593813cdef
Fix small grammar issues in ms08_067 and ms17_010
...
Also includes very small changes to improve punctuation consistency
within CONTRIBUTING.md
2018-01-15 19:32:44 -08:00
ac724926db
Sync Breeze Import Command BOF Doc
2018-01-15 20:45:34 +00:00
333ee893d3
Tidied up platform detection, check method, and minor typos.
2018-01-14 18:28:40 +00:00
736d438813
Address second round of feedback
...
Brain fart on guard clauses when I've been using them all this time...
Updating the conditions made the ternary fall out of favor.
Changed some wording in the doc to suggest the domain name for a
particular NIS server may be different from the bootparamd client's
configuration.
2018-01-13 22:55:01 -06:00
6568d29b67
Add BMC Server Automation RSCD Agent RCE exploit module.
2018-01-14 01:12:55 +00:00
c080329ee6
Update module after feedback
...
Looks like I can't decide on certain style preferences.
Not keen on using blank?, but I've used it before. Time to commit?
Also, fail_with has been fixed for aux and post since #8643 . Use it!
2018-01-13 15:40:11 -06:00
ff1c85552b
Add module doc
2018-01-12 19:34:59 -06:00
e6c4fb1dab
Land #9269 , Add a new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:54:23 -06:00
f395e07fc6
Land #9269 , add new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:53:02 -06:00
4b225c30fd
Land #9368 , ye olde NIS ypserv map dumper
2018-01-10 22:02:36 -06:00
f5210ed6d6
Update module doc with missing options
2018-01-10 20:18:50 -06:00
6510ee53bc
Land #9204 , Add exploit for Samsung SRN-1670D (CVE-2017-16524)
...
Land #9204
2018-01-10 20:15:29 -06:00
18c179a091
Update module and add documentation
...
This updates the module to pass:
* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes
A documentation is also added.
2018-01-10 20:13:42 -06:00
7e2c7837e5
Land #9325 , Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module
...
Land #9325
2018-01-10 17:39:50 -06:00
b1f3f471f3
Update phpcollab_upload_exec code (also module documentation)
2018-01-10 17:38:52 -06:00
8d77f35b16
Land #9373 , Add LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow
...
Land #9373
2018-01-09 22:40:50 -06:00
25280e3319
Update labf_nfsaxe and module documentation
2018-01-09 22:39:40 -06:00
777e383568
Land #9377 , Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit
...
Land #9377
2018-01-09 13:56:53 -06:00
a0c9cdd73d
Land #9376 , Add HPE iMC dbman RestartDB Unauthenticated RCE exploit
...
Land #9376
2018-01-09 13:28:03 -06:00
b06db60a56
Fix typos
2018-01-09 11:20:02 -06:00
7b6a8af387
Update commvault_cmd_exec module documentation
2018-01-08 15:42:01 -06:00
bbad416a86
Add module doc to appease the @h00die god
2018-01-08 15:02:39 -06:00
d138f1508c
Land #9340 , Add exploit for Commvault Remote Command Injection
...
Land #9340
2018-01-07 12:17:26 -06:00
a1a594d1f8
Add documentation
2018-01-06 05:09:24 +00:00
9ec17bdd54
Add documentation
2018-01-06 05:08:33 +00:00
160f960f78
Add files via upload
2018-01-04 20:25:41 +00:00
65f444ddcc
land #9362 exploit for pfsense graph injection
2018-01-04 14:35:52 -05:00
520e890520
Land #8581 , VMware Workstation ALSA Config File Local Privilege Escalation
2018-01-03 21:35:57 -06:00
b8dde2e650
Land #9360 , Ayukov NFTP FTP client buffer overflow vulnerability
...
Land #9360
2018-01-03 20:56:12 -06:00
04cf3017c0
Update ayukov_nftp exploit and module documentation
2018-01-03 20:52:57 -06:00
c3f10c1d57
Land #9336 , Linksys WVBR0-25 exploit
2018-01-03 18:13:44 -06:00
589de0483b
Clarification in product linkage and small syntax fixup in repro steps
2018-01-03 17:00:26 -06:00
a5fa63405f
Land #9206 , Add Xplico RCE exploit module
2018-01-03 16:02:51 -06:00
3b0f0aa358
Adding doc file for module linksys_wvbr0_user_agent_exec_noauth
2018-01-02 14:54:18 -06:00
8f0e41e159
requested changes
2018-01-01 17:30:43 -06:00
bc088cb379
added md
2018-01-01 05:46:04 -06:00
76d345039d
Create ayukov_nftp.md
2017-12-31 15:42:32 +00:00
54159c29eb
Add documentation line from h00die
2017-12-29 16:14:28 -06:00
3516305517
land #9191 an exploit against HP LoadRunner magentproc
2017-12-29 16:35:43 -05:00
b698095c49
slight updates to magentproc docs
2017-12-29 16:30:32 -05:00
bb97467b31
docs for auxiliary/scanner/http/directadmin_login
2017-12-29 14:43:20 -06:00
67c2119736
oh brother
2017-12-29 14:16:34 -05:00
b43c6078a1
updated
2017-12-28 18:24:57 -05:00
1a7850bd51
updated
2017-12-28 18:21:55 -05:00
2672550c62
deprecated
2017-12-28 18:19:04 -05:00
53fc25560e
updated
2017-12-28 18:13:41 -05:00
d3fdc539b7
updated
2017-12-28 18:09:27 -05:00
6736b125f6
updated
2017-12-28 18:08:28 -05:00
398fe3c8e8
updated
2017-12-28 18:07:04 -05:00
59940feacc
corrected grammatical error
2017-12-28 17:55:04 -05:00
339c7b3bc2
Updated
2017-12-28 17:53:02 -05:00
eb696ee5cf
Documentation update
2017-12-28 16:30:04 -06:00
5e71be7772
add ard_root_pw documentation
2017-12-28 14:37:25 -06:00
b86fd551a3
Add a WIP of the module documentation
2017-12-28 14:00:03 -06:00
ae17943d4c
fix documentation preformat blocks
2017-12-27 22:32:26 -06:00
bbed7db13c
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-27 13:08:44 -08:00
e6de25d63b
Land #9316 Cambium modules and mixins, tx @juushya
...
These cover several of the CVEs mentioned in
https://blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/
2017-12-26 12:39:51 -06:00
7aa296577e
Added readme
2017-12-22 14:34:35 -05:00
d4bc98c13f
Merge branch 'upstream-master' into feature/mqtt-login
2017-12-22 08:07:40 -08:00
caae33b417
Land #9170 , Linux UDF for mysql_udf_payload
2017-12-21 20:48:24 -06:00
917e9aa328
Doc READ_TIMEOUT
2017-12-20 19:10:49 -08:00
962bc71d10
Merge branch 'feature/mqtt' into feature/mqtt-login
2017-12-20 18:58:36 -08:00
9c0df54f36
syntax
2017-12-20 18:54:09 -08:00
fa1536209a
syntax
2017-12-20 18:52:34 -08:00
508253eadc
More docs
2017-12-20 18:51:44 -08:00
0f72ce1ee5
Add WIP documentation for auxiliary/scanner/mqtt/connect
2017-12-20 18:45:10 -08:00
86ce3c8781
Made suggested changes and added documentation
2017-12-20 15:54:16 -05:00
a8b845fff9
Land #9283 , Add node.js ws websocket library DoS module
2017-12-20 14:20:42 -06:00
8c1f1696af
Kill trailing whitespace in docs
2017-12-18 17:35:49 -06:00
4aa480d655
Land #9311 , docs for #9180
2017-12-18 17:34:55 -06:00
c2b8d23854
Kill trailing whitespace
2017-12-18 16:56:09 -06:00
65da14c165
Adding docs for modules
2017-12-18 16:47:43 -06:00
a33ed82a40
Land #9214 , @realoriginal's update to the Cisco SMI scanner to also fetch Cisco IOS configs
2017-12-18 12:22:26 -08:00
369d74cdb2
Updating documentation
...
Added a missing backtick
2017-12-18 10:34:00 -05:00
76823e9fe6
Land #9183 , Jenkins Groovy XStream RCE
2017-12-18 03:38:27 -06:00
880a1d4283
Land #9312 , Module acting as a Pyrotechnical Device Deployment Tool (PDT) for Hardware Bridge
2017-12-17 18:32:28 -06:00
8344401484
Add docs, minor tweaks.
2017-12-17 18:15:49 -06:00
95e2f1da95
Update samsung_browser_sop_bypass.md
2017-12-17 11:02:24 +05:30
53a098a7f3
Update samsung_browser_sop_bypass.md
2017-12-16 22:46:29 +05:30
6b54fe6775
Create samsung_browser_sop_bypass.md
2017-12-16 22:26:08 +05:30
c6a2ae2551
Land #9248 , Add wd_mycloud_multiupload_upload exploit
2017-12-13 18:51:02 -06:00
c0a534140d
Land #9284 a regex dos for ua_parser_js npm module
2017-12-13 19:31:49 -05:00
544e4e3d0b
fix md formatting
2017-12-13 19:30:50 -05:00
dd5532c5de
Addressing Formatting Issues
...
There were several formatting and layout issues
that are fixed in this commit. Also changing
`RHOSTS` to `RHOST`.
2017-12-13 14:26:27 -06:00
b99663fb6c
Bring #9282 up to date with upstream-master
2017-12-13 13:16:30 -06:00
37514eec17
Land #9234 , Add exploit for ClickJacking vuln for pfSense
...
Land #9234
2017-12-12 14:56:21 -06:00
6149f51273
Land #9256 , Add aux module to discover WSDD enabled devices
...
Land #9256
2017-12-12 11:55:42 -06:00
d79b0ad981
Land #9286 , Advantech WebAccess webvrpcs BOF RCE
2017-12-12 00:25:56 -05:00
7f93cca446
Land #9288 , Add Dup Scout Enterprise login buffer overflow
2017-12-11 17:12:20 -06:00
2d23054a1f
Changes as per comments
...
A few things were changed as per the PR comments:
1) The module title was reworded
2) The module description was multi-lined
3) Negative logic was rewritten to use 'unless'
4) Strings which did not require interpolation were rewritten
5) Documentation markdown was added.
2017-12-11 14:11:40 -06:00
da9e2a981a
added auxiliary/scanner/dcerpc/tcp_dcerpc_auditor.md
2017-12-11 12:48:32 -05:00
10cf5557c2
added auxiliary/scanner/dcerpc/management.md
2017-12-11 12:45:20 -05:00
02e9b4cd6b
added auxiliary/scanner/dcerpc/hidden.md
2017-12-11 12:38:46 -05:00
f8977ed72c
added some fixes
2017-12-11 11:34:17 -06:00
c3e7d93bcb
added auxiliary/scanner/dcerpc/endpoint_mapper.md
2017-12-11 12:27:04 -05:00
4de6b4f4fa
added auxiliary/scanner/discovery/udp_sweep.md
2017-12-11 12:08:18 -05:00
5d5051d2ed
added auxiliary/scanner/discovery/udp_probe.md
2017-12-11 12:04:50 -05:00
499f2dd55d
added auxiliary/scanner/discovery/ipv6_neighbor.md
2017-12-11 11:58:49 -05:00
c5f218c84c
Addressing comments
...
1. Updated documentation
2. Made the Sec-WebSocket-Key header a random value
2017-12-11 11:49:31 -05:00
36f5ccad3d
updated
2017-12-11 11:49:15 -05:00
25235c8ca5
auxiliary/scanner/smb/smb_enumshares.md
2017-12-11 11:44:27 -05:00
c6740f88e9
auxiliary/scanner/smb/smb2.md
2017-12-11 11:39:36 -05:00
dee2137350
auxiliary/scanner/smb/pipe_dcerpc_auditor.md
2017-12-11 11:25:44 -05:00
fd775a056c
auxiliary/scanner/smb/pipe_auditor.md
2017-12-11 11:22:03 -05:00
885c61df24
auxiliary/scanner/mssql/mssql_sql.md
2017-12-11 01:39:47 -05:00
d6f6faee3a
auxiliary/scanner/mssql/mssql_idf.md
2017-12-11 01:32:43 -05:00
2757fabbfc
auxiliary/scanner/mssql/mssql_ping.md
2017-12-11 01:15:44 -05:00
282ae1509f
auxiliary/scanner/mysql/mysql_version.md
2017-12-11 00:49:21 -05:00
92053fb1da
updated
2017-12-11 00:43:58 -05:00
b3f9398dbb
auxiliary/scanner/mysql/mysql_login.md
2017-12-11 00:38:03 -05:00
0929acf88c
updated
2017-12-09 21:43:05 -05:00
455b31ea05
updated
2017-12-09 21:32:23 -05:00
5b910a2576
updated
2017-12-09 21:31:03 -05:00
52d426d5c0
added more info
2017-12-09 21:23:17 -05:00
76d60cb334
auxiliary/scanner/http/cert.md
2017-12-09 21:14:40 -05:00
c90a7f62fe
auxiliary/scanner/http/dir_scanner.md
2017-12-09 21:07:45 -05:00
5aa2f4a553
auxiliary/scanner/http/dir_webdav_unicode_bypass.md
2017-12-09 20:43:42 -05:00
90ea07a7e1
auxiliary/scanner/http/ssl.md
2017-12-09 20:04:53 -05:00
ccc4cf7e13
updated
2017-12-09 19:41:52 -05:00
464ad769ac
auxiliary/scanner/http/wordpress_login_enum.md
2017-12-09 19:39:24 -05:00
acbc46768f
updated
2017-12-09 19:37:59 -05:00
34e89c6171
auxiliary/scanner/http/webdav_website_content.md
2017-12-09 19:14:15 -05:00
3116c1041b
auxiliary/scanner/http/verb_auth_bypass.md
2017-12-09 19:03:57 -05:00
3674448b1b
added webdav_scanner.md
2017-12-09 18:44:15 -05:00
3a14ac3b37
Fixed a spelling error in documentation
2017-12-09 02:30:42 -06:00
e91830efe7
Add Dup Scout Enterprise login buffer overflow
2017-12-09 02:20:05 -06:00
668585a1f9
Adding documentation
...
Adding module documentation for ws_dos.
2017-12-08 15:52:57 -05:00
073ffcb3bc
added some docs
2017-12-07 16:58:14 -06:00
900f7d6f69
docs on options
2017-12-07 14:47:40 -05:00
12425d962c
Rename office_dde_delivery to office_dde_delivery.md
2017-12-06 22:40:57 -05:00
1e4b707a60
MS Office DDE Documentation
2017-12-06 21:46:47 -05:00
ce2db3cd87
Land #9275 , CVE-2017-11882 (docs fix)
2017-12-05 10:16:54 -06:00
14226c5f33
missing docs on options
...
Missed fixes on documentation
2017-12-04 20:58:36 -05:00
69b01d26bb
Land #9226 , Microsoft Office OLE object memory corruption
2017-12-04 16:50:27 -08:00
b7f17f5519
fix documentation
2017-12-04 16:41:27 -05:00
f83e9815dd
Land #9210 , Add a Polycom HDX RCE
2017-12-04 12:49:35 -06:00
775529277f
Add documentation
2017-11-29 17:37:34 +00:00
9dc3d60fc2
Stupid Typos
2017-11-29 10:29:38 -06:00
efa8d566d7
Added documentation for iamroot
2017-11-29 10:26:06 -06:00
d174ef3a70
Add wd_mycloud_multiupload_upload exploit
2017-11-28 07:12:00 -06:00
244acc48b6
Land #9212 , pfsense group member exec module
2017-11-27 11:27:29 -06:00
43ff4f12e5
update docs
2017-11-22 06:57:35 -05:00
b5994bde79
Update pfsense_clickjacking.md
2017-11-22 11:10:47 +01:00
5b5c5520e6
Update pfsense_clickjacking.md
2017-11-22 11:09:54 +01:00
916ee05cce
Add exploit module for Clickjacking vulnerability in CSRF error page pfSense
2017-11-22 11:06:22 +01:00
73c692fb65
fix docs
2017-11-21 21:31:06 -05:00
879db5cf38
Land #9050 , @mpizala's improvements to the docker_daemon_tcp module
2017-11-21 17:13:24 -08:00
b6c81e6da0
Reimplement slowloris as external module
2017-11-21 16:21:01 -05:00
aa16288140
Update slow_loris.md
2017-11-21 15:49:45 -05:00
6d2007a4db
Update slow_loris.md
2017-11-21 15:49:44 -05:00
Brady Sullivan
Daniel Teixeira
Nicky Bloor
William Vu
Wei Chen
Brendan Coles
h00die
Brent Cook
headlesszeke
dmohanty-r7
wetw0rk
HD Moore
Jeffrey Martin
Vishal Gupta
Jon Hart
Tod Beardsley
b0yd
Nick Marcoccio
Ryan Knell
Pearce Barry
RootUp
Nicholas Starke
Matthew Kienow
mr_me
Chris Higgins
Austin
William Webb
bwatters-r7
Zenofex
Yorick Koster