017-12-18 16:47:43 -06:00
Jon Hart
a33ed82a40
Land #9214 , @realoriginal's update to the Cisco SMI scanner to also fetch Cisco IOS configs
2017-12-18 12:22:26 -08:00
Ryan Knell
369d74cdb2
Updating documentation
...
Added a missing backtick
2017-12-18 10:34:00 -05:00
William Vu
76823e9fe6
Land #9183 , Jenkins Groovy XStream RCE
2017-12-18 03:38:27 -06:00
Pearce Barry
880a1d4283
Land #9312 , Module acting as a Pyrotechnical Device Deployment Tool (PDT) for Hardware Bridge
2017-12-17 18:32:28 -06:00
Pearce Barry
8344401484
Add docs, minor tweaks.
2017-12-17 18:15:49 -06:00
RootUp
95e2f1da95
Update samsung_browser_sop_bypass.md
2017-12-17 11:02:24 +05:30
RootUp
53a098a7f3
Update samsung_browser_sop_bypass.md
2017-12-16 22:46:29 +05:30
RootUp
6b54fe6775
Create samsung_browser_sop_bypass.md
2017-12-16 22:26:08 +05:30
Brent Cook
c6a2ae2551
Land #9248 , Add wd_mycloud_multiupload_upload exploit
2017-12-13 18:51:02 -06:00
h00die
c0a534140d
Land #9284 a regex dos for ua_parser_js npm module
2017-12-13 19:31:49 -05:00
h00die
544e4e3d0b
fix md formatting
2017-12-13 19:30:50 -05:00
Nicholas Starke
dd5532c5de
Addressing Formatting Issues
...
There were several formatting and layout issues
that are fixed in this commit. Also changing
`RHOSTS` to `RHOST`.
2017-12-13 14:26:27 -06:00
Wei Chen
b99663fb6c
Bring #9282 up to date with upstream-master
2017-12-13 13:16:30 -06:00
Wei Chen
37514eec17
Land #9234 , Add exploit for ClickJacking vuln for pfSense
...
Land #9234
2017-12-12 14:56:21 -06:00
Wei Chen
6149f51273
Land #9256 , Add aux module to discover WSDD enabled devices
...
Land #9256
2017-12-12 11:55:42 -06:00
Matthew Kienow
d79b0ad981
Land #9286 , Advantech WebAccess webvrpcs BOF RCE
2017-12-12 00:25:56 -05:00
Pearce Barry
7f93cca446
Land #9288 , Add Dup Scout Enterprise login buffer overflow
2017-12-11 17:12:20 -06:00
Nicholas Starke
2d23054a1f
Changes as per comments
...
A few things were changed as per the PR comments:
1) The module title was reworded
2) The module description was multi-lined
3) Negative logic was rewritten to use 'unless'
4) Strings which did not require interpolation were rewritten
5) Documentation markdown was added.
2017-12-11 14:11:40 -06:00
Vishal Gupta
da9e2a981a
added auxiliary/scanner/dcerpc/tcp_dcerpc_auditor.md
2017-12-11 12:48:32 -05:00
Vishal Gupta
10cf5557c2
added auxiliary/scanner/dcerpc/management.md
2017-12-11 12:45:20 -05:00
Vishal Gupta
02e9b4cd6b
added auxiliary/scanner/dcerpc/hidden.md
2017-12-11 12:38:46 -05:00
mr_me
f8977ed72c
added some fixes
2017-12-11 11:34:17 -06:00
Vishal Gupta
c3e7d93bcb
added auxiliary/scanner/dcerpc/endpoint_mapper.md
2017-12-11 12:27:04 -05:00
Vishal Gupta
4de6b4f4fa
added auxiliary/scanner/discovery/udp_sweep.md
2017-12-11 12:08:18 -05:00
Vishal Gupta
5d5051d2ed
added auxiliary/scanner/discovery/udp_probe.md
2017-12-11 12:04:50 -05:00
Vishal Gupta
499f2dd55d
added auxiliary/scanner/discovery/ipv6_neighbor.md
2017-12-11 11:58:49 -05:00
Ryan Knell
c5f218c84c
Addressing comments
...
1. Updated documentation
2. Made the Sec-WebSocket-Key header a random value
2017-12-11 11:49:31 -05:00
Vishal Gupta
36f5ccad3d
updated
2017-12-11 11:49:15 -05:00
Vishal Gupta
25235c8ca5
auxiliary/scanner/smb/smb_enumshares.md
2017-12-11 11:44:27 -05:00
Vishal Gupta
c6740f88e9
auxiliary/scanner/smb/smb2.md
2017-12-11 11:39:36 -05:00
Vishal Gupta
dee2137350
auxiliary/scanner/smb/pipe_dcerpc_auditor.md
2017-12-11 11:25:44 -05:00
Vishal Gupta
fd775a056c
auxiliary/scanner/smb/pipe_auditor.md
2017-12-11 11:22:03 -05:00
Vishal Gupta
885c61df24
auxiliary/scanner/mssql/mssql_sql.md
2017-12-11 01:39:47 -05:00
Vishal Gupta
d6f6faee3a
auxiliary/scanner/mssql/mssql_idf.md
2017-12-11 01:32:43 -05:00
Vishal Gupta
2757fabbfc
auxiliary/scanner/mssql/mssql_ping.md
2017-12-11 01:15:44 -05:00
Vishal Gupta
282ae1509f
auxiliary/scanner/mysql/mysql_version.md
2017-12-11 00:49:21 -05:00
Vishal Gupta
92053fb1da
updated
2017-12-11 00:43:58 -05:00
Vishal Gupta
b3f9398dbb
auxiliary/scanner/mysql/mysql_login.md
2017-12-11 00:38:03 -05:00
Vishal Gupta
0929acf88c
updated
2017-12-09 21:43:05 -05:00
Vishal Gupta
455b31ea05
updated
2017-12-09 21:32:23 -05:00
Vishal Gupta
5b910a2576
updated
2017-12-09 21:31:03 -05:00
Vishal Gupta
52d426d5c0
added more info
2017-12-09 21:23:17 -05:00
Vishal Gupta
76d60cb334
auxiliary/scanner/http/cert.md
2017-12-09 21:14:40 -05:00
Vishal Gupta
c90a7f62fe
auxiliary/scanner/http/dir_scanner.md
2017-12-09 21:07:45 -05:00
Vishal Gupta
5aa2f4a553
auxiliary/scanner/http/dir_webdav_unicode_bypass.md
2017-12-09 20:43:42 -05:00
Vishal Gupta
90ea07a7e1
auxiliary/scanner/http/ssl.md
2017-12-09 20:04:53 -05:00
Vishal Gupta
ccc4cf7e13
updated
2017-12-09 19:41:52 -05:00
Vishal Gupta
464ad769ac
auxiliary/scanner/http/wordpress_login_enum.md
2017-12-09 19:39:24 -05:00
Vishal Gupta
acbc46768f
updated
2017-12-09 19:37:59 -05:00
Vishal Gupta
34e89c6171
auxiliary/scanner/http/webdav_website_content.md
2017-12-09 19:14:15 -05:00
Vishal Gupta
3116c1041b
auxiliary/scanner/http/verb_auth_bypass.md
2017-12-09 19:03:57 -05:00
Vishal Gupta
3674448b1b
added webdav_scanner.md
2017-12-09 18:44:15 -05:00
Chris Higgins
3a14ac3b37
Fixed a spelling error in documentation
2017-12-09 02:30:42 -06:00
Chris Higgins
e91830efe7
Add Dup Scout Enterprise login buffer overflow
2017-12-09 02:20:05 -06:00
Ryan Knell
668585a1f9
Adding documentation
...
Adding module documentation for ws_dos.
2017-12-08 15:52:57 -05:00
mr_me
073ffcb3bc
added some docs
2017-12-07 16:58:14 -06:00
Austin
900f7d6f69
docs on options
2017-12-07 14:47:40 -05:00
Austin
12425d962c
Rename office_dde_delivery to office_dde_delivery.md
2017-12-06 22:40:57 -05:00
Austin
1e4b707a60
MS Office DDE Documentation
2017-12-06 21:46:47 -05:00
Brent Cook
ce2db3cd87
Land #9275 , CVE-2017-11882 (docs fix)
2017-12-05 10:16:54 -06:00
Austin
14226c5f33
missing docs on options
...
Missed fixes on documentation
2017-12-04 20:58:36 -05:00
William Webb
69b01d26bb
Land #9226 , Microsoft Office OLE object memory corruption
2017-12-04 16:50:27 -08:00
Austin
b7f17f5519
fix documentation
2017-12-04 16:41:27 -05:00
Brent Cook
f83e9815dd
Land #9210 , Add a Polycom HDX RCE
2017-12-04 12:49:35 -06:00
Brendan Coles
775529277f
Add documentation
2017-11-29 17:37:34 +00:00
bwatters-r7
9dc3d60fc2
Stupid Typos
2017-11-29 10:29:38 -06:00
bwatters-r7
efa8d566d7
Added documentation for iamroot
2017-11-29 10:26:06 -06:00
Zenofex
d174ef3a70
Add wd_mycloud_multiupload_upload exploit
2017-11-28 07:12:00 -06:00
bwatters-r7
244acc48b6
Land #9212 , pfsense group member exec module
2017-11-27 11:27:29 -06:00
Austin
43ff4f12e5
update docs
2017-11-22 06:57:35 -05:00
Yorick Koster
b5994bde79
Update pfsense_clickjacking.md
2017-11-22 11:10:47 +01:00
Yorick Koster
5b5c5520e6
Update pfsense_clickjacking.md
2017-11-22 11:09:54 +01:00
Yorick Koster
916ee05cce
Add exploit module for Clickjacking vulnerability in CSRF error page pfSense
2017-11-22 11:06:22 +01:00
Austin
73c692fb65
fix docs
2017-11-21 21:31:06 -05:00
Jon Hart
879db5cf38
Land #9050 , @mpizala's improvements to the docker_daemon_tcp module
2017-11-21 17:13:24 -08:00
Matthew Kienow
b6c81e6da0
Reimplement slowloris as external module
2017-11-21 16:21:01 -05:00
Daniel Teixeira
aa16288140
Update slow_loris.md
2017-11-21 15:49:45 -05:00
Daniel Teixeira
6d2007a4db
Update slow_loris.md
2017-11-21 15:49:44 -05:00
Daniel Teixeira
fbb9e9d473
Update slow_loris.md
2017-11-21 15:49:44 -05:00
Daniel Teixeira
4419c0d851
Create slow_loris.md
2017-11-21 15:49:44 -05:00
Austin
fcf2cfa134
Create office_ms17_11882.md
2017-11-21 14:45:56 -05:00
Martin Pizala
90d6165e68
bypass user namespaces docs
2017-11-19 22:10:39 +01:00
h00die
b7f7afb3be
version detect, 2.2.6 handling
2017-11-19 08:28:07 -05:00
Austin
40bb622b7a
update docs
...
Updating documentation
2017-11-18 13:07:24 -05:00
Pushpam Kumar
c3c8ec761d
Merge remote-tracking branch 'upstream/master'
2017-11-17 00:16:43 +05:30
Austin
74a1b405c4
action addition DOWNLOAD
2017-11-16 12:46:31 -05:00
h00die
f8891952c6
pfsense group member exec module
2017-11-15 21:00:58 -05:00
Adam Cammack
c740f4369c
Land #9197 , Cleanup Mako Server exploit
2017-11-15 15:01:31 -06:00
Austin
256bf5a5ca
Create polycom_hdx_traceroute_exec.md
2017-11-15 10:38:53 -05:00
Mehmet İnce
54936b6ac3
Updatig documentation and tweaking initiate_session
2017-11-15 01:04:06 +03:00
Mehmet İnce
86e47589b0
Add xplico remote code execution
2017-11-14 09:30:57 +03:00
Pushpam Kumar
44e69f1c5d
Documentation for Kaltura <= 13.1.0 RCE (CVE-2017-14143)
2017-11-14 02:46:29 +05:30
William Vu
f3e2f4d500
Land #9167 , D-Link DIR-850L exploit
2017-11-10 18:15:39 -06:00
William Vu
3936d3baa1
Clean up module
2017-11-10 18:15:22 -06:00
Steven Patterson
df2b62dc27
Add Mako Server CMD injection Linux support, update docs, move to multi
2017-11-10 16:28:39 -05:00
h00die
52888871e3
Land #8747 RCE for Geutebrueck GCore on Windows
2017-11-08 20:22:54 -05:00
h00die
7ad151e68b
gcore formatting update
2017-11-08 20:21:40 -05:00
Adam Cammack
39916ef61a
Land #9133 , Command injection in Mako Server examples
2017-11-08 15:11:01 -06:00
Patrick Webster
d95b333ae9
Added exploit module for HP LoadRunner command exec vuln CVE-2010-1549.
2017-11-09 03:59:18 +11:00
bwatters-r7
5a07be9b96
Land #9041 , Add LPE on Windows using CVE-2017-8464
2017-11-08 10:09:03 -06:00
bwatters-r7
19e3e181c1
Fix compiling instructions
2017-11-08 09:36:32 -06:00
Spencer McIntyre
fa8d017579
Change documentation from a first person context
2017-11-08 09:29:46 -05:00
bwatters-r7
11093b8393
Added documentation
2017-11-08 08:07:06 -06:00
Pearce Barry
fc87ee08d9
Land #9060 , IBM Lotus Notes DoS (CVE-2017-1130).
2017-11-07 11:20:12 -06:00
attackdebris
d770406049
Add docs
2017-11-07 10:58:28 -05:00
RootUp
85b8b4116a
Create ibm_lotus_notes2.md
2017-11-07 12:08:08 +05:30
h00die
c9e3b8816b
remove old name
2017-11-04 13:53:04 -04:00
h00die
9236aff6ee
forgot to add my docs
2017-11-04 13:51:41 -04:00
Austin
646c7f7c0a
update doc
2017-11-04 11:40:32 -04:00
Austin
40bcb3f0c8
update documentation
2017-11-03 09:09:51 -04:00
h00die
697031eb36
mysql UDF now multi
2017-11-03 05:26:05 -04:00
Austin
caad1bbf27
Create dlink_dir850l_unauth_exec.md
2017-11-02 15:54:45 -04:00
William Vu
e3ac6b8dc2
Land #9109 , wp-mobile-detector upload and execute
2017-11-01 13:25:16 -05:00
Steven Patterson
8613852ee8
Add Mako Server v2.5 command injection module/docs
2017-10-26 23:29:11 -04:00
h00die
cd35ae4661
Land #9106 negear dgn1000 unauth rce module
2017-10-22 22:18:53 -04:00
h00die
210f6f80b7
netgear1000dng cleanup
2017-10-22 22:17:40 -04:00
Austin
e9fdb5bd94
Create netgear_dgn1000_unauth_setup_exec.md
2017-10-22 16:54:06 -04:00
h00die
cfd7761818
wp_mobile_detector rce
2017-10-20 23:19:58 -04:00
Jon Hart
9658776adf
Land #9079 , adding @h00die's gopher scanner
2017-10-20 17:16:08 -07:00
h00die
f250e15b6e
Land #9105 rename psh to polycom for name collision
2017-10-20 20:10:57 -04:00
h00die
fd028338e1
move psh to polycom so no more powershell name collision
2017-10-20 20:08:11 -04:00
h00die
5a6da487ab
Land #9043 two exploit modules for unitrends backup
2017-10-20 20:00:35 -04:00
caleBot
e8de6a46d5
Update ueb9_bpserverd.md
2017-10-20 12:21:17 -06:00
Jon Hart
f938a1029b
Make note about stopping container after
2017-10-20 10:30:12 -07:00
Jon Hart
e82cb4577d
Show module selection + config
2017-10-20 10:12:46 -07:00
Jon Hart
a8b4d4e4a2
Link to gopher container
2017-10-20 10:04:09 -07:00
Jon Hart
811bae7361
Add docker go(pher) example
2017-10-20 09:59:25 -07:00
Wei Chen
c67a5872cd
Land #9055 , Add exploit for Sync Breeze HTTP Server
...
Land #9055
2017-10-13 17:34:03 -05:00
h00die
297ca25953
fix IPs
2017-10-12 21:40:27 -04:00
h00die
a63c947768
gopher proto
2017-10-12 21:32:01 -04:00
William Webb
8cfd4928ed
Land #9069 , Add docs for scanner/http/open_proxy
2017-10-11 23:08:07 -05:00
Wei Chen
d0e65a4177
Land #9068 , add doc for auxiliary/scanner/http/files_dir
...
Land #9068
2017-10-11 17:13:26 -05:00
Wei Chen
eaf686f164
Fix format
2017-10-11 17:12:45 -05:00
Wei Chen
3a8a85bbe5
Land #9065 , add doc for auxiliary/scanner/http/http_login
...
Land #9065
2017-10-11 17:09:35 -05:00
Wei Chen
fc40fe0da2
Fix format
2017-10-11 17:08:49 -05:00
Wei Chen
2503d2ab2e
Land #9067 , add doc for auxiliary/scanner/http/http_header
...
Land #9067
2017-10-11 17:03:29 -05:00
Wei Chen
17b4678998
Fix format
2017-10-11 17:02:41 -05:00
Indranil Roy
72291d31fb
Update open_proxy.md
2017-10-12 03:29:49 +05:30
itsmeroy2012
17d7faa96b
fixing typos
2017-10-12 03:00:09 +05:30
bwatters-r7
294230c455
Land #8509 , add Winsxs bypass for UAC
2017-10-11 16:24:52 -05:00
Wei Chen
978ede363e
Land #9066 , add doc for http_version
...
Land #9066
2017-10-11 15:39:44 -05:00
Jeffrey Martin
1786634906
Land #9059 , Tomcat JSP Upload via PUT Bypass
2017-10-11 15:05:00 -05:00
Wei Chen
8b3cc2b94f
Tweak format
2017-10-11 14:14:56 -05:00
root
03e7797d6c
fixed msftidy errors and added documentation
2017-10-11 07:57:01 -04:00
itsmeroy2012
1c8871cbe3
Documentation on auxiliary module open_proxy
2017-10-11 16:29:56 +05:30
itsmeroy2012
579cfed5f4
Documentation on auxiliary module files_dir
2017-10-11 16:15:19 +05:30
itsmeroy2012
fcf6a1ec96
Documentation on http_header
2017-10-11 15:30:43 +05:30
itsmeroy2012
e526b37e81
Fixing whitespaces
2017-10-11 15:18:51 +05:30
itsmeroy2012
ee3b638b48
Changing description
2017-10-11 15:17:54 +05:30
itsmeroy2012
7f1f862dc2
KB for http_version
2017-10-11 15:14:22 +05:30
Ernesto Fernandez
ffa29de6c9
Update bypassuac_injection_winsxs.md
2017-10-11 11:43:28 +02:00
itsmeroy2012
d64312c24f
Changing description
2017-10-11 14:55:48 +05:30
itsmeroy2012
9ebf8328ee
adding colon
2017-10-11 14:51:53 +05:30
itsmeroy2012
26c45f4c74
adding new sub heading
2017-10-11 14:47:19 +05:30
itsmeroy2012
3f411a5559
separating sections
2017-10-11 14:45:34 +05:30
itsmeroy2012
9ceaa39451
removing whitespaces
2017-10-11 14:44:01 +05:30
itsmeroy2012
064f4d56aa
adding label
2017-10-11 14:43:06 +05:30
itsmeroy2012
d32edfd53e
Documentation for http_login
2017-10-11 14:39:05 +05:30
h00die
e976a91b15
land #9053 RCE for rend micro imsva
2017-10-10 19:27:06 -04:00
bwatters-r7
59d03ec4db
Added markdown doc for documentation.
2017-10-10 13:05:29 -05:00
William Vu
ab63caef7b
Land #9009 , Apache Optionsbleed module
2017-10-10 12:13:40 -05:00
jakxx
fd0ce33341
Updated Module Documentation
2017-10-10 12:36:32 -04:00
h00die
850aeda097
land #9052 RCE of Trend Micro OfficeScan
2017-10-09 20:46:30 -04:00
Pearce Barry
a3d47ea838
Land #8989 , IBM Lotus Notes DoS (CVE-2017-1129)
2017-10-09 19:37:59 -05:00
h00die
b796c0be16
fixing docs
2017-10-09 20:31:23 -04:00
Pearce Barry
fd8b72ca66
Minor tweaks.
2017-10-09 17:02:24 -05:00
Mehmet Ince
a2d32b460c
Fixing grammer issue
2017-10-09 22:31:13 +03:00
Mehmet Ince
c14c93d450
Integrate OfficeScan 11 exploitation and fix grammer issues
2017-10-09 22:11:42 +03:00
Mehmet Ince
395c82050b
Adding Trend Micro IMSVA Widget RCE
2017-10-08 18:15:32 +03:00
Mehmet Ince
79c9123261
Adding Trend Micro OfficeScan widget rce module
2017-10-08 17:54:18 +03:00
Martin Pizala
d8ff99b1f6
Change to ARCH_X64, remove python dependency
2017-10-08 13:51:07 +02:00
h00die
015e30c4f3
land #9048 docs for xmas portscan
2017-10-07 15:50:41 -04:00
Deepanshu Gajbhiye
d28b023058
Update xmas.md
...
added requested changes.
2017-10-08 00:16:43 +05:30
h00die
7a87e11767
land #8781 Utilize Rancher Server to exploit hosts
2017-10-07 13:04:34 -04:00
Deepanshu Gajbhiye
fa98fe4fe6
Update xmas.md
...
removed blank spaces.
2017-10-07 14:20:19 +05:30
Deepanshu Gajbhiye
0e6843eae1
Update xmas.md
2017-10-07 04:40:28 -04:00
Deepanshu Gajbhiye
3092ad9ea0
Documentation for auxiliary/scanner/portscan/xmas
2017-10-07 04:23:40 -04:00
h00die
7535fe255f
land #8736 RCE for orientdb
2017-10-06 14:35:42 -04:00
h00die
e7aa06c1c4
fix documentation
2017-10-06 14:29:39 -04:00
caleBot
36610b185b
initial commit for UEB9 exploits - CVE-2017-12477, CVE-2017-12478
2017-10-06 09:38:33 -06:00
M4P0
7fe750422e
Update geutebrueck_gcore_x64_rce_bo.md
2017-10-06 15:41:12 +02:00
Maurice Popp
770547269b
added documentation, and fixed 4 to 2 indentation
2017-10-06 15:39:25 +02:00
Brent Cook
c701a53def
Land #9018 , Add Bind Shell JCL Payload for z/OS
2017-10-05 17:24:50 -05:00
h00die
c5cc2f89a0
add docs for wlan_geolocate
2017-10-01 19:49:48 -04:00
Martin Pizala
701d628a1b
Features for selecting the target
2017-10-01 02:04:10 +02:00
bigendiansmalls
9ae8bdda1c
Added Bind Shell JCL Payload for mainframe
...
The bind shell is the companion payload to the reverse_shell_jcl
payload for the mainframe platform.
2017-09-29 16:52:36 -05:00
William Vu
9b75ef7c36
Land #8343 , qmail Shellshock module
2017-09-29 00:28:30 -05:00
Martin Pizala
f973ff13b6
Add some lines to Exploit Detection and Mitigation
2017-09-29 00:55:53 +02:00
Martin Pizala
40c58e3017
Function for selecting the target host
2017-09-28 23:43:59 +02:00
Martin Pizala
cc98e80002
Change arch to ARCH_X64
2017-09-28 20:50:18 +02:00
RootUp
26108f5ac9
Create ibm_lotus_notes.md
2017-09-28 10:31:42 -05:00
h00die
2295146dcd
working optionsbleed module
2017-09-27 22:07:57 -04:00
bwatters-r7
66d6ac418a
Land #8978 , Add smb1 scanner
2017-09-26 16:06:41 -05:00
William Vu
98ae054b06
Land #8931 , Node.js debugger exploit
2017-09-25 14:00:13 -05:00
h00die
273d49bffd
Land #8891 login scanner for Inedo BuildMaster
2017-09-24 13:30:17 -04:00
h00die
e6c4a87bda
documentation update
2017-09-24 13:29:34 -04:00
h00die
4d1e51a0ff
Land #8906 RCE for supervisor
2017-09-24 08:03:30 -04:00
h00die
9528f279a5
cleaned up version, and docs
2017-09-23 10:51:52 -04:00
Mehmet Ince
3d543b75f5
Fixing typos and replacing double quotes with single
2017-09-21 23:48:12 +03:00
Mehmet Ince
ee969ae8e5
Adding DenyAll RCE module
2017-09-19 14:53:37 +03:00
loftwing
c584592a4b
Remove leftover IPs in docs
2017-09-18 15:12:42 -05:00
loftwing
c953842c96
Added docs and additional dialects
2017-09-18 15:02:38 -05:00
William Webb
d5362333e2
Land #8958 , Add Disk Pulse Enterprise web server buffer overflow
2017-09-15 13:34:22 -05:00
loftwing
e3deaadcc7
Documentation added
2017-09-14 11:52:15 -05:00
Craig Smith
b218cc3c7f
Merge branch 'master' into hw_auto_padding_fix
2017-09-11 18:30:34 -07:00
Craig Smith
363e11850b
Added FC to documentation
2017-09-11 18:29:27 -07:00
Martin Pizala
5ae708081d
Wording, reviewer remarks
2017-09-11 23:25:10 +02:00
h00die
fc52ef9941
Land #8942 docs for syn port scanner
2017-09-10 10:03:34 -04:00
h00die
ddfa1d722b
fixed grammar
2017-09-10 10:02:07 -04:00
james
861f4a6201
Changes to buildmaster_login from code review
...
Use peer property in messages instead of rhost rport combination for consistency.
Documentation updated accordingly.
2017-09-09 18:00:04 -05:00
Deepanshu Gajbhiye
4ec72d7091
Update syn.md
2017-09-09 20:15:13 +05:30
Deepanshu Gajbhiye
8138396ab5
Update syn.md
2017-09-09 13:28:18 +05:30
Brent Cook
8f864c27e3
Land #8924 , Add Apache Struts 2 REST Plugin XStream RCE
2017-09-08 13:59:52 -05:00
Brent Cook
54a62976f8
update versions and add quick module docs
2017-09-08 13:59:29 -05:00
dmohanty-r7
c91ef1f092
Land #8768 , Add Docker Daemon TCP exploit module
2017-09-08 12:50:00 -05:00
Deepanshu Gajbhiye
35ecc822f1
Update syn.md
2017-09-08 13:23:30 +05:30
Deepanshu Gajbhiye
bead7374de
syn.md
...
documentation for syn portscan
2017-09-08 02:57:46 -04:00
Brent Cook
a0181a4d54
Land #8831 , Add Maven post-exploitation credential extraction module
...
Merge remote-tracking branch 'upstream/pr/8831' into upstream-master
2017-09-08 00:37:03 +02:00
Brent Cook
c67e407c9c
Land #8880 , added Cisco Smart Install (SMI) scanner
2017-09-07 08:06:03 -05:00
Brent Cook
a304df265c
fix spelling
2017-09-07 08:02:30 -05:00
Patrick Thomas
637b83a0ea
add docs for nodejs debugger eval exploit
2017-09-06 22:29:46 -07:00
h00die
be66ed8af3
Land #8788 exploits for Gh0st and PlugX malware controllers
2017-09-05 20:42:07 -04:00
h00die
d05c401866
modules cleanup and add docs
2017-09-04 20:57:23 -04:00
Calum Hutton
52c8fff3cb
Make options a list
2017-08-30 03:10:46 +01:00
Calum Hutton
42ab00fd2c
Add documentation for module
2017-08-30 03:10:46 +01:00
Brent Cook
202c936868
Land #8826 , git submodule remote command execution
2017-08-29 18:11:32 -05:00
Brent Cook
8928197584
rename module docs so they are viewable
2017-08-29 18:09:30 -05:00
Pearce Barry
d5124fdc94
Land #8759 , Add TeamTalk Gather Credentials auxiliary module
2017-08-29 13:17:28 -05:00
Tim
e1b38ac3a3
fix malicious typo
2017-08-29 17:52:51 +08:00
Tim
5631ddc246
add docs for the git submodule vulnerability
2017-08-29 17:06:30 +08:00
james
5bf1d916bc
Fix uneven quotes in various documentation files
...
Uneven quotes lead to malformed markdown, which will not render as intended.
Even out the quotes in several files.
2017-08-26 19:12:48 -05:00
james
f785fe63ad
Grammar fix in buildmaster_login documentation
2017-08-26 18:35:13 -05:00
james
2e9d7cdf0a
Documentation formatting fix for buildmaster_login
2017-08-26 18:23:00 -05:00
james
7dfde651ea
Add login scanner module for Inedo BuildMaster
...
This module attempts to log into BuildMaster. BuildMaster is an application release automation tool.
More information about BuildMaster:
http://inedo.com/
2017-08-26 17:56:53 -05:00
Erik Lenoir
682851ac59
Edit doc
2017-08-25 18:28:24 +02:00
h00die
899c2cc6fa
Land #8866 tcp scanner docs
2017-08-23 20:23:51 -04:00
h00die
a54ef94c79
style fixes
2017-08-23 20:20:31 -04:00
Deepanshu Gajbhiye
0fac36c2af
Update tcp.md
2017-08-23 10:36:56 +05:30
Deepanshu Gajbhiye
99dfc9901c
Update tcp.md
...
Adding documentation for tcp module
2017-08-23 10:36:08 +05:30
Deepanshu Gajbhiye
d254da5150
Update tcp.md
2017-08-23 10:23:28 +05:30
Deepanshu Gajbhiye
6fb90640b9
Update tcp.md
2017-08-23 10:02:21 +05:30
William Vu
4c285c0129
Land #8827 , QNAP Transcode Server RCE
2017-08-22 23:07:01 -05:00
h00die
a0585dcb9e
Land #8872 docs for octopusdeploy_deploy
2017-08-22 21:36:44 -04:00
Jon Hart
e4fc307ebb
Add docs
2017-08-22 15:12:02 -07:00
Erik Lenoir
be2739d335
Transform loots into creds
2017-08-22 11:57:51 +02:00
james
7f8e6b83dc
Update documentation for exploit/windows/http/octopusdeploy_deploy
...
Remove self explanatory options.
2017-08-21 19:47:24 -05:00
james
60215297be
Update documentation for exploit/windows/http/octopusdeploy_deploy
...
Fix awkward wording.
2017-08-21 19:17:41 -05:00
james
de9392995a
Add documentation for exploit/windows/http/octopusdeploy_deploy
2017-08-21 19:11:36 -05:00
Deepanshu Gajbhiye
8f4fcb5094
tcp.md
...
This module does a complete full tcp scan of each port on the target host. It does a full 3 way handshake on each port.
2017-08-21 13:09:12 -04:00
Brent Cook
eabe4001c2
Land #8492 , Add IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution module
2017-08-20 18:48:22 -05:00
Brent Cook
cbd7790e95
Land #8751 , Add Asterisk Gather Credentials auxiliary module
2017-08-20 18:34:27 -05:00
Brent Cook
840c0d5f56
Land #7808 , add exploit for VMware VDP with known ssh private key (CVE-2016-7456)
2017-08-20 17:36:45 -05:00
Brent Cook
f7dc831e9a
Land #8799 , Add module to detect Docker, LXC, and systemd-nspawn containers
2017-08-20 14:45:57 -05:00
Brent Cook
2eba188166
Land #8789 , Add COM class ID hijack method for bypassing UAC
2017-08-20 13:57:17 -05:00
Erik Lenoir
cde319a5ec
Optim module and add doc
2017-08-18 19:30:41 +02:00
Jay Turla
b0a4634b24
Update connect.md
...
Adding the command in installing gem "serialport".
2017-08-17 18:55:44 +08:00
Brendan Coles
3fcd248d3a
Add documentation
2017-08-17 09:51:09 +00:00
Tim
648dca7bdb
fix silly documentation mistake
2017-08-17 14:43:58 +08:00
james
1c44092ba9
Add module documentation for post/linux/gather/checkcontainer
2017-08-16 21:15:56 -05:00
OJ
408a83a36b
Added comhijack module documentation
2017-08-16 13:05:27 +10:00
Erik Lenoir
6ac8ed490b
Add documentation file
2017-08-15 16:56:20 +02:00
Brendan Coles
60f7534969
Add documentation
2017-08-15 03:43:22 +00:00
Brent Cook
68f569d8f5
Land #8809 , Add documentation for OSX meterpreter
2017-08-13 09:31:28 -04:00
William Vu
4315c2d8ea
Land #8802 , single-char args for terp scripts
2017-08-10 01:29:55 -05:00
Pearce Barry
bb5fffebc4
Land #8796 , SMBLoris Denial of Service Module.
2017-08-09 16:24:55 -05:00
Pearce Barry
901a1fdd1b
Minor tweaks.
2017-08-09 15:44:32 -05:00
bwatters-r7
dd79aa3afb
Land #8627 , Add post module multi/gather/jenkins
2017-08-09 10:43:21 -05:00
Tim
9c87f5f52f
commands should be highlighted
2017-08-08 12:45:39 +08:00
Tim
eb3e07ee10
minor tweak since background is default now
2017-08-08 12:37:28 +08:00
Tim
61bb59d653
fix typos
2017-08-08 12:31:30 +08:00
Tim
0fde536691
add documentation for OSX meterpreter
2017-08-08 12:26:22 +08:00
Tim
46ca543712
add docs for Android APK injection
2017-08-07 15:56:48 +08:00
Josh Hale
ed2286c637
Fix references to multi_console_command
2017-08-06 18:58:38 -05:00
Pearce Barry
e1576154fb
Document the new padding option.
2017-08-06 18:34:56 -05:00
David Maloney
289f03241b
add module documentation
...
add module docs for the new smbloris DoS
2017-08-04 16:10:44 -05:00
Brent Cook
da3ca9eb90
update some documentation
2017-08-03 17:09:44 -05:00
Yorick Koster
67dddd2402
Typo reported by @nixawk
2017-08-02 15:47:21 -05:00
Yorick Koster
3229320ba9
Code review feedback from @nixawk
2017-08-02 15:46:51 -05:00
Yorick Koster
565a3355be
CVE-2017-8464 LNK Remote Code Execution Vulnerability
...
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain a dynamic icon, loaded from a
malicious DLL.
This vulnerability is a variant of MS15-020 (CVE-2015-0096). The
created LNK file is similar except in an additional
SpecialFolderDataBlock is included. The folder ID set in this
SpecialFolderDataBlock is set to the Control Panel. This is enought to
bypass the CPL whitelist. This bypass can be used to trick Windows into
loading an arbitrary DLL file.
2017-08-02 15:46:30 -05:00
Martin Pizala
d7d64286e2
Add documentation for exploit module Rancher Server - Docker Exploit
2017-07-28 08:04:59 +02:00
Brendan Coles
798dfe0b88
Add documentation
2017-07-26 10:18:23 +00:00
Martin Pizala
dd0c78484a
Fix mistake
2017-07-26 02:17:51 +02:00
Martin Pizala
cd418559bc
Docker Daemon - Unprotected TCP Socket Exploit
2017-07-26 00:21:35 +02:00
Brent Cook
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
Ricardo Almeida
fe5c6dc28f
Orientdb 2.2.x RCE - Update documentation
2017-07-24 10:09:06 +01:00
Brent Cook
7c55cdc1c8
fix some module documentation
...
3 modules got documentation landed in the wrong spot. This also fixes a few
typos and improves formatting.
2017-07-23 07:46:52 -07:00
Pearce Barry
6bb745744b
Land #8471 , Add VICIdial user_authorization Unauthenticated Command Execution module
2017-07-21 15:57:08 -05:00
Ricardo Almeida
00a817d228
Orientdb 2.2.x RCE - Add documentation
2017-07-20 09:03:26 +01:00
bwatters-r7
ffad0d1bbf
Land #8559 , Ipfire oinkcode exec
2017-07-19 14:31:18 -05:00
thesubtlety
47f55b1c81
add documentation
2017-07-18 21:30:53 -04:00
Jon Hart
e93e524c3b
Merge branch 'upstream-master' into feature/rdp-scanner
2017-07-17 13:46:59 -07:00
Jon Hart
e5ef737c21
Add documentation
2017-07-17 13:45:12 -07:00
David Maloney
8f6cac9c37
Land #8652 , rpc console write exploit
...
lands pr for the metasploit rpc console write exploit
2017-07-14 14:47:35 -05:00
bwatters-r7
de230478eb
Land #8566 , Add ye olde NNTP Login Utility scanner module
2017-07-13 13:19:34 -05:00
Pearce Barry
59de7d3635
Land #8671 , Add a module for CVE-2017-7615
2017-07-12 14:58:02 -05:00
Corey Harding
6cb956ea81
Update rfpwnon.md
2017-07-09 05:07:36 -04:00
jvoisin
f10cf75ae0
Fix some stuff
2017-07-09 10:45:15 +02:00
jvoisin
e1b9330136
Add some documentation
2017-07-09 02:25:11 +02:00
Pearce Barry
e3f95954ba
Minor doc update.
2017-07-07 16:54:56 -05:00
Brendan Coles
95ba5d61ce
Move documentation to correct folder
2017-07-07 16:54:56 -05:00
Brendan Coles
8e2ff7a4c5
Add command stager and code cleanup
2017-07-07 16:54:56 -05:00
dmohanty-r7
8f464e17a1
Land #8658 , Add Gather PDF Authors auxiliary module
2017-07-07 16:20:29 -05:00
Brendan Coles
afc704aea5
Ad documentation
2017-07-07 18:54:48 +00:00
Brent Cook
f4820d24fb
add a few more AKA references
2017-07-06 22:43:46 -05:00
Brent Cook
b0c5d734ee
s/swith/switch/ - ok @bcoles
2017-07-06 07:03:06 -05:00