Commit Graph

2040 Commits (44304d33b933c4cd626fb59ccaa222b8b2abd731)

Author SHA1 Message Date
James Barnett 15fe80de06 Merge branch 'master' into conform_to_api_standards 2018-07-27 11:08:18 -05:00
bwatters-r7 eab62c18c6
Update mov_ss and add mov_ss_dll 2018-07-27 09:40:34 -05:00
michaelj0hn 7bbb44401d
added definition of IEC104 2018-07-27 15:21:00 +02:00
michaelj0hn 09320ece91 iec104 client 2018-07-27 11:46:26 +02:00
Wei Chen 1bcf2f9b37
Land #10383, Add WP Responsive Thumbnail Slider Plugin Exploit Module 2018-07-26 23:53:25 -05:00
Wei Chen 72d634b10b Update module and its documentation 2018-07-26 23:08:20 -05:00
Brent Cook 32d6344e6b
Land #9964, android post module to extract subscriber info 2018-07-26 16:58:27 -05:00
Shelby Pace 6accca4181
added documentation and check method 2018-07-26 15:32:37 -05:00
Erin Bleiweiss 2572a297a2 clean up parameter delcarations in docs and rename doc files to module_search 2018-07-26 11:43:55 -05:00
James Barnett b1022d16bf
Fix typo in delete response message in docs 2018-07-26 08:43:05 -05:00
James Barnett ec62815d6e
Add error responses to API docs 2018-07-25 21:46:33 -05:00
James Barnett cc21c0a673
Update documentation for new format 2018-07-25 18:01:05 -05:00
Wei Chen 6c2e8f2402
Land #10300, Add root exploit for Axis network cameras 2018-07-25 14:46:04 -05:00
Wei Chen f169afff6a Add documentation and a new reference 2018-07-25 14:44:44 -05:00
William Vu bc89d7fe52
Land #10357, CouchDB improvements and docs 2018-07-25 00:54:55 -05:00
Wei Chen 625ea87ea9
Land #10368, PhpMyAdmin Login Scanner Module 2018-07-24 23:25:27 -05:00
Erin Bleiweiss 87434ef22d pull changes 2018-07-24 15:42:31 -05:00
Shelby Pace 4f81fcdc87
retn versions in chk_setup, tests to reflect, doc 2018-07-24 14:51:00 -05:00
James Barnett eccd223a3e
Merge branch 'master' into conform_to_api_standards 2018-07-24 12:11:14 -05:00
Shelby Pace eb72edc84a
added documentation for aux module 2018-07-24 10:22:53 -05:00
Matthew Kienow dac5780feb
Land #10176, creds data service CRUD operations 2018-07-23 23:36:32 -04:00
James Barnett e3da0a6828 Merge branch 'master' into remote_creds_data 2018-07-23 16:39:13 -05:00
h00die e1100572ac add afp docs 2018-07-22 20:56:52 -04:00
h00die 83ae5cb14d fix backup_file.rb and add a few docs 2018-07-22 20:50:22 -04:00
h00die 03e8f45634 add more version info for docs 2018-07-21 21:39:19 -04:00
h00die 2a969d70db dicoogle 2018-07-21 21:31:45 -04:00
h00die f1e1407901 add musl-cross info 2018-07-21 14:22:27 -04:00
h00die 17b94f7cf3 add smap disabling instructions 2018-07-21 14:20:24 -04:00
h00die 85c2e5298f patch up docs 2018-07-21 14:06:57 -04:00
h00die 4a9e6fac66 patch up docs 2018-07-21 14:00:29 -04:00
h00die abfed97e03 remove EOL spaces 2018-07-21 11:21:11 -04:00
h00die 357f221b93 update doc 2018-07-21 11:09:16 -04:00
h00die 8b324c19d8 update couchdb scanner 2018-07-21 11:02:50 -04:00
James Barnett 65d42380d3
Merge branch 'master' into remote_creds_data 2018-07-19 16:25:06 -05:00
Erin Bleiweiss 04a6cf8f0a pull latest changes and re-register module servlet in new sinatra base 2018-07-19 14:42:39 -05:00
Erin Bleiweiss ce7eb9f3fe add list of valid fields to documenation and update aliases 2018-07-19 14:31:46 -05:00
Erin Bleiweiss 462655dea1 update response example documentation 2018-07-19 14:10:04 -05:00
Erin Bleiweiss 4c71268b38 add documentation for aliases 2018-07-19 13:38:18 -05:00
Erin Bleiweiss e3716305dc add new fields to swagger doc 2018-07-19 13:31:41 -05:00
Brendan Coles 19239c72c0 Update cmsms_upload_rename_rce check and docs 2018-07-19 18:26:42 +00:00
Wei Chen 28e3f3a5f0
Land #10327, Add CMS Made Simple Upload/Rename Authenticated RCE 2018-07-19 12:18:12 -05:00
James Barnett 59962c5273 Merge branch 'master' into conform_to_api_standards 2018-07-19 09:26:17 -05:00
Erin Bleiweiss 8010c58220 add module documentation to swagger (WIP) 2018-07-18 17:36:31 -05:00
James Barnett 4d2e0e51e4
Update docs for /endpoit/ID GET requests 2018-07-18 16:01:12 -05:00
Tim W 70a1df70a1
Land #9753, Linux BPF sign extension local privesc 2018-07-18 18:44:14 +08:00
Jacob Robles 1e004769ca
CMS Made Simple Upload/Rename Authenticated RCE 2018-07-17 09:00:39 -05:00
Eliott Teissonniere 01e6362828 Fix documentation wording 2018-07-17 13:01:49 +02:00
Brendan Coles 6bf184dbcf Update tested versions 2018-07-17 06:24:16 +00:00
William Vu 9a7c34e6e9
Land #10064, Claymore Dual Miner API RCE 2018-07-16 18:02:20 -05:00
Eliott Teissonniere bfd521f2cb Small note about network not available 2018-07-16 11:56:55 +02:00
Eliott Teissonniere aa58634b24 Document rc.local 2018-07-16 09:34:20 +02:00
Jacob Robles 6e450973b9
Land #10295, Add QNAP Q'Center change_passwd Command Execution exploit 2018-07-14 10:09:46 -05:00
Brendan Coles 9bdec97b2e Fix bpf_sign_extension_priv_esc 2018-07-13 23:01:17 +00:00
Wei Chen b40a146723
Land #10297, Add priv escalation mod for CVE-2018-8897 2018-07-13 10:54:25 -05:00
Wei Chen d7a0d7ecf3 Add some documentation for mov_ss.md 2018-07-13 01:17:28 -05:00
Brendan Coles 1ad571f136
Fix password typo 2018-07-13 16:02:15 +10:00
Brendan Coles 392cf3bbe1
Are hosts? 2018-07-13 15:00:31 +10:00
Brendan Coles a020d48caf Move module documentation to documentation directory 2018-07-13 04:46:25 +00:00
Brendan Coles 358347358f Add documentation 2018-07-13 04:18:56 +00:00
William Vu ed163c11a0
Land #10296, a few aux module docs 2018-07-12 22:20:25 -05:00
William Vu c9001699cd
Land #10027, Hadoop unauthed command execution 2018-07-12 21:58:49 -05:00
William Vu 50252c75d6 Clean up module
With a little rubocop -a.
2018-07-12 21:58:00 -05:00
h00die 6751d48564 A few aux module docs 2018-07-12 17:50:47 -04:00
William Vu acb20e5a29
Land #9780, CouchDB auth bypass and RCE 2018-07-12 03:36:17 -05:00
William Vu a08420e0d0
Land #10286, Docker server version scanner 2018-07-12 03:08:41 -05:00
William Vu e62dbecbef Add module doc 2018-07-12 03:06:16 -05:00
Shelby Pace 1ded8ffb29
Land #10260, Add phpMyAdmin v4.8.1/4.8.0 LFI RCE 2018-07-11 11:10:52 -05:00
James Barnett c26fcc0af1 Merge branch 'master' into remote_creds_data 2018-07-11 10:27:49 -05:00
James Barnett b119622408
GET with ID is NYI for credentials 2018-07-10 17:30:44 -05:00
James Barnett 0270b0269b
Update Credential API documentation 2018-07-10 17:29:25 -05:00
Shelby Pace 10cd6c99d9
Land #10231, Monstra Fileupload Exec 2018-07-10 14:23:15 -05:00
James Barnett e7ddb6fdf5
Add API docs for logins endpoints 2018-07-10 14:21:19 -05:00
Shelby Pace 476a3a276f
modified capitalization and wording 2018-07-10 14:12:02 -05:00
Brent Cook 1af360d7e0
Land #10108, add IBM QRadar SIEM exploit 2018-07-10 11:52:32 -05:00
Brent Cook 625050767e add module docs 2018-07-10 11:51:57 -05:00
James Barnett bbc16e1873 Merge branch 'master' into remote_creds_data 2018-07-09 09:49:14 -05:00
Jacob Robles 1c448de882
Land #10107, Add the scanner/smb/impacket/secretsdump module 2018-07-06 14:59:33 -05:00
Shelby Pace b5fb970aec
Land #10133, Add HID discoveryd RCE exploit 2018-07-06 14:32:29 -05:00
Wei Chen 545e91af00
Land #10262, Add GitList argument injection exploit module 2018-07-06 14:28:20 -05:00
Jacob Robles fe1b17684a
Add Targets and Session file inclusion 2018-07-06 12:17:26 -05:00
ReverseBrain 43d71cdc09 Initial Claymore Dual Miner RCE doc commit 2018-07-06 02:50:16 +02:00
Brent Cook b4b7bf03da
Land #10171, Implement desktop shell and screensaver post modules 2018-07-05 17:33:06 -05:00
Brent Cook a18e4a7d5c
Land #10246, add documentation for APK injection 2018-07-05 17:26:56 -05:00
Shelby Pace 5d0652fab1
changed inconsistent capitalization 2018-07-05 15:56:41 -05:00
Shelby Pace 2b452d5681
added documentation and check 2018-07-05 15:47:21 -05:00
Brent Cook 05a0d79be7
Land #10219, Add HP VAN SDN Controller exploit 2018-07-05 14:21:44 -05:00
William Vu 830c17f07e Update outdated print in module doc 2018-07-05 14:18:33 -05:00
Jacob Robles 43096d9d78
Add phpMyAdmin v4.8.1/4.8.0 LFI RCE
Module and Doc
2018-07-05 13:33:35 -05:00
William Vu 53d5d82498 Rename module to match new vector 2018-07-05 13:31:16 -05:00
flandini b00f0e87e0 Add SonicWall XML-RPC Remote Code Execution exploit module 2018-07-05 12:06:13 -05:00
Mehmet İnce a272dcabd7 Fix typos and additional updates regarding to review 2018-07-05 13:33:40 +01:00
Mehmet İnce 4c1c2e9288 Adding Micro Focus Secure Messaging Gateway RCE 2018-07-04 17:47:13 +01:00
William Vu 12a0aaeaf1 Add module doc 2018-07-03 18:31:43 -05:00
Aloïs Thévenot e1a9aae109 Add Wordress Arbitrary File Deletion module 2018-07-03 12:21:38 +02:00
Tim W 7fe41f5e4e fix #10187, add documentation for APK injection 2018-07-03 15:20:18 +08:00
Shelby Pace 8f8d015741
changed some wording 2018-07-02 09:57:28 -05:00
Shelby Pace 54fce378fa
added target versions to documentation 2018-07-02 09:20:17 -05:00
Green-m 7a966e7b9d Change unauthorized to unauthenticated 2018-07-01 22:43:54 -04:00
Ishaq Mohammed 32db22804e
Docs Update
Docs Update
2018-06-30 12:45:43 +05:30
Ishaq Mohammed 128438f444
Merge pull request #2 from touhidshaikh/monstra_fileupload_exec
Monstra fileupload exec
2018-06-30 12:03:14 +05:30
Touhid M Shaikh d0abe843c4
monstra_fileupload_exec doc
monstra_fileupload_exec Doc
2018-06-30 11:52:43 +05:30
Shelby Pace 3b5555542c
add exploit module and documentation 2018-06-29 15:17:12 -05:00
Jacob Robles fc3199259b
Land #9958, Nagios xi 2 electric 2018-06-29 12:16:18 -05:00
Jacob Robles 675a736ab7
Update Docs 2018-06-29 11:08:31 -05:00
Brendan Coles c508a5f7f3
Land #10213, Add FTPShell client 6.70 Stack Buffer Overflow exploit 2018-06-29 14:40:51 +00:00
William Vu cb0564913e
Land #9933, auxiliary/scanner/db2/discovery docs 2018-06-27 16:00:39 -05:00
Adam Cammack ce7d4cd280
Land #10109, Teradata login scanner and SQL runner 2018-06-27 15:35:57 -05:00
Adam Cammack fe8538a4a7
Add note about Teradata configuration for OS X 2018-06-27 15:33:50 -05:00
Daniel Teixeira 857dc39cd0
FTPShell client 6.70 (Enterprise edition) 2018-06-27 16:36:04 +01:00
Shelby Pace c5e7184fdb
Land #10199, Kace Systems Management Command Injection 2018-06-26 10:11:10 -05:00
Shelby Pace 510c2d04ef
add auxiliary module and documentation - SickRage 2018-06-22 11:18:02 -05:00
Brendan Coles b8f0ca2cd7 Add documentation 2018-06-22 13:53:35 +00:00
Eliott Teissonniere 74ed2a581a Document post/multi/screensaver 2018-06-22 09:51:55 +00:00
Eliott Teissonniere 7a4b00372e Document post/multi/manage/open 2018-06-22 09:51:33 +00:00
Brent Cook eaf043d30b
Land #10156, WebKit, as used in WebKitGTK+ Crash - CVE-2018-11646 2018-06-21 16:28:37 -05:00
Wei Chen a91ad8c09c
Land #10193, Updated Documentation for httpdasm module 2018-06-21 13:04:45 -05:00
Shelby Pace 2277b13869
updated documentation 2018-06-20 16:30:19 -05:00
Wei Chen 72432c200a
Land #10183, Add auxiliary mod to exploit httpdasm dir traversal vuln 2018-06-19 14:56:36 -05:00
Shelby Pace b78bb78f95
added auxiliary module and documentation 2018-06-18 10:25:33 -05:00
Jacob Robles cb50d0fade
Land #9825, Add 'phpMyAdmin Authenticated Remote Code Execution' 2018-06-18 08:51:53 -05:00
Jacob Robles 2e2ded22fc
Use Gem::Version
Simplify version comparisons
2018-06-18 08:35:47 -05:00
Jacob Robles 122ea2ddcb
Update module, Add docs
Changed the module to an exploit module and
added documentation.
2018-06-18 07:33:05 -05:00
James Barnett 2ded48a510 Merge branch 'master' into remote_creds_data 2018-06-15 10:26:10 -05:00
William Vu b733b79533
Land #10021, post/multi/recon/sudo_commands module 2018-06-14 16:33:50 -05:00
Brendan Coles aef74bf477 Add documentation 2018-06-14 13:21:34 +00:00
bwatters-r7 1cd76eb833
Land #10148, Add New Module - Badpdf
Merge branch 'land-10148' into upstream-master
2018-06-12 17:19:32 -05:00
bwatters-r7 29f4870fa0
Land #10101, Add glibc 'realpath()' Privilege Escalation exploit 2018-06-12 16:41:07 -05:00
William Vu c3c6bc19da
Land #10059, CVE-2018-1111 exploit 2018-06-12 15:02:06 -05:00
William Vu 4dd744495d Add basic module doc 2018-06-12 15:01:40 -05:00
Dhiraj Mishra 62a13430f7
Minor changes in documentation 2018-06-11 13:21:13 +05:30
Dhiraj Mishra be5bc3d2f8
Added documentation 2018-06-09 16:32:20 +05:30
rmdavy 992d2130aa
Updated Documentation 2018-06-07 21:05:56 +01:00
rmdavy 3036b62890
Update badpdf.md 2018-06-07 19:07:29 +01:00
rmdavy 85a32fcd32
BadPDF Documentation 2018-06-07 16:39:50 +01:00
Aaron Soto f53d2a14df
Land #10067, Added `auxiliary/fileformat/odt_badodt` 2018-06-06 11:27:23 -05:00
Aaron Soto 20e773498f
Moved to `auxiliary/fileformat/odt_badodt` and updated docs 2018-06-06 11:27:07 -05:00
Aaron Soto 2ec6d11663
Expanded documentation to discuss `auxiliary/server/capture/smb` 2018-06-06 11:19:04 -05:00
Aaron Soto 61074d1220
Land #10115, Added module `auxiliary/fileformat/multidrop` 2018-06-05 16:30:30 -05:00
Jacob Robles 3b2889cd77
Land #10106, Add the scanner/smb/impacket/wmiexec module 2018-06-05 08:33:34 -05:00
rmdavy b256a99128
Updated 2018-06-04 23:02:27 +01:00
rmdavy 0719ca28c4
Minor Updates
Minor Updates as per recommendations by Aaron Soto.
2018-06-04 19:23:25 +01:00
Brendan Coles 2c0c99e980 Add documentation 2018-06-03 05:41:53 +00:00
Brent Cook 61a98b94b6
Land #9528, WebKit apple safari trident exploit (CVE-2016-4657) 2018-06-02 21:52:52 -05:00
Brent Cook 742e7898f4 add documentation 2018-06-02 21:51:24 -05:00
Aaron Soto f424a7f50e
Moved/deleted documentation, as appropriate 2018-06-01 14:22:55 -05:00
rmdavy abe04edd10
Updated Multidrop Info 2018-06-01 11:12:22 +01:00
rmdavy 1a37289495
Updated Multidrop
Updated with changes suggested by bcoles
2018-06-01 11:09:55 +01:00
Nicholas Starke 53d9dc75d8 Adding npm component "marked" ReDoS module
This commit adds a module for the npm component
"marked" which exploits a Regular Expression
Denial of Service (ReDoS) vulnerability in the
"heading" regular expression.  Also included
is the documentation markdown for this module.
2018-05-31 13:33:09 -05:00
James Barnett a8f19df4e6
Pass params through query string on creds GET
Also updated API docs to use correct params
2018-05-30 16:23:37 -05:00
bwatters-r7 1e57aa5a57
Land #9777, Slui File Handler Hijack LPE 2018-05-30 15:22:12 -05:00