132313ef34
Minor updates across all API docs.
2018-05-17 16:56:22 -05:00
94b32a3888
Workspace API Doc second pass
2018-05-17 11:22:43 -05:00
91d0b0be12
fix documentation for android/gather/wireless_ap
2018-05-17 21:17:00 +08:00
a3879f0109
Land #9956 , add module to extract wireless credentials on Android
2018-05-17 21:04:56 +08:00
75ab69b4c4
minor documentation update
2018-05-17 21:03:12 +08:00
6594cbb5cc
Land #9947 , AF_PACKET packet_set_ring exploit
2018-05-17 18:43:52 +08:00
5bd6193ea7
Update wireless_ap.md
2018-05-17 13:04:50 +05:30
a28e277384
Update wireless_ap.md
2018-05-17 12:51:26 +05:30
1c2bc5a09b
Update wireless_ap.md
2018-05-17 12:50:54 +05:30
e1f46b07f8
VulnAttempt API Doc second pass
2018-05-16 16:57:55 -05:00
43f410ccd3
Fix format of REFS_EXAMPLE
2018-05-16 15:37:33 -05:00
5e39314a72
Vuln API Doc second pass.
2018-05-16 15:26:44 -05:00
84a8f2100b
Merge branch 'master' into local_api_docs
2018-05-16 13:27:28 -05:00
edc06f6361
Second pass on SessionEvent API doc
2018-05-16 11:56:11 -05:00
999b895735
Land #9816 , Add the scanner/smb/impacket/dcomexec module
2018-05-16 07:15:32 -05:00
436e414b93
Land #7815 , CVE-2016-9299 exploit
2018-05-16 05:29:41 -05:00
fc079138fd
Service API doc second pass
2018-05-15 14:34:15 -05:00
c5bdd2ca9d
Add doc for this module
2018-05-15 03:47:09 -04:00
8dd7a27f7b
Fixes according to code review
2018-05-14 05:46:23 -04:00
382364a3ff
Adding documentation, improving description
2018-05-13 15:04:40 -04:00
ed5f2bffa9
Land #9919 , add libuser roothelper privilege escalation exploit
2018-05-12 17:11:21 +08:00
64fcddb1aa
fix docs
2018-05-12 09:55:36 +05:30
9811de430c
Land #9878 , Add MSF module for EDB 6768, Mantis <= v1.1.3 Post-auth RCE
2018-05-09 11:55:22 -05:00
d1701c37d6
Second pass on note API doc
2018-05-08 16:15:40 -05:00
bba77596c0
Second pass on loot API doc
2018-05-08 15:41:17 -05:00
07eb79e183
Second pass on creds, hosts, events, db_export, and exploits
2018-05-08 12:38:04 -05:00
0240c3f010
Land #9980 , PAN-OS readSessionVarsFromFile exploit
2018-05-07 14:55:00 -05:00
a18459a14c
Fix indentation, documentation update
2018-05-07 09:22:21 -05:00
4c5c8c956c
added doc
...
added doc
2018-05-07 18:50:53 +05:30
222b1fb27c
Land #9944 , playsms_filename_exec.rb
2018-05-07 07:43:16 -05:00
4b8ceab522
Fix indentation, update documentation
2018-05-07 07:22:53 -05:00
2331a610d6
Update documentation
2018-05-07 07:15:17 +00:00
4574de76e7
Add documentation
2018-05-07 07:11:42 +00:00
369c74aa19
Doc typo
2018-05-06 22:32:26 -05:00
dece3e3386
Doc update
2018-05-06 22:25:55 -05:00
1997a57627
Count gooder
2018-05-06 22:21:40 -05:00
96a354ffc4
Merge branch 'couchdb_cmd_exec' of https://github.com/Green-m/metasploit-framework
2018-05-06 23:07:14 -04:00
8141e949fc
Note the runtimes
2018-05-05 18:34:11 -05:00
a1092fcfd7
Add documentation
2018-05-05 15:48:44 -05:00
3aa7441e10
Update tested versions
2018-05-05 09:11:31 +00:00
9228f4fb6b
Second pass on Event API doc
2018-05-04 17:08:33 -05:00
14b18ccafb
updated
...
remove options sections
2018-05-04 20:42:23 +05:30
728d7bc065
Fix #9876 , second round of Drupalgeddon 2 updates
...
Thanks to a reviewer for noticing my drupal_unpatched? method was
tri-state because of an unrefactored return. Oops! :)
2018-05-03 17:38:32 -05:00
a5b9cc8cb8
Add Msf endpoint API doc
2018-05-03 17:16:04 -05:00
40c978e040
First pass at Vuln Attempt API doc
2018-05-03 16:59:30 -05:00
ce5be387c4
Land #8795 , Added CVE-2016-0040 Windows Privilege Escalation
...
Merge branch 'land-8795' into upstream-master
2018-05-03 16:33:53 -05:00
728850c61a
First pass at Session Event API doc
2018-05-03 16:00:56 -05:00
a11c7220b6
First pass at Event API doc
2018-05-03 14:20:23 -05:00
f0f6f9610a
Update Docs per h00die
2018-05-03 08:42:28 -05:00
d3e46ca33c
Add documentation
2018-05-03 13:00:01 +00:00
249db505c8
First pass at Credential API doc
...
Also get the workspace from the query string for credentials
2018-05-02 16:47:39 -05:00
6bc4e2d622
First pass for Nmap api doc
2018-05-02 15:44:07 -05:00
e3c913e104
First pass for Exploit API doc
...
Also fixed a few formatting issues in other docs
2018-05-02 14:47:17 -05:00
5e9bbb4bef
Merge branch 'master' into local_api_docs
2018-05-02 11:48:13 -05:00
e1827bb2c3
DbExport API doc first pass
2018-05-02 11:40:56 -05:00
2619b457f8
Add docs
2018-05-02 21:54:46 +05:30
fd8d30812e
Add swagger-ui to view formatted API docs
2018-05-02 10:27:56 -05:00
0e6e4bcdd3
adding more information on the target
...
- Added information on the server and Database versions
- Example on product id output
2018-05-02 10:36:46 -03:00
6440951b73
Add doc for wireless_ap module
2018-05-02 18:04:34 +05:30
d6cf32fad8
Land #9821 , osCommerce 2.3.4.1 - Remote Code Execution
2018-05-02 07:29:15 -05:00
89d6ded805
Removing the Nagios enum module, adding description
2018-05-01 11:35:45 -04:00
4c8ad3ca9c
Removing old exploit/docs
2018-04-30 22:26:37 -04:00
ad8bf6d8e3
Renamed exploit to electric boogaloo
2018-04-30 22:20:35 -04:00
63ad7dbad4
Tag various URLs so they are grouped
2018-04-30 16:40:07 -05:00
d5838e6411
First pass at sessions api doc
2018-04-30 16:17:27 -05:00
d89f403368
First pass for vuln api doc
2018-04-30 13:41:31 -05:00
d01a664a3f
playsms_filename_exec.md
...
doc update
2018-04-28 19:41:32 +05:30
0b9a182746
Add documentation
2018-04-28 01:51:28 +00:00
c4bca03fea
Land #9908 , msfd_rce_remote and msfd_rce_browser
2018-04-27 18:54:17 -05:00
82fc4aba64
Land #9918 , XDebug Unauthenticated OS command execution
2018-04-27 17:08:58 -05:00
c343cb944e
Merge branch 'master' of https://github.com/BennyHusted/metasploit-framework
2018-04-27 10:36:32 -06:00
7dbdb42154
added enum_nagios_xi doc file
2018-04-27 10:35:07 -06:00
3dd996efce
removing unecessary description
2018-04-27 10:47:34 -03:00
5d32a3264d
Workspace API Doc first pass.
2018-04-26 17:55:39 -05:00
5d43e0527f
Notes API doc first pass
2018-04-26 17:42:03 -05:00
1806c247f1
Fixing tabbed spaces, version number in documentation
2018-04-26 18:15:39 -04:00
b547e6282e
Adding print statement to run the corresponding post module
2018-04-26 17:55:31 -04:00
37a32c2726
Adding module for Nagios XI remote root exploit.
...
See http://blog.redactedsec.net/exploits/2018/04/26/nagios.html for
more information.
2018-04-26 17:42:10 -04:00
49baa2ce41
Initial pass for Services api doc
2018-04-26 14:38:16 -05:00
0fa0358993
Land #9853 , Update Linux sock_sendpage local exploit module
2018-04-26 14:30:51 -05:00
f46a3325fc
Add loot api docs
2018-04-26 11:24:05 -05:00
f5c35843a8
Move swagger docs to separate files
2018-04-26 11:08:11 -05:00
a8662469fe
Documentation on modules/auxiliary/scanner/db2/discovery
...
x
2018-04-26 03:10:45 -03:00
f52e6a18a2
Land #9876 , Drupalgeddon 2
2018-04-25 15:49:53 -05:00
644889a324
Add TurnKey Linux ISOs to module doc setup section
2018-04-25 14:32:26 -05:00
675ed78948
Update module doc with patch level detection
2018-04-24 23:30:05 -05:00
8bc1417c8c
Use PHP_FUNC as a fallback in case assert() fails
...
Additionally drop a file in a writable directory in case CWD fails.
2018-04-24 22:29:27 -05:00
e03ebf9446
Don't make a header out of tested version
...
Reads a little better now.
2018-04-24 21:06:38 -05:00
89c95cae08
Remove block quote and add version to sample run
...
The block quote was ripped directly from the module description. It
isn't necessary in the dedicated documentation. Reads better now.
2018-04-24 21:02:30 -05:00
cd4861610f
Explain available targets in documentation
...
Oops.
2018-04-24 04:31:30 -05:00
b507391f1b
Change back to vprint_status for the nth time
...
I really couldn't decide, especially once I got rid of CmdStager.
Also fully document the module options.
2018-04-24 04:23:52 -05:00
2abfee83de
Add module doc to appease the @h00die god
2018-04-24 04:03:35 -05:00
ef5272cdc6
Update tested versions
2018-04-23 20:28:24 +00:00
767b4a7e05
Add documentation
2018-04-23 18:14:02 +00:00
f9a804e7d8
Bring the PR up to date
2018-04-23 08:52:05 -05:00
fb6fe3eede
Moved documentation to correct location
2018-04-23 07:31:25 -05:00
e197cb5759
add arch check
2018-04-22 08:30:32 -04:00
1c92134606
Land #9756 , Add lastore-daemon D-Bus Privilege Escalation exploit
...
Merge branch 'land-9756' into upstream-master
2018-04-20 15:45:37 -05:00
eadbcdd679
Added warning abotu the pipup and ding when running the exploit.
2018-04-20 15:44:23 -05:00
f12f6d54a5
Land #9862 , Post-exploitation module for meterpreter (Windows) to send wireless probe requests
...
Merge branch 'land-9862' into upstream-master
2018-04-20 14:32:01 -05:00
99b7d690d7
Added documentation for module
2018-04-20 14:30:30 -05:00
37a844bef0
Land # 9247, Add ASUS infosvr Auth Bypass Command Execution exploit
...
Merge branch 'land-9247' into upstream-master
2018-04-20 11:24:47 -05:00
1547a47026
Land #9784 , add osx high sierra APFS password disclosure post module
2018-04-18 14:27:22 +08:00
72cd97d3e4
minor documentation and comment tweaks
2018-04-18 14:22:32 +08:00
2914ebf631
lpe ufo
2018-04-17 20:39:59 -04:00
27ded57cda
Add MSF module for EDB 6768
2018-04-14 08:51:51 -04:00
760eac005f
Minor update to documentation
2018-04-12 16:48:33 +10:00
c72ca7544b
dont let this run on meterpreter
2018-04-11 21:05:15 -04:00
2a6acfd1d0
Land #9823 , Private IP leak via WebRTC
2018-04-11 17:37:56 -05:00
7e4caa16ff
Add more example output to module doc
2018-04-11 17:29:18 -05:00
8b6bfcb2f0
Added documentation
2018-04-11 11:28:50 +05:30
608e53ea89
Add documentation
2018-04-10 14:18:22 +00:00
d9dc2ec2f7
Merge branch 'master' into couchdb_cmd_exec
2018-04-08 23:35:04 -04:00
a473dd04a8
Land #9813 , Add etcd library and version scanner
2018-04-08 07:05:31 -04:00
6b1abba6c8
Added sluihijack module documentation
2018-04-08 12:03:11 +02:00
09bbbf82ba
Update oscommerce_installer_unauth_code_exec.md
2018-04-06 13:05:14 +01:00
f50b42ec52
Rename osCommerce.md to oscommerce_installer_unauth_code_exec.md
2018-04-06 11:32:38 +01:00
cb0e516ecd
Update osCommerce.md
2018-04-06 11:32:20 +01:00
bcef50b062
osCommerce Documentation
2018-04-05 20:26:44 +01:00
81c78a51c2
Land #9794 , Added support for regional dialects
2018-04-05 12:56:07 -05:00
0a3bcf570c
Add the scanner/smb/impacket/dcomexec module
2018-04-04 17:34:41 -04:00
b9dbf1a6f3
Fix formatting error in etcd open_key_scanner
2018-04-04 10:59:38 -07:00
c96bdf4ea1
Add etcd version scanner docs
2018-04-04 10:58:55 -07:00
1fa40bfe3b
Land #8539 , ProcessMaker Plugin Upload exploit
2018-04-03 20:52:17 -05:00
e17be05e6a
Land #9595 , Add post module RID Hijacking on Windows
2018-04-03 14:12:34 -05:00
1424019411
update docs
2018-04-03 13:52:02 -05:00
8f7d9f3ac8
rename module
2018-04-03 13:44:55 -05:00
bd80e9d0c5
documentation
2018-04-03 13:39:11 -05:00
8c2138f13b
Land #9742 , QNX exploit improvements
2018-04-03 07:50:29 -05:00
226ef160ff
Land #9748 , Convert the smbloris DoS into an external module
...
Help reliability and performance. This some Ruby-specific external module
tooling as a result as well.
2018-04-02 23:25:10 -05:00
cdcbd03b3c
Create apfs_encrypted_volume_passwd.md
2018-04-02 20:48:54 -04:00
288082e68d
Update documentation for get_user_spns.py
2018-04-02 12:15:13 -05:00
fa34f3e0a4
Land #9718 , Add get_user_spns 'kerberoasting' module
2018-04-02 10:04:44 -05:00
6a45e0299b
Add document of exploit module apache_couchdb_cmd_exec
2018-03-29 02:40:51 -04:00
a1e83ce835
Land #9760 , @h00die's etcd scanner
2018-03-28 10:41:22 -07:00
e01679d374
Use common path in etcd docs
2018-03-28 09:55:05 -07:00
e7f9d789eb
Add docker docs for etcd
2018-03-28 09:43:12 -07:00
a1fff486bc
Land #9666 , Add 2017-8917 RCE for Joomla 3.7.0
2018-03-28 11:08:38 -05:00
0fa63ae7b3
Update documentation and module
...
Included Super User in the documentation.
Implemented changes h00die suggested.
Modified sqli to generate strings used in regex.
2018-03-28 10:57:28 -05:00
c97743925f
jhart suggestions
2018-03-27 18:46:31 -04:00
94fd599756
Land #9684 , Adding ManageEngine Application Manager RCE
...
Land #9684
2018-03-27 15:17:20 -05:00
fb0d87163c
Update documentation for manageengine_appmanager_exec
2018-03-27 15:16:39 -05:00
0a0bef0c4f
Land #9633 , Exodus Wallet Remote Code Execution
...
Land #9633
2018-03-27 14:51:15 -05:00
a8914f2f9f
Land #9775 , module doc improvements to MS17-010
2018-03-27 14:38:20 -05:00
7e4e6e6437
Update ms17_010_{psexec,command} module docs
2018-03-27 14:32:21 -05:00
8c88c53e5d
Land #9670 , Gitstack v2.3.10 RCE
...
Land #9670
2018-03-27 13:00:47 -05:00
df49345f5d
Update gitstack_rce.md
2018-03-27 12:59:49 -05:00
e462cb49a2
updated docs
2018-03-25 14:53:30 -04:00
1371684df7
add linux mint to docs
2018-03-25 07:58:51 -04:00
80c4d59560
Land #9702 exploit for clipbucket
2018-03-24 19:59:17 -04:00
0028e2c5ba
documentation update
2018-03-24 19:25:59 -04:00
d5961f277e
Add documentation
2018-03-24 23:16:51 +00:00
e8d910ac08
spelling
2018-03-23 21:40:46 -04:00
200f8ae849
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into cve201716995
2018-03-23 21:17:07 -04:00
6b0691a91a
cve-2017-16995
2018-03-23 21:09:56 -04:00
fdd2af2d2a
Update tested versions
2018-03-24 00:23:12 +00:00
5ece14b064
Convert SMBLoris to an external module
2018-03-23 14:55:18 -05:00
d192173792
Vulnerable application link update
2018-03-22 11:57:54 +00:00
6885f16e38
Add documentation
2018-03-22 06:27:13 +00:00
8d12118d1f
Add get_user_spns external module and documentation
2018-03-21 06:26:15 -05:00
ac9f506b45
Update tested versions
2018-03-20 02:49:56 +00:00
53eabfc1df
Update documentation and add check before exploit
2018-03-19 23:27:18 +03:00
0817e6b15f
Delete playsms_uploadcsv_exec.md
2018-03-18 13:57:04 +05:30
0e0fcdf727
PlaySMS 1.4 RCE
...
PlaySMS 1.4 Remote Code Execution using Phonebook import Function in import.php
2018-03-18 13:46:30 +05:30
44d5022380
Land #9529 , Add module for HP iLO CVE-2017-12542 authentication bypass
2018-03-16 16:50:54 -05:00
1b2f1ced02
Land #8422 , Typo3 News Module Sql Injection exploit
2018-03-15 10:55:04 -05:00
ba0d990273
Documentation added and Error Checks
2018-03-15 10:46:08 -05:00
177eca30e8
Usage instructions adjusted.
2018-03-15 12:39:22 +03:00
d736a6d2ec
updated juniper docs
2018-03-14 21:02:22 -04:00
b55a750fa9
Fix typo and couple tiny nitpicks
2018-03-14 11:51:21 +03:00
129ae21a5a
documentation added
2018-03-13 10:24:39 +01:00
889c914b3d
Updating documentation and minor code changes
2018-03-13 12:05:27 +03:00
b7b09c5010
Documentation added.
2018-03-12 20:30:15 +03:00
d86dcbc237
Land #9632 , owa_login and auth_brute enhancements
2018-03-12 10:31:20 -05:00
9b0ba4a6fa
clipbucket_fileupload_exec
2018-03-12 14:17:13 +05:30
1fd0087a97
Land #7654 , varnish file read
2018-03-09 10:59:04 -06:00
37bf4d118a
Changes suggested by h00die 0803
2018-03-09 09:55:50 -05:00
ea78e21961
Documentation accuracy
2018-03-09 07:43:12 -06:00
2735ae57cb
Documentation accuracy
2018-03-09 07:31:55 -06:00
048d0d1fe4
Changes suggested by h00die
2018-03-08 20:13:01 -05:00
178fa16953
Grammar fix
2018-03-08 07:42:29 -06:00
24079c345d
Style guide and grammar fixes
2018-03-08 07:30:02 -06:00
611b208267
Adding ManageEngine Application Manager RCE
2018-03-07 23:54:01 +03:00
fb04fef3a5
added documentation.
2018-03-07 08:34:49 -08:00
81596b627d
added documentation.
2018-03-07 08:31:25 -08:00
15269ec3ce
Land #9678 , Add memcached UDP version scanner
2018-03-07 10:14:29 -06:00
86dd382e6a
Land #9554 , Eclipse Equinoxe OSGi console RCE
2018-03-07 08:41:31 -06:00
e8a227b1a6
Changes as requested by jhart-r7:
...
- Default Username / Password are now random
- Doc fixed
- REST typo fixed
2018-03-07 10:48:05 +01:00
7733662767
Add docs for memcached_udp_version
2018-03-06 18:12:40 -08:00
05a653b853
Add module documentation
2018-03-06 20:37:11 -05:00
d6871f5733
Land #9614 , Juniper post enum module
2018-03-06 10:29:56 -06:00
99799f1e98
Update doc
2018-03-05 13:40:37 -06:00
a4f48eb80f
Add GitStack v2.3.10 RCE
2018-03-05 13:25:41 -06:00
3028dccd7a
Land #9644 , @xistence's memcached stats amplification scanner
2018-03-05 09:02:28 -08:00
d454267ea5
update docs
2018-03-02 21:00:41 -05:00
dd2e15f959
Update doc a final time to appease the @h00die god
2018-03-02 19:40:11 -06:00
25f36fb926
Refactor code into new methods
2018-03-02 19:16:37 -06:00
c343c926cf
Add N300 version to module doc
2018-03-02 19:15:20 -06:00
0c0f00941b
Add note about directly connecting to telnetd
2018-03-02 19:15:20 -06:00
b6d563e2a3
Update doc regarding vprint
2018-03-02 19:15:19 -06:00
4b29df7ab3
Update doc for automatic targeting
2018-03-02 19:15:19 -06:00
86cd52ae4b
Update doc with real info
2018-03-02 19:15:18 -06:00
7505e0e831
updated docs
2018-03-02 19:15:18 -06:00
031b44baea
updated docs
2018-03-02 19:15:17 -06:00
a9caec5130
Add module doc
2018-03-02 19:15:17 -06:00
83430f858e
Add docs for memcached amplification scanner
2018-03-01 17:07:57 -08:00
2faa052bc0
Update Exodus Wallet Documentation
2018-02-28 10:15:54 +00:00
11881c1028
Exodus Documentation
2018-02-26 21:30:39 +00:00
0b22014306
Rename Doc
2018-02-26 06:09:15 -06:00
4e4aeb7b4d
Add GitStack v2.3.10 Unauth REST API Aux Module
2018-02-26 06:04:38 -06:00
023bf79097
Land #9310 docs for many aux scanners
2018-02-24 14:32:33 -05:00
c56d7967e7
finished cleanup
2018-02-24 14:31:52 -05:00
15a29a1994
finished up comments
2018-02-24 13:39:14 -05:00
aafd67d416
Adjust rid_hijack.md documentation file
2018-02-23 04:30:22 +01:00
c7bbc6eca4
juniper post enum module
2018-02-22 21:08:21 -05:00
5815b626d9
Dont save email addresses as valid
...
Also add module doc for owa_login module
2018-02-22 14:58:11 -06:00
d3851ed89c
Add rid_hijack module documentation.
2018-02-22 18:49:11 +01:00
4b8a8fa2b1
Land #9441 , Create exploit for AsusWRT LAN RCE
...
Merge branch 'land-9441' into upstream-master
2018-02-22 10:40:45 -06:00
a9d6845f25
Add module doc
2018-02-21 21:50:08 -06:00
bda7fefa7f
Land #9444 - `hsts_eraser` module and docs
2018-02-20 21:22:55 -06:00
b2cb4c425d
Land #9594 , CloudMe Sync v1.10.9 Buffer Overflow
2018-02-20 17:49:19 -06:00
a23240a742
Update Documentation
...
[ticket: #9594 ]
2018-02-20 17:48:21 -06:00
04882b0464
Fixed indentation
2018-02-20 22:00:36 +00:00
ff3b318abd
CloudMe Sync Client documentation
2018-02-20 21:56:31 +00:00
107a41a4ce
Land #9561 , Disk Savvy Enterprise v10.4.18 built-in server buffer overflow
2018-02-20 15:42:12 -06:00
ab6f6d75d2
Update Documentation
...
[ticket: #9561 ]
2018-02-20 15:37:40 -06:00
f89cebbd89
Add sploit doc
2018-02-20 19:35:10 +00:00
74c6e21f49
Lands #9504 , MagniComp SysInfo privilege escalation
2018-02-19 22:47:33 -06:00
663581fa10
Fix markdown ticks + references location.
2018-02-17 14:30:01 +01:00
a2d104313b
Add documentation file.
2018-02-17 12:31:54 +01:00
242f2d3117
Land #9512 , Add Claymore Dual GPU Miner<= 10.5 DoS module
2018-02-16 10:46:48 -06:00
b533ec6019
Land #9509 , Ulterius Server < v1.9.5.0 Directory Traversal
...
Land #9509
2018-02-15 16:34:31 -06:00
949b474a0a
Avoid target_uri.path
...
It doesn't look like target_uri.path is suitable for this scenario,
because it causes our input to be modified and hard to use.
2018-02-15 16:31:09 -06:00
630e9dd0de
Verification steps update
2018-02-14 20:40:32 +00:00
07763ccd6a
Disk Savvy Server Buffer Overflow Documentation
2018-02-14 20:35:03 +00:00
fe46f635db
Changes as requested by bcoles
2018-02-13 10:54:42 +01:00
285b329ee1
Land #9422 abrt race condition priv esc on linux
2018-02-11 11:58:39 -05:00
add7ae8fa1
Land #9536 , Add Ubuntu notes to documentation
2018-02-11 07:27:00 -06:00
321b78b0fe
Land #9408 , Add Juju-run Agent Privilege Escalation module (CVE-2017-9232)
2018-02-11 07:19:49 -06:00
4e5cbd68b9
Add Ubuntu notes to documentation
2018-02-11 06:52:36 +00:00
4b6362a37d
Minor doc tweaks.
2018-02-10 16:14:14 -06:00
1177efef89
Update tested versions
2018-02-10 16:32:20 +00:00
38252e4384
success against x64
2018-02-10 07:17:15 -05:00
9e11632608
Add documentation
2018-02-09 16:15:04 -05:00
cb1b59545b
Land #9469 linux local exploit for glibc ld audit
2018-02-09 14:00:42 -05:00
c642d420c2
Land #9489 , Add scanner for the Bleichenbacker oracle (AKA: ROBOT)
2018-02-08 12:55:02 -06:00
ca4ad1d0c4
Land #9478 , Improve Dup Scout BOF exploit
2018-02-07 23:51:14 -06:00
ab0d18669e
Doc Changes
2018-02-07 19:26:39 -06:00
e53500f397
Fixed Headings
2018-02-07 08:11:58 -06:00
1de8ec1073
Implemented Suggested Changes
...
Updated documentation headings and function/filename formatting.
Updated module options and formatting. Added check for file to parse.
2018-02-07 08:01:54 -06:00
7cbf89f055
Add documentation
2018-02-07 13:17:54 +00:00
8168e881b3
Add documentation
2018-02-07 07:49:21 +00:00
278e9a92fc
add module and documentation
2018-02-06 20:30:34 +08:00
1e9e9c9be0
Ulterius Server < v1.9.5.0 Directory Traversal
...
Adds documentation and module for Ulterius Server
directory traversal vulnerability.
2018-02-05 22:50:09 -06:00
ce6e85f64f
Add documentation
2018-02-05 13:48:41 +00:00
696817215b
Update tested versions
2018-02-05 04:48:52 +00:00
e5b490c1c0
Remove weird sentence in cve_2017_8464_lnk_rce
2018-02-04 12:57:56 -05:00
638d6ce33d
Add documentation
2018-02-04 04:47:46 +00:00
bde2884e11
Fixes from review
2018-02-03 11:23:58 -05:00
75d2b33f2e
Add intro header to ms17_010_command
2018-02-02 20:47:29 -05:00
250a2beff7
Make options a bullet list in archmigrate
2018-02-02 20:46:07 -05:00
9e11b0629f
Fix examples section in run_as_psh
2018-02-02 20:44:46 -05:00
3733365955
Add options section to archmigrate
...
- Also make verification steps code instead of surrounded in quotes
2018-02-02 20:43:22 -05:00
3a764b174a
Remove unnecessary HRs in hashdump
2018-02-02 20:39:47 -05:00
fb0456df01
Add intro header
2018-02-02 20:38:10 -05:00
df976cf2b0
Add intro header to ad_to_sqlite
2018-02-02 20:37:29 -05:00
dff7fccc02
Fix ugly header in aws_create_iam_user
2018-02-02 20:36:31 -05:00
31f69b306b
Add description to sshkey_persistence
...
- Also make options headers to be more consistent with module options
2018-02-02 20:35:06 -05:00
664411786c
Fix a few things in getvinfo
...
- Add intro header
- Change up first sentence for clarity
- Fix `CLEAR_DTCS` header
2018-02-02 20:30:40 -05:00
c9d41f215d
Update allwinner_backdoor.md
2018-02-02 20:26:42 -05:00
d3084638fa
Update netgear_r7000_cgibin_exec docs
...
- Add 'Introduction' header
- Make module name in intro into code (easier to read)
2018-02-02 20:23:43 -05:00
6f086e9110
Fix broken link
2018-02-02 20:08:38 -05:00
51e098da35
Add scanner for Bleichenbacher oracle (ROBOT)
2018-02-02 16:29:07 -06:00
be01da2861
Add clarification to score range
...
- Also add an introduction header
2018-02-02 15:06:42 -05:00
1fb7c21cb7
Add length clarification to censys_search
2018-02-02 14:51:09 -05:00
b51ecda9d6
Fix CUSTOMTEMPLATE option format
2018-02-02 14:27:09 -05:00
a65604b09d
Add introduction header to web_delivery
2018-02-02 14:19:25 -05:00
2d8a249a56
Add intro header to office_ms17_11882
2018-02-02 14:12:36 -05:00
a7e9772e25
A few fixes for office_word_hta
...
- Add introduction header
- Fix `Vulnerable Application` header and make it plural (multiple apps)
- Remove unnecessary console line for example
2018-02-02 14:11:05 -05:00
daedf2a089
Fix word choice in cve_2017_8464_lnk_rce
...
- Also remove an unnecessary example step
2018-02-02 14:06:03 -05:00
0739fab092
Clarify testing environments for hp_dataprotector
2018-02-02 14:03:01 -05:00
acf7f7747d
Fix double backslashes in panda_psevents
2018-02-02 13:32:55 -05:00
67682bd243
Make webdav.md look a little better
2018-02-02 13:31:30 -05:00
d4c70a3beb
Fix md header in bypassuac_fodhelper
2018-02-02 13:28:47 -05:00
3de576a0df
Fix md header in vxsrchs_bof doc
2018-02-02 13:24:35 -05:00
9dde5ebf92
Update eternalblue docs
...
- Add a reference for OS protection rings
- Uncomment some windows versions
- Fix a word choice issue
2018-02-02 13:21:43 -05:00
c9473f8cbc
Land #9473 , new MS17-010 aux and exploit modules
2018-02-01 23:56:29 -06:00
7cb0a118c1
Land #9399 a linux priv esc against apport and abrt
2018-02-01 21:54:54 -05:00
3c21eb8111
Update documentation
2018-02-02 02:27:13 +00:00
559b592394
Corrected Documentation
2018-02-01 13:17:02 -06:00
bc18389284
Updated Document and Module
...
Update the documentation based on analysis of the vulnerability.
Slight modifications to the exploit module as well to reduce the
size of the generated file and reduce bad characters.
2018-02-01 10:05:50 -06:00
0d80ca6f79
Change documentation extension from rb to md
2018-01-31 23:26:30 +00:00
beb4d56f7d
Land #9354 , Debut embedded httpd server (Brother printers) DoS
2018-01-31 17:03:13 -06:00
8be2b1f59e
Land # 9407, Add BMC Server Automation RSCD Agent RCE exploit module
...
Merge branch 'land-9407' into upstream-master
2018-01-31 13:35:29 -06:00
92915ebb69
Update ms17_010_command.md
2018-01-29 11:17:44 -07:00
d4a0372238
Land #9457 , Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow
2018-01-29 11:40:54 -06:00
5529bc10b3
fix docs
2018-01-29 10:20:57 -07:00
8627f6b834
added docs
2018-01-29 01:34:25 -07:00
23f4bf1583
Add documentation
2018-01-27 03:15:06 +00:00
c390696ddf
Land #9379 , Oracle Weblogic RCE exploit and documentation
2018-01-25 21:47:18 -06:00
4be0e7f9ef
final fixes for brother debut dos
2018-01-24 20:53:08 -05:00
c1ff0c1e00
Dup Scout XML documentation
2018-01-24 20:47:02 +00:00
7b01785347
Add documentation to pull request
...
Added credit to @asoto-r7 for the documentation
2018-01-24 14:36:16 -05:00
eb572a3ef5
Land #8632 , colorado ftp fixes
2018-01-23 17:45:07 -06:00
a27cfeaea9
Land #9416 , Sync Breeze Enterprise 9.5.16 Import Command buffer overflow
...
Merge branch 'land-9416' into upstream-master
2018-01-23 16:35:51 -06:00
d81d50b491
Land #9430 , Improve Hyper-V checkvm checks
2018-01-23 15:22:12 -06:00
8eb6df41e3
Land #9205 , Documentation for Kaltura <= 13.1.0 RCE (CVE-2017-14143)
...
Merge branch 'land-9205' into upstream-master
2018-01-23 12:45:59 -06:00
04806bc84a
Updates to documentation per h00die
2018-01-23 12:44:39 -06:00
c13e02431d
updated
2018-01-23 06:19:44 -05:00
a15856450a
updated
2018-01-23 05:48:19 -05:00
2110cbe466
updated
2018-01-23 05:38:24 -05:00
61433c6d55
updated
2018-01-23 05:05:48 -05:00
aae77fc1a4
Land #9349 , GoAhead LD_PRELOAD CGI Module
2018-01-22 23:10:36 -06:00
7175468ff7
local to remote
2018-01-21 10:00:31 -05:00
7ee77a27a6
Land #9389 , Update commvault_cmd_exec module documentation
2018-01-18 11:05:51 -06:00
b6ea95c417
Add documentation
2018-01-18 12:42:44 +00:00
fff1c16517
Created checkvm documentation
2018-01-17 16:23:18 -06:00
5fef8b43f6
Update and rename syncbreeze_xml.rb to syncbreeze_xml.md
2018-01-16 06:07:15 +00:00
593813cdef
Fix small grammar issues in ms08_067 and ms17_010
...
Also includes very small changes to improve punctuation consistency
within CONTRIBUTING.md
2018-01-15 19:32:44 -08:00
ac724926db
Sync Breeze Import Command BOF Doc
2018-01-15 20:45:34 +00:00
333ee893d3
Tidied up platform detection, check method, and minor typos.
2018-01-14 18:28:40 +00:00
736d438813
Address second round of feedback
...
Brain fart on guard clauses when I've been using them all this time...
Updating the conditions made the ternary fall out of favor.
Changed some wording in the doc to suggest the domain name for a
particular NIS server may be different from the bootparamd client's
configuration.
2018-01-13 22:55:01 -06:00
6568d29b67
Add BMC Server Automation RSCD Agent RCE exploit module.
2018-01-14 01:12:55 +00:00
c080329ee6
Update module after feedback
...
Looks like I can't decide on certain style preferences.
Not keen on using blank?, but I've used it before. Time to commit?
Also, fail_with has been fixed for aux and post since #8643 . Use it!
2018-01-13 15:40:11 -06:00
ff1c85552b
Add module doc
2018-01-12 19:34:59 -06:00
e6c4fb1dab
Land #9269 , Add a new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:54:23 -06:00
f395e07fc6
Land #9269 , add new target for Sync Breeze Enterprise GET BoF
...
Land #9269
2018-01-11 16:53:02 -06:00
4b225c30fd
Land #9368 , ye olde NIS ypserv map dumper
2018-01-10 22:02:36 -06:00
f5210ed6d6
Update module doc with missing options
2018-01-10 20:18:50 -06:00
6510ee53bc
Land #9204 , Add exploit for Samsung SRN-1670D (CVE-2017-16524)
...
Land #9204
2018-01-10 20:15:29 -06:00
18c179a091
Update module and add documentation
...
This updates the module to pass:
* msftidy
* Ruby style guidelines
* Proper usage of Metasploit API
* Mostly other cosmetic fixes
A documentation is also added.
2018-01-10 20:13:42 -06:00
7e2c7837e5
Land #9325 , Add CVE-2017-6090 phpCollab 2.5.1 file upload exploit module
...
Land #9325
2018-01-10 17:39:50 -06:00
b1f3f471f3
Update phpcollab_upload_exec code (also module documentation)
2018-01-10 17:38:52 -06:00
8d77f35b16
Land #9373 , Add LabF nfsAxe FTP Client 3.7 Stack Buffer Overflow
...
Land #9373
2018-01-09 22:40:50 -06:00
25280e3319
Update labf_nfsaxe and module documentation
2018-01-09 22:39:40 -06:00
777e383568
Land #9377 , Add HPE iMC dbman RestoreDBase Unauthenticated RCE exploit
...
Land #9377
2018-01-09 13:56:53 -06:00
a0c9cdd73d
Land #9376 , Add HPE iMC dbman RestartDB Unauthenticated RCE exploit
...
Land #9376
2018-01-09 13:28:03 -06:00
b06db60a56
Fix typos
2018-01-09 11:20:02 -06:00
7b6a8af387
Update commvault_cmd_exec module documentation
2018-01-08 15:42:01 -06:00
bbad416a86
Add module doc to appease the @h00die god
2018-01-08 15:02:39 -06:00
d138f1508c
Land #9340 , Add exploit for Commvault Remote Command Injection
...
Land #9340
2018-01-07 12:17:26 -06:00
a1a594d1f8
Add documentation
2018-01-06 05:09:24 +00:00
9ec17bdd54
Add documentation
2018-01-06 05:08:33 +00:00
160f960f78
Add files via upload
2018-01-04 20:25:41 +00:00
65f444ddcc
land #9362 exploit for pfsense graph injection
2018-01-04 14:35:52 -05:00
520e890520
Land #8581 , VMware Workstation ALSA Config File Local Privilege Escalation
2018-01-03 21:35:57 -06:00
b8dde2e650
Land #9360 , Ayukov NFTP FTP client buffer overflow vulnerability
...
Land #9360
2018-01-03 20:56:12 -06:00
04cf3017c0
Update ayukov_nftp exploit and module documentation
2018-01-03 20:52:57 -06:00
c3f10c1d57
Land #9336 , Linksys WVBR0-25 exploit
2018-01-03 18:13:44 -06:00
589de0483b
Clarification in product linkage and small syntax fixup in repro steps
2018-01-03 17:00:26 -06:00
James Barnett
Tim W
Auxilus
Jacob Robles
William Vu
Green-m
lucyoa
Touhid M Shaikh
Brendan Coles
HD Moore
bwatters-r7
Guilherme Leite
BennyHusted
Aaron Soto
caleBot
root
Brent Cook
Wei Chen
h00die
Lars Sorenson
Adam Cammack
Dhiraj Mishra
gushmazuko
Daniel Teixeira
Spencer McIntyre
Jon Hart
Chris Higgins
Carter Brainerd (thecarterb)
Mehmet İnce
Ege Balcı
Can
Luis Hernandez
Kirk Swidowski
Fab
r4wd3r
Pedro Ribeiro
Quentin Kaiser
Pearce Barry
bluebird
zerosum0x0
zerosum0x0
Kevin Kirsche
Vishal Gupta
Brady Sullivan
Nicky Bloor
headlesszeke