Commit Graph

2157 Commits (792b451f40a6a4160b44f48916c109c927a66248)

Author SHA1 Message Date
Erin Bleiweiss 462655dea1 update response example documentation 2018-07-19 14:10:04 -05:00
Erin Bleiweiss 4c71268b38 add documentation for aliases 2018-07-19 13:38:18 -05:00
Erin Bleiweiss e3716305dc add new fields to swagger doc 2018-07-19 13:31:41 -05:00
Brendan Coles 19239c72c0 Update cmsms_upload_rename_rce check and docs 2018-07-19 18:26:42 +00:00
Wei Chen 28e3f3a5f0
Land #10327, Add CMS Made Simple Upload/Rename Authenticated RCE 2018-07-19 12:18:12 -05:00
James Barnett 59962c5273 Merge branch 'master' into conform_to_api_standards 2018-07-19 09:26:17 -05:00
Erin Bleiweiss 8010c58220 add module documentation to swagger (WIP) 2018-07-18 17:36:31 -05:00
James Barnett 4d2e0e51e4
Update docs for /endpoit/ID GET requests 2018-07-18 16:01:12 -05:00
Tim W 70a1df70a1
Land #9753, Linux BPF sign extension local privesc 2018-07-18 18:44:14 +08:00
Jacob Robles 1e004769ca
CMS Made Simple Upload/Rename Authenticated RCE 2018-07-17 09:00:39 -05:00
Eliott Teissonniere 01e6362828 Fix documentation wording 2018-07-17 13:01:49 +02:00
Brendan Coles 6bf184dbcf Update tested versions 2018-07-17 06:24:16 +00:00
William Vu 9a7c34e6e9
Land #10064, Claymore Dual Miner API RCE 2018-07-16 18:02:20 -05:00
Eliott Teissonniere bfd521f2cb Small note about network not available 2018-07-16 11:56:55 +02:00
Eliott Teissonniere aa58634b24 Document rc.local 2018-07-16 09:34:20 +02:00
Jacob Robles 6e450973b9
Land #10295, Add QNAP Q'Center change_passwd Command Execution exploit 2018-07-14 10:09:46 -05:00
Brendan Coles 9bdec97b2e Fix bpf_sign_extension_priv_esc 2018-07-13 23:01:17 +00:00
Wei Chen b40a146723
Land #10297, Add priv escalation mod for CVE-2018-8897 2018-07-13 10:54:25 -05:00
Wei Chen d7a0d7ecf3 Add some documentation for mov_ss.md 2018-07-13 01:17:28 -05:00
Brendan Coles 1ad571f136
Fix password typo 2018-07-13 16:02:15 +10:00
Brendan Coles 392cf3bbe1
Are hosts? 2018-07-13 15:00:31 +10:00
Brendan Coles a020d48caf Move module documentation to documentation directory 2018-07-13 04:46:25 +00:00
Brendan Coles 358347358f Add documentation 2018-07-13 04:18:56 +00:00
William Vu ed163c11a0
Land #10296, a few aux module docs 2018-07-12 22:20:25 -05:00
William Vu c9001699cd
Land #10027, Hadoop unauthed command execution 2018-07-12 21:58:49 -05:00
William Vu 50252c75d6 Clean up module
With a little rubocop -a.
2018-07-12 21:58:00 -05:00
h00die 6751d48564 A few aux module docs 2018-07-12 17:50:47 -04:00
William Vu acb20e5a29
Land #9780, CouchDB auth bypass and RCE 2018-07-12 03:36:17 -05:00
William Vu a08420e0d0
Land #10286, Docker server version scanner 2018-07-12 03:08:41 -05:00
William Vu e62dbecbef Add module doc 2018-07-12 03:06:16 -05:00
Shelby Pace 1ded8ffb29
Land #10260, Add phpMyAdmin v4.8.1/4.8.0 LFI RCE 2018-07-11 11:10:52 -05:00
James Barnett c26fcc0af1 Merge branch 'master' into remote_creds_data 2018-07-11 10:27:49 -05:00
James Barnett b119622408
GET with ID is NYI for credentials 2018-07-10 17:30:44 -05:00
James Barnett 0270b0269b
Update Credential API documentation 2018-07-10 17:29:25 -05:00
Shelby Pace 10cd6c99d9
Land #10231, Monstra Fileupload Exec 2018-07-10 14:23:15 -05:00
James Barnett e7ddb6fdf5
Add API docs for logins endpoints 2018-07-10 14:21:19 -05:00
Shelby Pace 476a3a276f
modified capitalization and wording 2018-07-10 14:12:02 -05:00
Brent Cook 1af360d7e0
Land #10108, add IBM QRadar SIEM exploit 2018-07-10 11:52:32 -05:00
Brent Cook 625050767e add module docs 2018-07-10 11:51:57 -05:00
James Barnett bbc16e1873 Merge branch 'master' into remote_creds_data 2018-07-09 09:49:14 -05:00
Jacob Robles 1c448de882
Land #10107, Add the scanner/smb/impacket/secretsdump module 2018-07-06 14:59:33 -05:00
Shelby Pace b5fb970aec
Land #10133, Add HID discoveryd RCE exploit 2018-07-06 14:32:29 -05:00
Wei Chen 545e91af00
Land #10262, Add GitList argument injection exploit module 2018-07-06 14:28:20 -05:00
Jacob Robles fe1b17684a
Add Targets and Session file inclusion 2018-07-06 12:17:26 -05:00
ReverseBrain 43d71cdc09 Initial Claymore Dual Miner RCE doc commit 2018-07-06 02:50:16 +02:00
Brent Cook b4b7bf03da
Land #10171, Implement desktop shell and screensaver post modules 2018-07-05 17:33:06 -05:00
Brent Cook a18e4a7d5c
Land #10246, add documentation for APK injection 2018-07-05 17:26:56 -05:00
Shelby Pace 5d0652fab1
changed inconsistent capitalization 2018-07-05 15:56:41 -05:00
Shelby Pace 2b452d5681
added documentation and check 2018-07-05 15:47:21 -05:00
Brent Cook 05a0d79be7
Land #10219, Add HP VAN SDN Controller exploit 2018-07-05 14:21:44 -05:00
William Vu 830c17f07e Update outdated print in module doc 2018-07-05 14:18:33 -05:00
Jacob Robles 43096d9d78
Add phpMyAdmin v4.8.1/4.8.0 LFI RCE
Module and Doc
2018-07-05 13:33:35 -05:00
William Vu 53d5d82498 Rename module to match new vector 2018-07-05 13:31:16 -05:00
flandini b00f0e87e0 Add SonicWall XML-RPC Remote Code Execution exploit module 2018-07-05 12:06:13 -05:00
Mehmet İnce a272dcabd7 Fix typos and additional updates regarding to review 2018-07-05 13:33:40 +01:00
Mehmet İnce 4c1c2e9288 Adding Micro Focus Secure Messaging Gateway RCE 2018-07-04 17:47:13 +01:00
William Vu 12a0aaeaf1 Add module doc 2018-07-03 18:31:43 -05:00
Aloïs Thévenot e1a9aae109 Add Wordress Arbitrary File Deletion module 2018-07-03 12:21:38 +02:00
Tim W 7fe41f5e4e fix #10187, add documentation for APK injection 2018-07-03 15:20:18 +08:00
Shelby Pace 8f8d015741
changed some wording 2018-07-02 09:57:28 -05:00
Shelby Pace 54fce378fa
added target versions to documentation 2018-07-02 09:20:17 -05:00
Green-m 7a966e7b9d Change unauthorized to unauthenticated 2018-07-01 22:43:54 -04:00
Ishaq Mohammed 32db22804e
Docs Update
Docs Update
2018-06-30 12:45:43 +05:30
Ishaq Mohammed 128438f444
Merge pull request #2 from touhidshaikh/monstra_fileupload_exec
Monstra fileupload exec
2018-06-30 12:03:14 +05:30
Touhid M Shaikh d0abe843c4
monstra_fileupload_exec doc
monstra_fileupload_exec Doc
2018-06-30 11:52:43 +05:30
Shelby Pace 3b5555542c
add exploit module and documentation 2018-06-29 15:17:12 -05:00
Jacob Robles fc3199259b
Land #9958, Nagios xi 2 electric 2018-06-29 12:16:18 -05:00
Jacob Robles 675a736ab7
Update Docs 2018-06-29 11:08:31 -05:00
Brendan Coles c508a5f7f3
Land #10213, Add FTPShell client 6.70 Stack Buffer Overflow exploit 2018-06-29 14:40:51 +00:00
William Vu cb0564913e
Land #9933, auxiliary/scanner/db2/discovery docs 2018-06-27 16:00:39 -05:00
Adam Cammack ce7d4cd280
Land #10109, Teradata login scanner and SQL runner 2018-06-27 15:35:57 -05:00
Adam Cammack fe8538a4a7
Add note about Teradata configuration for OS X 2018-06-27 15:33:50 -05:00
Daniel Teixeira 857dc39cd0
FTPShell client 6.70 (Enterprise edition) 2018-06-27 16:36:04 +01:00
Shelby Pace c5e7184fdb
Land #10199, Kace Systems Management Command Injection 2018-06-26 10:11:10 -05:00
Shelby Pace 510c2d04ef
add auxiliary module and documentation - SickRage 2018-06-22 11:18:02 -05:00
Brendan Coles b8f0ca2cd7 Add documentation 2018-06-22 13:53:35 +00:00
Eliott Teissonniere 74ed2a581a Document post/multi/screensaver 2018-06-22 09:51:55 +00:00
Eliott Teissonniere 7a4b00372e Document post/multi/manage/open 2018-06-22 09:51:33 +00:00
Brent Cook eaf043d30b
Land #10156, WebKit, as used in WebKitGTK+ Crash - CVE-2018-11646 2018-06-21 16:28:37 -05:00
Wei Chen a91ad8c09c
Land #10193, Updated Documentation for httpdasm module 2018-06-21 13:04:45 -05:00
Shelby Pace 2277b13869
updated documentation 2018-06-20 16:30:19 -05:00
Wei Chen 72432c200a
Land #10183, Add auxiliary mod to exploit httpdasm dir traversal vuln 2018-06-19 14:56:36 -05:00
Shelby Pace b78bb78f95
added auxiliary module and documentation 2018-06-18 10:25:33 -05:00
Jacob Robles cb50d0fade
Land #9825, Add 'phpMyAdmin Authenticated Remote Code Execution' 2018-06-18 08:51:53 -05:00
Jacob Robles 2e2ded22fc
Use Gem::Version
Simplify version comparisons
2018-06-18 08:35:47 -05:00
Jacob Robles 122ea2ddcb
Update module, Add docs
Changed the module to an exploit module and
added documentation.
2018-06-18 07:33:05 -05:00
James Barnett 2ded48a510 Merge branch 'master' into remote_creds_data 2018-06-15 10:26:10 -05:00
William Vu b733b79533
Land #10021, post/multi/recon/sudo_commands module 2018-06-14 16:33:50 -05:00
Brendan Coles aef74bf477 Add documentation 2018-06-14 13:21:34 +00:00
bwatters-r7 1cd76eb833
Land #10148, Add New Module - Badpdf
Merge branch 'land-10148' into upstream-master
2018-06-12 17:19:32 -05:00
bwatters-r7 29f4870fa0
Land #10101, Add glibc 'realpath()' Privilege Escalation exploit 2018-06-12 16:41:07 -05:00
William Vu c3c6bc19da
Land #10059, CVE-2018-1111 exploit 2018-06-12 15:02:06 -05:00
William Vu 4dd744495d Add basic module doc 2018-06-12 15:01:40 -05:00
Dhiraj Mishra 62a13430f7
Minor changes in documentation 2018-06-11 13:21:13 +05:30
Dhiraj Mishra be5bc3d2f8
Added documentation 2018-06-09 16:32:20 +05:30
rmdavy 992d2130aa
Updated Documentation 2018-06-07 21:05:56 +01:00
rmdavy 3036b62890
Update badpdf.md 2018-06-07 19:07:29 +01:00
rmdavy 85a32fcd32
BadPDF Documentation 2018-06-07 16:39:50 +01:00
Aaron Soto f53d2a14df
Land #10067, Added `auxiliary/fileformat/odt_badodt` 2018-06-06 11:27:23 -05:00
Aaron Soto 20e773498f
Moved to `auxiliary/fileformat/odt_badodt` and updated docs 2018-06-06 11:27:07 -05:00
Aaron Soto 2ec6d11663
Expanded documentation to discuss `auxiliary/server/capture/smb` 2018-06-06 11:19:04 -05:00
Aaron Soto 61074d1220
Land #10115, Added module `auxiliary/fileformat/multidrop` 2018-06-05 16:30:30 -05:00
Jacob Robles 3b2889cd77
Land #10106, Add the scanner/smb/impacket/wmiexec module 2018-06-05 08:33:34 -05:00
rmdavy b256a99128
Updated 2018-06-04 23:02:27 +01:00
rmdavy 0719ca28c4
Minor Updates
Minor Updates as per recommendations by Aaron Soto.
2018-06-04 19:23:25 +01:00
Brendan Coles 2c0c99e980 Add documentation 2018-06-03 05:41:53 +00:00
Brent Cook 61a98b94b6
Land #9528, WebKit apple safari trident exploit (CVE-2016-4657) 2018-06-02 21:52:52 -05:00
Brent Cook 742e7898f4 add documentation 2018-06-02 21:51:24 -05:00
Aaron Soto f424a7f50e
Moved/deleted documentation, as appropriate 2018-06-01 14:22:55 -05:00
rmdavy abe04edd10
Updated Multidrop Info 2018-06-01 11:12:22 +01:00
rmdavy 1a37289495
Updated Multidrop
Updated with changes suggested by bcoles
2018-06-01 11:09:55 +01:00
Nicholas Starke 53d9dc75d8 Adding npm component "marked" ReDoS module
This commit adds a module for the npm component
"marked" which exploits a Regular Expression
Denial of Service (ReDoS) vulnerability in the
"heading" regular expression.  Also included
is the documentation markdown for this module.
2018-05-31 13:33:09 -05:00
James Barnett a8f19df4e6
Pass params through query string on creds GET
Also updated API docs to use correct params
2018-05-30 16:23:37 -05:00
bwatters-r7 1e57aa5a57
Land #9777, Slui File Handler Hijack LPE 2018-05-30 15:22:12 -05:00
rmdavy f7457c848e
Multidrop Documentation
Documentation to accompany multidrop module
2018-05-30 18:12:49 +01:00
Matthew Kienow d78b743ade
Land #10054, add MSF5 REST API documentation 2018-05-29 17:58:55 -04:00
Aaron Soto c8b2fc8a35
Land #9701, Flexense HTTP Server DoS exploit 2018-05-29 16:19:59 -05:00
James Barnett 44812852e2 Merge branch 'local_api_docs' of github.com:jbarnett-r7/metasploit-framework into local_api_docs 2018-05-29 12:33:30 -05:00
James Barnett f8317d3ae2
Address code review comments
- Don't document unsupported session POST
- Hide unimplemented loot/id and session/id GET methods
- Fix URL for msf doc
- Add missing workspace parament to vuln-attempts
- Remove unneccessary code for hosting the doc UI
2018-05-29 12:24:53 -05:00
actuated b0d8e93e79 Added Teradata ODBC Login and SQL modules and documentation 2018-05-29 10:12:43 -05:00
Spencer McIntyre 28d15a113f Add the secretsdump impacket module and docs 2018-05-27 17:09:59 -04:00
Spencer McIntyre 9fab2316c5 Add the wmiexec impacket module and documentation 2018-05-27 16:24:56 -04:00
Brendan Coles 83fceba92f Add documentation 2018-05-26 21:51:45 +00:00
Ege Balcı e52b065b26
Manual rewritten for flexense_http_server_dos 2018-05-25 20:18:54 +03:00
jbarnett-r7 59e084aa46
Remote local version of remote data service help 2018-05-24 11:07:37 -05:00
rmdavy 050b52cf91
badodt documentation
Documentation of how to use badodt
2018-05-24 11:49:33 +01:00
James Barnett 8acc6daf9b
Add doc for running the remote data service 2018-05-23 11:54:57 -05:00
James Barnett b83ee106f7 Merge branch 'master' into local_api_docs 2018-05-23 10:06:12 -05:00
James Barnett 7d7f405234
Describe ALL the attributes! 2018-05-22 14:57:21 -05:00
bwatters-r7 40d5f46277
Lad #10017, D-Link DSL-2750B Unauthenticated OS Command Injection
Merge branch 'land-10017' into upstream-master
2018-05-22 10:54:33 -05:00
James Barnett e4038af79e Merge branch 'master' into local_api_docs 2018-05-21 13:44:34 -05:00
Tim W 88ab836e15
Land #9987, AF_PACKET chocobo_root exploit 2018-05-21 17:05:53 +08:00
lucyoa 6ae55aadd4
Fixing documentation, improving exploits code 2018-05-20 12:55:46 -04:00
bwatters-r7 294b263159
Land #9966, Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit
Merge branch 'land-9966' into upstream-master
2018-05-18 17:06:04 -05:00
Brendan Coles 6858a1caf9
Add compilation instructions to documentation 2018-05-18 22:10:47 +10:00
James Barnett 132313ef34
Minor updates across all API docs. 2018-05-17 16:56:22 -05:00
James Barnett 94b32a3888
Workspace API Doc second pass 2018-05-17 11:22:43 -05:00
Tim W 91d0b0be12 fix documentation for android/gather/wireless_ap 2018-05-17 21:17:00 +08:00
Tim W a3879f0109
Land #9956, add module to extract wireless credentials on Android 2018-05-17 21:04:56 +08:00
Tim W 75ab69b4c4 minor documentation update 2018-05-17 21:03:12 +08:00
Tim W 6594cbb5cc
Land #9947, AF_PACKET packet_set_ring exploit 2018-05-17 18:43:52 +08:00
Auxilus 5bd6193ea7
Update wireless_ap.md 2018-05-17 13:04:50 +05:30
Auxilus a28e277384
Update wireless_ap.md 2018-05-17 12:51:26 +05:30
Auxilus 1c2bc5a09b
Update wireless_ap.md 2018-05-17 12:50:54 +05:30
James Barnett e1f46b07f8
VulnAttempt API Doc second pass 2018-05-16 16:57:55 -05:00
James Barnett 43f410ccd3
Fix format of REFS_EXAMPLE 2018-05-16 15:37:33 -05:00
James Barnett 5e39314a72
Vuln API Doc second pass. 2018-05-16 15:26:44 -05:00
James Barnett 84a8f2100b Merge branch 'master' into local_api_docs 2018-05-16 13:27:28 -05:00
James Barnett edc06f6361
Second pass on SessionEvent API doc 2018-05-16 11:56:11 -05:00
Jacob Robles 999b895735
Land #9816, Add the scanner/smb/impacket/dcomexec module 2018-05-16 07:15:32 -05:00
William Vu 436e414b93
Land #7815, CVE-2016-9299 exploit 2018-05-16 05:29:41 -05:00
James Barnett fc079138fd
Service API doc second pass 2018-05-15 14:34:15 -05:00
Green-m c5bdd2ca9d Add doc for this module 2018-05-15 03:47:09 -04:00
lucyoa 8dd7a27f7b
Fixes according to code review 2018-05-14 05:46:23 -04:00
lucyoa 382364a3ff
Adding documentation, improving description 2018-05-13 15:04:40 -04:00
Tim W ed5f2bffa9
Land #9919, add libuser roothelper privilege escalation exploit 2018-05-12 17:11:21 +08:00
Auxilus 64fcddb1aa
fix docs 2018-05-12 09:55:36 +05:30
Jacob Robles 9811de430c
Land #9878, Add MSF module for EDB 6768, Mantis <= v1.1.3 Post-auth RCE 2018-05-09 11:55:22 -05:00
James Barnett d1701c37d6
Second pass on note API doc 2018-05-08 16:15:40 -05:00
James Barnett bba77596c0
Second pass on loot API doc 2018-05-08 15:41:17 -05:00
James Barnett 07eb79e183
Second pass on creds, hosts, events, db_export, and exploits 2018-05-08 12:38:04 -05:00
William Vu 0240c3f010
Land #9980, PAN-OS readSessionVarsFromFile exploit 2018-05-07 14:55:00 -05:00
Jacob Robles a18459a14c
Fix indentation, documentation update 2018-05-07 09:22:21 -05:00
Touhid M Shaikh 4c5c8c956c
added doc
added doc
2018-05-07 18:50:53 +05:30
Jacob Robles 222b1fb27c
Land #9944, playsms_filename_exec.rb 2018-05-07 07:43:16 -05:00
Jacob Robles 4b8ceab522
Fix indentation, update documentation 2018-05-07 07:22:53 -05:00
Brendan Coles 2331a610d6 Update documentation 2018-05-07 07:15:17 +00:00
Brendan Coles 4574de76e7 Add documentation 2018-05-07 07:11:42 +00:00
HD Moore 369c74aa19 Doc typo 2018-05-06 22:32:26 -05:00
HD Moore dece3e3386 Doc update 2018-05-06 22:25:55 -05:00
HD Moore 1997a57627 Count gooder 2018-05-06 22:21:40 -05:00
Green-m 96a354ffc4 Merge branch 'couchdb_cmd_exec' of https://github.com/Green-m/metasploit-framework 2018-05-06 23:07:14 -04:00
HD Moore 8141e949fc Note the runtimes 2018-05-05 18:34:11 -05:00
HD Moore a1092fcfd7 Add documentation 2018-05-05 15:48:44 -05:00
Brendan Coles 3aa7441e10 Update tested versions 2018-05-05 09:11:31 +00:00
James Barnett 9228f4fb6b
Second pass on Event API doc 2018-05-04 17:08:33 -05:00
Touhid M Shaikh 14b18ccafb
updated
remove options sections
2018-05-04 20:42:23 +05:30
William Vu 728d7bc065 Fix #9876, second round of Drupalgeddon 2 updates
Thanks to a reviewer for noticing my drupal_unpatched? method was
tri-state because of an unrefactored return. Oops! :)
2018-05-03 17:38:32 -05:00
James Barnett a5b9cc8cb8
Add Msf endpoint API doc 2018-05-03 17:16:04 -05:00
James Barnett 40c978e040
First pass at Vuln Attempt API doc 2018-05-03 16:59:30 -05:00
bwatters-r7 ce5be387c4
Land #8795, Added CVE-2016-0040 Windows Privilege Escalation
Merge branch 'land-8795' into upstream-master
2018-05-03 16:33:53 -05:00
James Barnett 728850c61a
First pass at Session Event API doc 2018-05-03 16:00:56 -05:00
James Barnett a11c7220b6
First pass at Event API doc 2018-05-03 14:20:23 -05:00
bwatters-r7 f0f6f9610a
Update Docs per h00die 2018-05-03 08:42:28 -05:00
Brendan Coles d3e46ca33c Add documentation 2018-05-03 13:00:01 +00:00
James Barnett 249db505c8
First pass at Credential API doc
Also get the workspace from the query string for credentials
2018-05-02 16:47:39 -05:00
James Barnett 6bc4e2d622
First pass for Nmap api doc 2018-05-02 15:44:07 -05:00
James Barnett e3c913e104
First pass for Exploit API doc
Also fixed a few formatting issues in other docs
2018-05-02 14:47:17 -05:00
James Barnett 5e9bbb4bef Merge branch 'master' into local_api_docs 2018-05-02 11:48:13 -05:00
James Barnett e1827bb2c3
DbExport API doc first pass 2018-05-02 11:40:56 -05:00
Auxilus 2619b457f8
Add docs 2018-05-02 21:54:46 +05:30
James Barnett fd8d30812e
Add swagger-ui to view formatted API docs 2018-05-02 10:27:56 -05:00
Guilherme Leite 0e6e4bcdd3
adding more information on the target
- Added information on the server and Database versions
- Example on product id output
2018-05-02 10:36:46 -03:00
Auxilus 6440951b73
Add doc for wireless_ap module 2018-05-02 18:04:34 +05:30
Jacob Robles d6cf32fad8
Land #9821, osCommerce 2.3.4.1 - Remote Code Execution 2018-05-02 07:29:15 -05:00
BennyHusted 89d6ded805 Removing the Nagios enum module, adding description 2018-05-01 11:35:45 -04:00
BennyHusted 4c8ad3ca9c Removing old exploit/docs 2018-04-30 22:26:37 -04:00
BennyHusted ad8bf6d8e3 Renamed exploit to electric boogaloo 2018-04-30 22:20:35 -04:00
James Barnett 63ad7dbad4
Tag various URLs so they are grouped 2018-04-30 16:40:07 -05:00
James Barnett d5838e6411
First pass at sessions api doc 2018-04-30 16:17:27 -05:00
James Barnett d89f403368
First pass for vuln api doc 2018-04-30 13:41:31 -05:00
Touhid M Shaikh d01a664a3f
playsms_filename_exec.md
doc update
2018-04-28 19:41:32 +05:30
Brendan Coles 0b9a182746 Add documentation 2018-04-28 01:51:28 +00:00
Aaron Soto c4bca03fea
Land #9908, msfd_rce_remote and msfd_rce_browser 2018-04-27 18:54:17 -05:00
Aaron Soto 82fc4aba64
Land #9918, XDebug Unauthenticated OS command execution 2018-04-27 17:08:58 -05:00
caleBot c343cb944e Merge branch 'master' of https://github.com/BennyHusted/metasploit-framework 2018-04-27 10:36:32 -06:00
caleBot 7dbdb42154 added enum_nagios_xi doc file 2018-04-27 10:35:07 -06:00
Guilherme Leite 3dd996efce
removing unecessary description 2018-04-27 10:47:34 -03:00
James Barnett 5d32a3264d
Workspace API Doc first pass. 2018-04-26 17:55:39 -05:00
James Barnett 5d43e0527f
Notes API doc first pass 2018-04-26 17:42:03 -05:00
BennyHusted 1806c247f1 Fixing tabbed spaces, version number in documentation 2018-04-26 18:15:39 -04:00
root b547e6282e Adding print statement to run the corresponding post module 2018-04-26 17:55:31 -04:00
root 37a32c2726 Adding module for Nagios XI remote root exploit.
See http://blog.redactedsec.net/exploits/2018/04/26/nagios.html for
more information.
2018-04-26 17:42:10 -04:00
James Barnett 49baa2ce41
Initial pass for Services api doc 2018-04-26 14:38:16 -05:00
Brent Cook 0fa0358993
Land #9853, Update Linux sock_sendpage local exploit module 2018-04-26 14:30:51 -05:00
James Barnett f46a3325fc
Add loot api docs 2018-04-26 11:24:05 -05:00
James Barnett f5c35843a8
Move swagger docs to separate files 2018-04-26 11:08:11 -05:00
Guilherme Cesar Leite a8662469fe Documentation on modules/auxiliary/scanner/db2/discovery
x
2018-04-26 03:10:45 -03:00
Brent Cook f52e6a18a2
Land #9876, Drupalgeddon 2 2018-04-25 15:49:53 -05:00
William Vu 644889a324 Add TurnKey Linux ISOs to module doc setup section 2018-04-25 14:32:26 -05:00
William Vu 675ed78948 Update module doc with patch level detection 2018-04-24 23:30:05 -05:00
William Vu 8bc1417c8c Use PHP_FUNC as a fallback in case assert() fails
Additionally drop a file in a writable directory in case CWD fails.
2018-04-24 22:29:27 -05:00
William Vu e03ebf9446 Don't make a header out of tested version
Reads a little better now.
2018-04-24 21:06:38 -05:00
William Vu 89c95cae08 Remove block quote and add version to sample run
The block quote was ripped directly from the module description. It
isn't necessary in the dedicated documentation. Reads better now.
2018-04-24 21:02:30 -05:00
William Vu cd4861610f Explain available targets in documentation
Oops.
2018-04-24 04:31:30 -05:00
William Vu b507391f1b Change back to vprint_status for the nth time
I really couldn't decide, especially once I got rid of CmdStager.

Also fully document the module options.
2018-04-24 04:23:52 -05:00
William Vu 2abfee83de Add module doc to appease the @h00die god 2018-04-24 04:03:35 -05:00
Brendan Coles ef5272cdc6 Update tested versions 2018-04-23 20:28:24 +00:00
Brendan Coles 767b4a7e05 Add documentation 2018-04-23 18:14:02 +00:00
Wei Chen f9a804e7d8
Bring the PR up to date 2018-04-23 08:52:05 -05:00
bwatters-r7 fb6fe3eede
Moved documentation to correct location 2018-04-23 07:31:25 -05:00
h00die e197cb5759 add arch check 2018-04-22 08:30:32 -04:00
bwatters-r7 1c92134606
Land #9756, Add lastore-daemon D-Bus Privilege Escalation exploit
Merge branch 'land-9756' into upstream-master
2018-04-20 15:45:37 -05:00
bwatters-r7 eadbcdd679
Added warning abotu the pipup and ding when running the exploit. 2018-04-20 15:44:23 -05:00
bwatters-r7 f12f6d54a5
Land #9862, Post-exploitation module for meterpreter (Windows) to send wireless probe requests
Merge branch 'land-9862' into upstream-master
2018-04-20 14:32:01 -05:00
bwatters-r7 99b7d690d7
Added documentation for module 2018-04-20 14:30:30 -05:00
bwatters-r7 37a844bef0
Land # 9247, Add ASUS infosvr Auth Bypass Command Execution exploit
Merge branch 'land-9247' into upstream-master
2018-04-20 11:24:47 -05:00
Tim W 1547a47026
Land #9784, add osx high sierra APFS password disclosure post module 2018-04-18 14:27:22 +08:00
Tim W 72cd97d3e4 minor documentation and comment tweaks 2018-04-18 14:22:32 +08:00
h00die 2914ebf631 lpe ufo 2018-04-17 20:39:59 -04:00
Lars Sorenson 27ded57cda Add MSF module for EDB 6768 2018-04-14 08:51:51 -04:00
Brendan Coles 760eac005f
Minor update to documentation 2018-04-12 16:48:33 +10:00
h00die c72ca7544b dont let this run on meterpreter 2018-04-11 21:05:15 -04:00
Adam Cammack 2a6acfd1d0
Land #9823, Private IP leak via WebRTC 2018-04-11 17:37:56 -05:00
Adam Cammack 7e4caa16ff
Add more example output to module doc 2018-04-11 17:29:18 -05:00
Dhiraj Mishra 8b6bfcb2f0
Added documentation 2018-04-11 11:28:50 +05:30
Brendan Coles 608e53ea89 Add documentation 2018-04-10 14:18:22 +00:00
Green-m d9dc2ec2f7 Merge branch 'master' into couchdb_cmd_exec 2018-04-08 23:35:04 -04:00
h00die a473dd04a8
Land #9813, Add etcd library and version scanner 2018-04-08 07:05:31 -04:00
gushmazuko 6b1abba6c8
Added sluihijack module documentation 2018-04-08 12:03:11 +02:00
Daniel Teixeira 09bbbf82ba
Update oscommerce_installer_unauth_code_exec.md 2018-04-06 13:05:14 +01:00
Daniel Teixeira f50b42ec52
Rename osCommerce.md to oscommerce_installer_unauth_code_exec.md 2018-04-06 11:32:38 +01:00
Daniel Teixeira cb0e516ecd
Update osCommerce.md 2018-04-06 11:32:20 +01:00
Daniel Teixeira bcef50b062
osCommerce Documentation 2018-04-05 20:26:44 +01:00
Brent Cook 81c78a51c2
Land #9794, Added support for regional dialects 2018-04-05 12:56:07 -05:00
Spencer McIntyre 0a3bcf570c Add the scanner/smb/impacket/dcomexec module 2018-04-04 17:34:41 -04:00
Jon Hart b9dbf1a6f3
Fix formatting error in etcd open_key_scanner 2018-04-04 10:59:38 -07:00
Jon Hart c96bdf4ea1
Add etcd version scanner docs 2018-04-04 10:58:55 -07:00
Chris Higgins 1fa40bfe3b
Land #8539, ProcessMaker Plugin Upload exploit 2018-04-03 20:52:17 -05:00
bwatters-r7 e17be05e6a
Land #9595, Add post module RID Hijacking on Windows 2018-04-03 14:12:34 -05:00
Brent Cook 1424019411 update docs 2018-04-03 13:52:02 -05:00
Brent Cook 8f7d9f3ac8 rename module 2018-04-03 13:44:55 -05:00
Brent Cook bd80e9d0c5 documentation 2018-04-03 13:39:11 -05:00
Brent Cook 8c2138f13b
Land #9742, QNX exploit improvements 2018-04-03 07:50:29 -05:00
Brent Cook 226ef160ff
Land #9748, Convert the smbloris DoS into an external module
Help reliability and performance. This some Ruby-specific external module
tooling as a result as well.
2018-04-02 23:25:10 -05:00
Carter Brainerd (thecarterb) cdcbd03b3c
Create apfs_encrypted_volume_passwd.md 2018-04-02 20:48:54 -04:00
Jacob Robles 288082e68d
Update documentation for get_user_spns.py 2018-04-02 12:15:13 -05:00
Brent Cook fa34f3e0a4
Land #9718, Add get_user_spns 'kerberoasting' module 2018-04-02 10:04:44 -05:00
Green-m 6a45e0299b Add document of exploit module apache_couchdb_cmd_exec 2018-03-29 02:40:51 -04:00
Jon Hart a1e83ce835
Land #9760, @h00die's etcd scanner 2018-03-28 10:41:22 -07:00
Jon Hart e01679d374
Use common path in etcd docs 2018-03-28 09:55:05 -07:00
Jon Hart e7f9d789eb
Add docker docs for etcd 2018-03-28 09:43:12 -07:00
Jacob Robles a1fff486bc
Land #9666, Add 2017-8917 RCE for Joomla 3.7.0 2018-03-28 11:08:38 -05:00
Jacob Robles 0fa63ae7b3
Update documentation and module
Included Super User in the documentation.
Implemented changes h00die suggested.
Modified sqli to generate strings used in regex.
2018-03-28 10:57:28 -05:00
h00die c97743925f jhart suggestions 2018-03-27 18:46:31 -04:00
Wei Chen 94fd599756
Land #9684, Adding ManageEngine Application Manager RCE
Land #9684
2018-03-27 15:17:20 -05:00
Wei Chen fb0d87163c Update documentation for manageengine_appmanager_exec 2018-03-27 15:16:39 -05:00
Wei Chen 0a0bef0c4f
Land #9633, Exodus Wallet Remote Code Execution
Land #9633
2018-03-27 14:51:15 -05:00
William Vu a8914f2f9f
Land #9775, module doc improvements to MS17-010 2018-03-27 14:38:20 -05:00
William Vu 7e4e6e6437 Update ms17_010_{psexec,command} module docs 2018-03-27 14:32:21 -05:00
Wei Chen 8c88c53e5d
Land #9670, Gitstack v2.3.10 RCE
Land #9670
2018-03-27 13:00:47 -05:00
Wei Chen df49345f5d Update gitstack_rce.md 2018-03-27 12:59:49 -05:00
h00die e462cb49a2 updated docs 2018-03-25 14:53:30 -04:00
h00die 1371684df7 add linux mint to docs 2018-03-25 07:58:51 -04:00
h00die 80c4d59560
Land #9702 exploit for clipbucket 2018-03-24 19:59:17 -04:00
h00die 0028e2c5ba documentation update 2018-03-24 19:25:59 -04:00
Brendan Coles d5961f277e Add documentation 2018-03-24 23:16:51 +00:00
h00die e8d910ac08 spelling 2018-03-23 21:40:46 -04:00
h00die 200f8ae849 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into cve201716995 2018-03-23 21:17:07 -04:00
h00die 6b0691a91a cve-2017-16995 2018-03-23 21:09:56 -04:00
Brendan Coles fdd2af2d2a Update tested versions 2018-03-24 00:23:12 +00:00
Brendan Coles 0116628208 Update tested versions 2018-03-24 00:19:30 +00:00
Adam Cammack 5ece14b064
Convert SMBLoris to an external module 2018-03-23 14:55:18 -05:00
Brendan Coles 05c5d116c5 Add documentation 2018-03-22 20:23:32 +00:00
Daniel Teixeira d192173792
Vulnerable application link update 2018-03-22 11:57:54 +00:00
Brendan Coles 6885f16e38 Add documentation 2018-03-22 06:27:13 +00:00
Jacob Robles 8d12118d1f
Add get_user_spns external module and documentation 2018-03-21 06:26:15 -05:00
Brendan Coles ac9f506b45 Update tested versions 2018-03-20 02:49:56 +00:00
Mehmet İnce 53eabfc1df Update documentation and add check before exploit 2018-03-19 23:27:18 +03:00
Touhid M Shaikh 0817e6b15f
Delete playsms_uploadcsv_exec.md 2018-03-18 13:57:04 +05:30