e3da0a6828
Merge branch 'master' into remote_creds_data
2018-07-23 16:39:13 -05:00
e1100572ac
add afp docs
2018-07-22 20:56:52 -04:00
83ae5cb14d
fix backup_file.rb and add a few docs
2018-07-22 20:50:22 -04:00
03e8f45634
add more version info for docs
2018-07-21 21:39:19 -04:00
2a969d70db
dicoogle
2018-07-21 21:31:45 -04:00
f1e1407901
add musl-cross info
2018-07-21 14:22:27 -04:00
17b94f7cf3
add smap disabling instructions
2018-07-21 14:20:24 -04:00
85c2e5298f
patch up docs
2018-07-21 14:06:57 -04:00
4a9e6fac66
patch up docs
2018-07-21 14:00:29 -04:00
abfed97e03
remove EOL spaces
2018-07-21 11:21:11 -04:00
357f221b93
update doc
2018-07-21 11:09:16 -04:00
8b324c19d8
update couchdb scanner
2018-07-21 11:02:50 -04:00
65d42380d3
Merge branch 'master' into remote_creds_data
2018-07-19 16:25:06 -05:00
04a6cf8f0a
pull latest changes and re-register module servlet in new sinatra base
2018-07-19 14:42:39 -05:00
ce7eb9f3fe
add list of valid fields to documenation and update aliases
2018-07-19 14:31:46 -05:00
462655dea1
update response example documentation
2018-07-19 14:10:04 -05:00
4c71268b38
add documentation for aliases
2018-07-19 13:38:18 -05:00
e3716305dc
add new fields to swagger doc
2018-07-19 13:31:41 -05:00
19239c72c0
Update cmsms_upload_rename_rce check and docs
2018-07-19 18:26:42 +00:00
28e3f3a5f0
Land #10327 , Add CMS Made Simple Upload/Rename Authenticated RCE
2018-07-19 12:18:12 -05:00
59962c5273
Merge branch 'master' into conform_to_api_standards
2018-07-19 09:26:17 -05:00
8010c58220
add module documentation to swagger (WIP)
2018-07-18 17:36:31 -05:00
4d2e0e51e4
Update docs for /endpoit/ID GET requests
2018-07-18 16:01:12 -05:00
70a1df70a1
Land #9753 , Linux BPF sign extension local privesc
2018-07-18 18:44:14 +08:00
1e004769ca
CMS Made Simple Upload/Rename Authenticated RCE
2018-07-17 09:00:39 -05:00
01e6362828
Fix documentation wording
2018-07-17 13:01:49 +02:00
6bf184dbcf
Update tested versions
2018-07-17 06:24:16 +00:00
9a7c34e6e9
Land #10064 , Claymore Dual Miner API RCE
2018-07-16 18:02:20 -05:00
bfd521f2cb
Small note about network not available
2018-07-16 11:56:55 +02:00
aa58634b24
Document rc.local
2018-07-16 09:34:20 +02:00
6e450973b9
Land #10295 , Add QNAP Q'Center change_passwd Command Execution exploit
2018-07-14 10:09:46 -05:00
9bdec97b2e
Fix bpf_sign_extension_priv_esc
2018-07-13 23:01:17 +00:00
b40a146723
Land #10297 , Add priv escalation mod for CVE-2018-8897
2018-07-13 10:54:25 -05:00
d7a0d7ecf3
Add some documentation for mov_ss.md
2018-07-13 01:17:28 -05:00
1ad571f136
Fix password typo
2018-07-13 16:02:15 +10:00
392cf3bbe1
Are hosts?
2018-07-13 15:00:31 +10:00
a020d48caf
Move module documentation to documentation directory
2018-07-13 04:46:25 +00:00
358347358f
Add documentation
2018-07-13 04:18:56 +00:00
ed163c11a0
Land #10296 , a few aux module docs
2018-07-12 22:20:25 -05:00
c9001699cd
Land #10027 , Hadoop unauthed command execution
2018-07-12 21:58:49 -05:00
50252c75d6
Clean up module
...
With a little rubocop -a.
2018-07-12 21:58:00 -05:00
6751d48564
A few aux module docs
2018-07-12 17:50:47 -04:00
acb20e5a29
Land #9780 , CouchDB auth bypass and RCE
2018-07-12 03:36:17 -05:00
a08420e0d0
Land #10286 , Docker server version scanner
2018-07-12 03:08:41 -05:00
e62dbecbef
Add module doc
2018-07-12 03:06:16 -05:00
1ded8ffb29
Land #10260 , Add phpMyAdmin v4.8.1/4.8.0 LFI RCE
2018-07-11 11:10:52 -05:00
c26fcc0af1
Merge branch 'master' into remote_creds_data
2018-07-11 10:27:49 -05:00
b119622408
GET with ID is NYI for credentials
2018-07-10 17:30:44 -05:00
0270b0269b
Update Credential API documentation
2018-07-10 17:29:25 -05:00
10cd6c99d9
Land #10231 , Monstra Fileupload Exec
2018-07-10 14:23:15 -05:00
e7ddb6fdf5
Add API docs for logins endpoints
2018-07-10 14:21:19 -05:00
476a3a276f
modified capitalization and wording
2018-07-10 14:12:02 -05:00
1af360d7e0
Land #10108 , add IBM QRadar SIEM exploit
2018-07-10 11:52:32 -05:00
625050767e
add module docs
2018-07-10 11:51:57 -05:00
bbc16e1873
Merge branch 'master' into remote_creds_data
2018-07-09 09:49:14 -05:00
1c448de882
Land #10107 , Add the scanner/smb/impacket/secretsdump module
2018-07-06 14:59:33 -05:00
b5fb970aec
Land #10133 , Add HID discoveryd RCE exploit
2018-07-06 14:32:29 -05:00
545e91af00
Land #10262 , Add GitList argument injection exploit module
2018-07-06 14:28:20 -05:00
fe1b17684a
Add Targets and Session file inclusion
2018-07-06 12:17:26 -05:00
43d71cdc09
Initial Claymore Dual Miner RCE doc commit
2018-07-06 02:50:16 +02:00
b4b7bf03da
Land #10171 , Implement desktop shell and screensaver post modules
2018-07-05 17:33:06 -05:00
a18e4a7d5c
Land #10246 , add documentation for APK injection
2018-07-05 17:26:56 -05:00
5d0652fab1
changed inconsistent capitalization
2018-07-05 15:56:41 -05:00
2b452d5681
added documentation and check
2018-07-05 15:47:21 -05:00
05a0d79be7
Land #10219 , Add HP VAN SDN Controller exploit
2018-07-05 14:21:44 -05:00
830c17f07e
Update outdated print in module doc
2018-07-05 14:18:33 -05:00
43096d9d78
Add phpMyAdmin v4.8.1/4.8.0 LFI RCE
...
Module and Doc
2018-07-05 13:33:35 -05:00
53d5d82498
Rename module to match new vector
2018-07-05 13:31:16 -05:00
b00f0e87e0
Add SonicWall XML-RPC Remote Code Execution exploit module
2018-07-05 12:06:13 -05:00
a272dcabd7
Fix typos and additional updates regarding to review
2018-07-05 13:33:40 +01:00
4c1c2e9288
Adding Micro Focus Secure Messaging Gateway RCE
2018-07-04 17:47:13 +01:00
12a0aaeaf1
Add module doc
2018-07-03 18:31:43 -05:00
e1a9aae109
Add Wordress Arbitrary File Deletion module
2018-07-03 12:21:38 +02:00
7fe41f5e4e
fix #10187 , add documentation for APK injection
2018-07-03 15:20:18 +08:00
8f8d015741
changed some wording
2018-07-02 09:57:28 -05:00
54fce378fa
added target versions to documentation
2018-07-02 09:20:17 -05:00
7a966e7b9d
Change unauthorized to unauthenticated
2018-07-01 22:43:54 -04:00
32db22804e
Docs Update
...
Docs Update
2018-06-30 12:45:43 +05:30
128438f444
Merge pull request #2 from touhidshaikh/monstra_fileupload_exec
...
Monstra fileupload exec
2018-06-30 12:03:14 +05:30
d0abe843c4
monstra_fileupload_exec doc
...
monstra_fileupload_exec Doc
2018-06-30 11:52:43 +05:30
3b5555542c
add exploit module and documentation
2018-06-29 15:17:12 -05:00
fc3199259b
Land #9958 , Nagios xi 2 electric
2018-06-29 12:16:18 -05:00
675a736ab7
Update Docs
2018-06-29 11:08:31 -05:00
c508a5f7f3
Land #10213 , Add FTPShell client 6.70 Stack Buffer Overflow exploit
2018-06-29 14:40:51 +00:00
cb0564913e
Land #9933 , auxiliary/scanner/db2/discovery docs
2018-06-27 16:00:39 -05:00
ce7d4cd280
Land #10109 , Teradata login scanner and SQL runner
2018-06-27 15:35:57 -05:00
fe8538a4a7
Add note about Teradata configuration for OS X
2018-06-27 15:33:50 -05:00
857dc39cd0
FTPShell client 6.70 (Enterprise edition)
2018-06-27 16:36:04 +01:00
c5e7184fdb
Land #10199 , Kace Systems Management Command Injection
2018-06-26 10:11:10 -05:00
510c2d04ef
add auxiliary module and documentation - SickRage
2018-06-22 11:18:02 -05:00
b8f0ca2cd7
Add documentation
2018-06-22 13:53:35 +00:00
74ed2a581a
Document post/multi/screensaver
2018-06-22 09:51:55 +00:00
7a4b00372e
Document post/multi/manage/open
2018-06-22 09:51:33 +00:00
eaf043d30b
Land #10156 , WebKit, as used in WebKitGTK+ Crash - CVE-2018-11646
2018-06-21 16:28:37 -05:00
a91ad8c09c
Land #10193 , Updated Documentation for httpdasm module
2018-06-21 13:04:45 -05:00
2277b13869
updated documentation
2018-06-20 16:30:19 -05:00
72432c200a
Land #10183 , Add auxiliary mod to exploit httpdasm dir traversal vuln
2018-06-19 14:56:36 -05:00
b78bb78f95
added auxiliary module and documentation
2018-06-18 10:25:33 -05:00
cb50d0fade
Land #9825 , Add 'phpMyAdmin Authenticated Remote Code Execution'
2018-06-18 08:51:53 -05:00
2e2ded22fc
Use Gem::Version
...
Simplify version comparisons
2018-06-18 08:35:47 -05:00
122ea2ddcb
Update module, Add docs
...
Changed the module to an exploit module and
added documentation.
2018-06-18 07:33:05 -05:00
2ded48a510
Merge branch 'master' into remote_creds_data
2018-06-15 10:26:10 -05:00
b733b79533
Land #10021 , post/multi/recon/sudo_commands module
2018-06-14 16:33:50 -05:00
aef74bf477
Add documentation
2018-06-14 13:21:34 +00:00
1cd76eb833
Land #10148 , Add New Module - Badpdf
...
Merge branch 'land-10148' into upstream-master
2018-06-12 17:19:32 -05:00
29f4870fa0
Land #10101 , Add glibc 'realpath()' Privilege Escalation exploit
2018-06-12 16:41:07 -05:00
c3c6bc19da
Land #10059 , CVE-2018-1111 exploit
2018-06-12 15:02:06 -05:00
4dd744495d
Add basic module doc
2018-06-12 15:01:40 -05:00
62a13430f7
Minor changes in documentation
2018-06-11 13:21:13 +05:30
be5bc3d2f8
Added documentation
2018-06-09 16:32:20 +05:30
992d2130aa
Updated Documentation
2018-06-07 21:05:56 +01:00
3036b62890
Update badpdf.md
2018-06-07 19:07:29 +01:00
85a32fcd32
BadPDF Documentation
2018-06-07 16:39:50 +01:00
f53d2a14df
Land #10067 , Added `auxiliary/fileformat/odt_badodt`
2018-06-06 11:27:23 -05:00
20e773498f
Moved to `auxiliary/fileformat/odt_badodt` and updated docs
2018-06-06 11:27:07 -05:00
2ec6d11663
Expanded documentation to discuss `auxiliary/server/capture/smb`
2018-06-06 11:19:04 -05:00
61074d1220
Land #10115 , Added module `auxiliary/fileformat/multidrop`
2018-06-05 16:30:30 -05:00
3b2889cd77
Land #10106 , Add the scanner/smb/impacket/wmiexec module
2018-06-05 08:33:34 -05:00
b256a99128
Updated
2018-06-04 23:02:27 +01:00
0719ca28c4
Minor Updates
...
Minor Updates as per recommendations by Aaron Soto.
2018-06-04 19:23:25 +01:00
2c0c99e980
Add documentation
2018-06-03 05:41:53 +00:00
61a98b94b6
Land #9528 , WebKit apple safari trident exploit (CVE-2016-4657)
2018-06-02 21:52:52 -05:00
742e7898f4
add documentation
2018-06-02 21:51:24 -05:00
f424a7f50e
Moved/deleted documentation, as appropriate
2018-06-01 14:22:55 -05:00
abe04edd10
Updated Multidrop Info
2018-06-01 11:12:22 +01:00
1a37289495
Updated Multidrop
...
Updated with changes suggested by bcoles
2018-06-01 11:09:55 +01:00
53d9dc75d8
Adding npm component "marked" ReDoS module
...
This commit adds a module for the npm component
"marked" which exploits a Regular Expression
Denial of Service (ReDoS) vulnerability in the
"heading" regular expression. Also included
is the documentation markdown for this module.
2018-05-31 13:33:09 -05:00
a8f19df4e6
Pass params through query string on creds GET
...
Also updated API docs to use correct params
2018-05-30 16:23:37 -05:00
1e57aa5a57
Land #9777 , Slui File Handler Hijack LPE
2018-05-30 15:22:12 -05:00
f7457c848e
Multidrop Documentation
...
Documentation to accompany multidrop module
2018-05-30 18:12:49 +01:00
d78b743ade
Land #10054 , add MSF5 REST API documentation
2018-05-29 17:58:55 -04:00
c8b2fc8a35
Land #9701 , Flexense HTTP Server DoS exploit
2018-05-29 16:19:59 -05:00
44812852e2
Merge branch 'local_api_docs' of github.com:jbarnett-r7/metasploit-framework into local_api_docs
2018-05-29 12:33:30 -05:00
f8317d3ae2
Address code review comments
...
- Don't document unsupported session POST
- Hide unimplemented loot/id and session/id GET methods
- Fix URL for msf doc
- Add missing workspace parament to vuln-attempts
- Remove unneccessary code for hosting the doc UI
2018-05-29 12:24:53 -05:00
b0d8e93e79
Added Teradata ODBC Login and SQL modules and documentation
2018-05-29 10:12:43 -05:00
28d15a113f
Add the secretsdump impacket module and docs
2018-05-27 17:09:59 -04:00
9fab2316c5
Add the wmiexec impacket module and documentation
2018-05-27 16:24:56 -04:00
83fceba92f
Add documentation
2018-05-26 21:51:45 +00:00
e52b065b26
Manual rewritten for flexense_http_server_dos
2018-05-25 20:18:54 +03:00
59e084aa46
Remote local version of remote data service help
2018-05-24 11:07:37 -05:00
050b52cf91
badodt documentation
...
Documentation of how to use badodt
2018-05-24 11:49:33 +01:00
8acc6daf9b
Add doc for running the remote data service
2018-05-23 11:54:57 -05:00
b83ee106f7
Merge branch 'master' into local_api_docs
2018-05-23 10:06:12 -05:00
7d7f405234
Describe ALL the attributes!
2018-05-22 14:57:21 -05:00
40d5f46277
Lad #10017 , D-Link DSL-2750B Unauthenticated OS Command Injection
...
Merge branch 'land-10017' into upstream-master
2018-05-22 10:54:33 -05:00
e4038af79e
Merge branch 'master' into local_api_docs
2018-05-21 13:44:34 -05:00
88ab836e15
Land #9987 , AF_PACKET chocobo_root exploit
2018-05-21 17:05:53 +08:00
6ae55aadd4
Fixing documentation, improving exploits code
2018-05-20 12:55:46 -04:00
294b263159
Land #9966 , Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit
...
Merge branch 'land-9966' into upstream-master
2018-05-18 17:06:04 -05:00
6858a1caf9
Add compilation instructions to documentation
2018-05-18 22:10:47 +10:00
132313ef34
Minor updates across all API docs.
2018-05-17 16:56:22 -05:00
94b32a3888
Workspace API Doc second pass
2018-05-17 11:22:43 -05:00
91d0b0be12
fix documentation for android/gather/wireless_ap
2018-05-17 21:17:00 +08:00
a3879f0109
Land #9956 , add module to extract wireless credentials on Android
2018-05-17 21:04:56 +08:00
75ab69b4c4
minor documentation update
2018-05-17 21:03:12 +08:00
6594cbb5cc
Land #9947 , AF_PACKET packet_set_ring exploit
2018-05-17 18:43:52 +08:00
5bd6193ea7
Update wireless_ap.md
2018-05-17 13:04:50 +05:30
a28e277384
Update wireless_ap.md
2018-05-17 12:51:26 +05:30
1c2bc5a09b
Update wireless_ap.md
2018-05-17 12:50:54 +05:30
e1f46b07f8
VulnAttempt API Doc second pass
2018-05-16 16:57:55 -05:00
43f410ccd3
Fix format of REFS_EXAMPLE
2018-05-16 15:37:33 -05:00
5e39314a72
Vuln API Doc second pass.
2018-05-16 15:26:44 -05:00
84a8f2100b
Merge branch 'master' into local_api_docs
2018-05-16 13:27:28 -05:00
edc06f6361
Second pass on SessionEvent API doc
2018-05-16 11:56:11 -05:00
999b895735
Land #9816 , Add the scanner/smb/impacket/dcomexec module
2018-05-16 07:15:32 -05:00
436e414b93
Land #7815 , CVE-2016-9299 exploit
2018-05-16 05:29:41 -05:00
fc079138fd
Service API doc second pass
2018-05-15 14:34:15 -05:00
c5bdd2ca9d
Add doc for this module
2018-05-15 03:47:09 -04:00
8dd7a27f7b
Fixes according to code review
2018-05-14 05:46:23 -04:00
382364a3ff
Adding documentation, improving description
2018-05-13 15:04:40 -04:00
ed5f2bffa9
Land #9919 , add libuser roothelper privilege escalation exploit
2018-05-12 17:11:21 +08:00
64fcddb1aa
fix docs
2018-05-12 09:55:36 +05:30
9811de430c
Land #9878 , Add MSF module for EDB 6768, Mantis <= v1.1.3 Post-auth RCE
2018-05-09 11:55:22 -05:00
d1701c37d6
Second pass on note API doc
2018-05-08 16:15:40 -05:00
bba77596c0
Second pass on loot API doc
2018-05-08 15:41:17 -05:00
07eb79e183
Second pass on creds, hosts, events, db_export, and exploits
2018-05-08 12:38:04 -05:00
0240c3f010
Land #9980 , PAN-OS readSessionVarsFromFile exploit
2018-05-07 14:55:00 -05:00
a18459a14c
Fix indentation, documentation update
2018-05-07 09:22:21 -05:00
4c5c8c956c
added doc
...
added doc
2018-05-07 18:50:53 +05:30
222b1fb27c
Land #9944 , playsms_filename_exec.rb
2018-05-07 07:43:16 -05:00
4b8ceab522
Fix indentation, update documentation
2018-05-07 07:22:53 -05:00
2331a610d6
Update documentation
2018-05-07 07:15:17 +00:00
4574de76e7
Add documentation
2018-05-07 07:11:42 +00:00
369c74aa19
Doc typo
2018-05-06 22:32:26 -05:00
dece3e3386
Doc update
2018-05-06 22:25:55 -05:00
1997a57627
Count gooder
2018-05-06 22:21:40 -05:00
96a354ffc4
Merge branch 'couchdb_cmd_exec' of https://github.com/Green-m/metasploit-framework
2018-05-06 23:07:14 -04:00
8141e949fc
Note the runtimes
2018-05-05 18:34:11 -05:00
a1092fcfd7
Add documentation
2018-05-05 15:48:44 -05:00
3aa7441e10
Update tested versions
2018-05-05 09:11:31 +00:00
9228f4fb6b
Second pass on Event API doc
2018-05-04 17:08:33 -05:00
14b18ccafb
updated
...
remove options sections
2018-05-04 20:42:23 +05:30
728d7bc065
Fix #9876 , second round of Drupalgeddon 2 updates
...
Thanks to a reviewer for noticing my drupal_unpatched? method was
tri-state because of an unrefactored return. Oops! :)
2018-05-03 17:38:32 -05:00
a5b9cc8cb8
Add Msf endpoint API doc
2018-05-03 17:16:04 -05:00
40c978e040
First pass at Vuln Attempt API doc
2018-05-03 16:59:30 -05:00
ce5be387c4
Land #8795 , Added CVE-2016-0040 Windows Privilege Escalation
...
Merge branch 'land-8795' into upstream-master
2018-05-03 16:33:53 -05:00
728850c61a
First pass at Session Event API doc
2018-05-03 16:00:56 -05:00
a11c7220b6
First pass at Event API doc
2018-05-03 14:20:23 -05:00
f0f6f9610a
Update Docs per h00die
2018-05-03 08:42:28 -05:00
d3e46ca33c
Add documentation
2018-05-03 13:00:01 +00:00
James Barnett
h00die
Erin Bleiweiss
Brendan Coles
Wei Chen
Tim W
Jacob Robles
Eliott Teissonniere
William Vu
Shelby Pace
Brent Cook
ReverseBrain
flandini
Mehmet İnce
Aloïs Thévenot
Green-m
Ishaq Mohammed
Touhid M Shaikh
Adam Cammack
Daniel Teixeira
bwatters-r7
Dhiraj Mishra
rmdavy
Aaron Soto
Nicholas Starke
Matthew Kienow
actuated
Spencer McIntyre
Ege Balcı
jbarnett-r7
lucyoa
Auxilus
Green-m
HD Moore