Commit Graph

1924 Commits (8a175f50cd86137d0c77d9f89e86bc489e9adbfa)

Author SHA1 Message Date
James Barnett 7d7f405234
Describe ALL the attributes! 2018-05-22 14:57:21 -05:00
bwatters-r7 40d5f46277
Lad #10017, D-Link DSL-2750B Unauthenticated OS Command Injection
Merge branch 'land-10017' into upstream-master
2018-05-22 10:54:33 -05:00
James Barnett e4038af79e Merge branch 'master' into local_api_docs 2018-05-21 13:44:34 -05:00
Tim W 88ab836e15
Land #9987, AF_PACKET chocobo_root exploit 2018-05-21 17:05:53 +08:00
lucyoa 6ae55aadd4
Fixing documentation, improving exploits code 2018-05-20 12:55:46 -04:00
bwatters-r7 294b263159
Land #9966, Add Reliable Datagram Sockets (RDS) Privilege Escalation exploit
Merge branch 'land-9966' into upstream-master
2018-05-18 17:06:04 -05:00
Brendan Coles 6858a1caf9
Add compilation instructions to documentation 2018-05-18 22:10:47 +10:00
James Barnett 132313ef34
Minor updates across all API docs. 2018-05-17 16:56:22 -05:00
James Barnett 94b32a3888
Workspace API Doc second pass 2018-05-17 11:22:43 -05:00
Tim W 91d0b0be12 fix documentation for android/gather/wireless_ap 2018-05-17 21:17:00 +08:00
Tim W a3879f0109
Land #9956, add module to extract wireless credentials on Android 2018-05-17 21:04:56 +08:00
Tim W 75ab69b4c4 minor documentation update 2018-05-17 21:03:12 +08:00
Tim W 6594cbb5cc
Land #9947, AF_PACKET packet_set_ring exploit 2018-05-17 18:43:52 +08:00
Auxilus 5bd6193ea7
Update wireless_ap.md 2018-05-17 13:04:50 +05:30
Auxilus a28e277384
Update wireless_ap.md 2018-05-17 12:51:26 +05:30
Auxilus 1c2bc5a09b
Update wireless_ap.md 2018-05-17 12:50:54 +05:30
James Barnett e1f46b07f8
VulnAttempt API Doc second pass 2018-05-16 16:57:55 -05:00
James Barnett 43f410ccd3
Fix format of REFS_EXAMPLE 2018-05-16 15:37:33 -05:00
James Barnett 5e39314a72
Vuln API Doc second pass. 2018-05-16 15:26:44 -05:00
James Barnett 84a8f2100b Merge branch 'master' into local_api_docs 2018-05-16 13:27:28 -05:00
James Barnett edc06f6361
Second pass on SessionEvent API doc 2018-05-16 11:56:11 -05:00
Jacob Robles 999b895735
Land #9816, Add the scanner/smb/impacket/dcomexec module 2018-05-16 07:15:32 -05:00
William Vu 436e414b93
Land #7815, CVE-2016-9299 exploit 2018-05-16 05:29:41 -05:00
James Barnett fc079138fd
Service API doc second pass 2018-05-15 14:34:15 -05:00
Green-m c5bdd2ca9d Add doc for this module 2018-05-15 03:47:09 -04:00
lucyoa 8dd7a27f7b
Fixes according to code review 2018-05-14 05:46:23 -04:00
lucyoa 382364a3ff
Adding documentation, improving description 2018-05-13 15:04:40 -04:00
Tim W ed5f2bffa9
Land #9919, add libuser roothelper privilege escalation exploit 2018-05-12 17:11:21 +08:00
Auxilus 64fcddb1aa
fix docs 2018-05-12 09:55:36 +05:30
Jacob Robles 9811de430c
Land #9878, Add MSF module for EDB 6768, Mantis <= v1.1.3 Post-auth RCE 2018-05-09 11:55:22 -05:00
James Barnett d1701c37d6
Second pass on note API doc 2018-05-08 16:15:40 -05:00
James Barnett bba77596c0
Second pass on loot API doc 2018-05-08 15:41:17 -05:00
James Barnett 07eb79e183
Second pass on creds, hosts, events, db_export, and exploits 2018-05-08 12:38:04 -05:00
William Vu 0240c3f010
Land #9980, PAN-OS readSessionVarsFromFile exploit 2018-05-07 14:55:00 -05:00
Jacob Robles a18459a14c
Fix indentation, documentation update 2018-05-07 09:22:21 -05:00
Touhid M Shaikh 4c5c8c956c
added doc
added doc
2018-05-07 18:50:53 +05:30
Jacob Robles 222b1fb27c
Land #9944, playsms_filename_exec.rb 2018-05-07 07:43:16 -05:00
Jacob Robles 4b8ceab522
Fix indentation, update documentation 2018-05-07 07:22:53 -05:00
Brendan Coles 2331a610d6 Update documentation 2018-05-07 07:15:17 +00:00
Brendan Coles 4574de76e7 Add documentation 2018-05-07 07:11:42 +00:00
HD Moore 369c74aa19 Doc typo 2018-05-06 22:32:26 -05:00
HD Moore dece3e3386 Doc update 2018-05-06 22:25:55 -05:00
HD Moore 1997a57627 Count gooder 2018-05-06 22:21:40 -05:00
Green-m 96a354ffc4 Merge branch 'couchdb_cmd_exec' of https://github.com/Green-m/metasploit-framework 2018-05-06 23:07:14 -04:00
HD Moore 8141e949fc Note the runtimes 2018-05-05 18:34:11 -05:00
HD Moore a1092fcfd7 Add documentation 2018-05-05 15:48:44 -05:00
Brendan Coles 3aa7441e10 Update tested versions 2018-05-05 09:11:31 +00:00
James Barnett 9228f4fb6b
Second pass on Event API doc 2018-05-04 17:08:33 -05:00
Touhid M Shaikh 14b18ccafb
updated
remove options sections
2018-05-04 20:42:23 +05:30
William Vu 728d7bc065 Fix #9876, second round of Drupalgeddon 2 updates
Thanks to a reviewer for noticing my drupal_unpatched? method was
tri-state because of an unrefactored return. Oops! :)
2018-05-03 17:38:32 -05:00
James Barnett a5b9cc8cb8
Add Msf endpoint API doc 2018-05-03 17:16:04 -05:00
James Barnett 40c978e040
First pass at Vuln Attempt API doc 2018-05-03 16:59:30 -05:00
bwatters-r7 ce5be387c4
Land #8795, Added CVE-2016-0040 Windows Privilege Escalation
Merge branch 'land-8795' into upstream-master
2018-05-03 16:33:53 -05:00
James Barnett 728850c61a
First pass at Session Event API doc 2018-05-03 16:00:56 -05:00
James Barnett a11c7220b6
First pass at Event API doc 2018-05-03 14:20:23 -05:00
bwatters-r7 f0f6f9610a
Update Docs per h00die 2018-05-03 08:42:28 -05:00
Brendan Coles d3e46ca33c Add documentation 2018-05-03 13:00:01 +00:00
James Barnett 249db505c8
First pass at Credential API doc
Also get the workspace from the query string for credentials
2018-05-02 16:47:39 -05:00
James Barnett 6bc4e2d622
First pass for Nmap api doc 2018-05-02 15:44:07 -05:00
James Barnett e3c913e104
First pass for Exploit API doc
Also fixed a few formatting issues in other docs
2018-05-02 14:47:17 -05:00
James Barnett 5e9bbb4bef Merge branch 'master' into local_api_docs 2018-05-02 11:48:13 -05:00
James Barnett e1827bb2c3
DbExport API doc first pass 2018-05-02 11:40:56 -05:00
Auxilus 2619b457f8
Add docs 2018-05-02 21:54:46 +05:30
James Barnett fd8d30812e
Add swagger-ui to view formatted API docs 2018-05-02 10:27:56 -05:00
Guilherme Leite 0e6e4bcdd3
adding more information on the target
- Added information on the server and Database versions
- Example on product id output
2018-05-02 10:36:46 -03:00
Auxilus 6440951b73
Add doc for wireless_ap module 2018-05-02 18:04:34 +05:30
Jacob Robles d6cf32fad8
Land #9821, osCommerce 2.3.4.1 - Remote Code Execution 2018-05-02 07:29:15 -05:00
BennyHusted 89d6ded805 Removing the Nagios enum module, adding description 2018-05-01 11:35:45 -04:00
BennyHusted 4c8ad3ca9c Removing old exploit/docs 2018-04-30 22:26:37 -04:00
BennyHusted ad8bf6d8e3 Renamed exploit to electric boogaloo 2018-04-30 22:20:35 -04:00
James Barnett 63ad7dbad4
Tag various URLs so they are grouped 2018-04-30 16:40:07 -05:00
James Barnett d5838e6411
First pass at sessions api doc 2018-04-30 16:17:27 -05:00
James Barnett d89f403368
First pass for vuln api doc 2018-04-30 13:41:31 -05:00
Touhid M Shaikh d01a664a3f
playsms_filename_exec.md
doc update
2018-04-28 19:41:32 +05:30
Brendan Coles 0b9a182746 Add documentation 2018-04-28 01:51:28 +00:00
Aaron Soto c4bca03fea
Land #9908, msfd_rce_remote and msfd_rce_browser 2018-04-27 18:54:17 -05:00
Aaron Soto 82fc4aba64
Land #9918, XDebug Unauthenticated OS command execution 2018-04-27 17:08:58 -05:00
caleBot c343cb944e Merge branch 'master' of https://github.com/BennyHusted/metasploit-framework 2018-04-27 10:36:32 -06:00
caleBot 7dbdb42154 added enum_nagios_xi doc file 2018-04-27 10:35:07 -06:00
Guilherme Leite 3dd996efce
removing unecessary description 2018-04-27 10:47:34 -03:00
James Barnett 5d32a3264d
Workspace API Doc first pass. 2018-04-26 17:55:39 -05:00
James Barnett 5d43e0527f
Notes API doc first pass 2018-04-26 17:42:03 -05:00
BennyHusted 1806c247f1 Fixing tabbed spaces, version number in documentation 2018-04-26 18:15:39 -04:00
root b547e6282e Adding print statement to run the corresponding post module 2018-04-26 17:55:31 -04:00
root 37a32c2726 Adding module for Nagios XI remote root exploit.
See http://blog.redactedsec.net/exploits/2018/04/26/nagios.html for
more information.
2018-04-26 17:42:10 -04:00
James Barnett 49baa2ce41
Initial pass for Services api doc 2018-04-26 14:38:16 -05:00
Brent Cook 0fa0358993
Land #9853, Update Linux sock_sendpage local exploit module 2018-04-26 14:30:51 -05:00
James Barnett f46a3325fc
Add loot api docs 2018-04-26 11:24:05 -05:00
James Barnett f5c35843a8
Move swagger docs to separate files 2018-04-26 11:08:11 -05:00
Guilherme Cesar Leite a8662469fe Documentation on modules/auxiliary/scanner/db2/discovery
x
2018-04-26 03:10:45 -03:00
Brent Cook f52e6a18a2
Land #9876, Drupalgeddon 2 2018-04-25 15:49:53 -05:00
William Vu 644889a324 Add TurnKey Linux ISOs to module doc setup section 2018-04-25 14:32:26 -05:00
William Vu 675ed78948 Update module doc with patch level detection 2018-04-24 23:30:05 -05:00
William Vu 8bc1417c8c Use PHP_FUNC as a fallback in case assert() fails
Additionally drop a file in a writable directory in case CWD fails.
2018-04-24 22:29:27 -05:00
William Vu e03ebf9446 Don't make a header out of tested version
Reads a little better now.
2018-04-24 21:06:38 -05:00
William Vu 89c95cae08 Remove block quote and add version to sample run
The block quote was ripped directly from the module description. It
isn't necessary in the dedicated documentation. Reads better now.
2018-04-24 21:02:30 -05:00
William Vu cd4861610f Explain available targets in documentation
Oops.
2018-04-24 04:31:30 -05:00
William Vu b507391f1b Change back to vprint_status for the nth time
I really couldn't decide, especially once I got rid of CmdStager.

Also fully document the module options.
2018-04-24 04:23:52 -05:00
William Vu 2abfee83de Add module doc to appease the @h00die god 2018-04-24 04:03:35 -05:00
Brendan Coles ef5272cdc6 Update tested versions 2018-04-23 20:28:24 +00:00
Brendan Coles 767b4a7e05 Add documentation 2018-04-23 18:14:02 +00:00
Wei Chen f9a804e7d8
Bring the PR up to date 2018-04-23 08:52:05 -05:00
bwatters-r7 fb6fe3eede
Moved documentation to correct location 2018-04-23 07:31:25 -05:00
h00die e197cb5759 add arch check 2018-04-22 08:30:32 -04:00
bwatters-r7 1c92134606
Land #9756, Add lastore-daemon D-Bus Privilege Escalation exploit
Merge branch 'land-9756' into upstream-master
2018-04-20 15:45:37 -05:00
bwatters-r7 eadbcdd679
Added warning abotu the pipup and ding when running the exploit. 2018-04-20 15:44:23 -05:00
bwatters-r7 f12f6d54a5
Land #9862, Post-exploitation module for meterpreter (Windows) to send wireless probe requests
Merge branch 'land-9862' into upstream-master
2018-04-20 14:32:01 -05:00
bwatters-r7 99b7d690d7
Added documentation for module 2018-04-20 14:30:30 -05:00
bwatters-r7 37a844bef0
Land # 9247, Add ASUS infosvr Auth Bypass Command Execution exploit
Merge branch 'land-9247' into upstream-master
2018-04-20 11:24:47 -05:00
Tim W 1547a47026
Land #9784, add osx high sierra APFS password disclosure post module 2018-04-18 14:27:22 +08:00
Tim W 72cd97d3e4 minor documentation and comment tweaks 2018-04-18 14:22:32 +08:00
Lars Sorenson 27ded57cda Add MSF module for EDB 6768 2018-04-14 08:51:51 -04:00
Brendan Coles 760eac005f
Minor update to documentation 2018-04-12 16:48:33 +10:00
h00die c72ca7544b dont let this run on meterpreter 2018-04-11 21:05:15 -04:00
Adam Cammack 2a6acfd1d0
Land #9823, Private IP leak via WebRTC 2018-04-11 17:37:56 -05:00
Adam Cammack 7e4caa16ff
Add more example output to module doc 2018-04-11 17:29:18 -05:00
Dhiraj Mishra 8b6bfcb2f0
Added documentation 2018-04-11 11:28:50 +05:30
Brendan Coles 608e53ea89 Add documentation 2018-04-10 14:18:22 +00:00
Green-m d9dc2ec2f7 Merge branch 'master' into couchdb_cmd_exec 2018-04-08 23:35:04 -04:00
h00die a473dd04a8
Land #9813, Add etcd library and version scanner 2018-04-08 07:05:31 -04:00
gushmazuko 6b1abba6c8
Added sluihijack module documentation 2018-04-08 12:03:11 +02:00
Daniel Teixeira 09bbbf82ba
Update oscommerce_installer_unauth_code_exec.md 2018-04-06 13:05:14 +01:00
Daniel Teixeira f50b42ec52
Rename osCommerce.md to oscommerce_installer_unauth_code_exec.md 2018-04-06 11:32:38 +01:00
Daniel Teixeira cb0e516ecd
Update osCommerce.md 2018-04-06 11:32:20 +01:00
Daniel Teixeira bcef50b062
osCommerce Documentation 2018-04-05 20:26:44 +01:00
Brent Cook 81c78a51c2
Land #9794, Added support for regional dialects 2018-04-05 12:56:07 -05:00
Spencer McIntyre 0a3bcf570c Add the scanner/smb/impacket/dcomexec module 2018-04-04 17:34:41 -04:00
Jon Hart b9dbf1a6f3
Fix formatting error in etcd open_key_scanner 2018-04-04 10:59:38 -07:00
Jon Hart c96bdf4ea1
Add etcd version scanner docs 2018-04-04 10:58:55 -07:00
Chris Higgins 1fa40bfe3b
Land #8539, ProcessMaker Plugin Upload exploit 2018-04-03 20:52:17 -05:00
bwatters-r7 e17be05e6a
Land #9595, Add post module RID Hijacking on Windows 2018-04-03 14:12:34 -05:00
Brent Cook 1424019411 update docs 2018-04-03 13:52:02 -05:00
Brent Cook 8f7d9f3ac8 rename module 2018-04-03 13:44:55 -05:00
Brent Cook bd80e9d0c5 documentation 2018-04-03 13:39:11 -05:00
Brent Cook 8c2138f13b
Land #9742, QNX exploit improvements 2018-04-03 07:50:29 -05:00
Brent Cook 226ef160ff
Land #9748, Convert the smbloris DoS into an external module
Help reliability and performance. This some Ruby-specific external module
tooling as a result as well.
2018-04-02 23:25:10 -05:00
Carter Brainerd (thecarterb) cdcbd03b3c
Create apfs_encrypted_volume_passwd.md 2018-04-02 20:48:54 -04:00
Jacob Robles 288082e68d
Update documentation for get_user_spns.py 2018-04-02 12:15:13 -05:00
Brent Cook fa34f3e0a4
Land #9718, Add get_user_spns 'kerberoasting' module 2018-04-02 10:04:44 -05:00
Green-m 6a45e0299b Add document of exploit module apache_couchdb_cmd_exec 2018-03-29 02:40:51 -04:00
Jon Hart a1e83ce835
Land #9760, @h00die's etcd scanner 2018-03-28 10:41:22 -07:00
Jon Hart e01679d374
Use common path in etcd docs 2018-03-28 09:55:05 -07:00
Jon Hart e7f9d789eb
Add docker docs for etcd 2018-03-28 09:43:12 -07:00
Jacob Robles a1fff486bc
Land #9666, Add 2017-8917 RCE for Joomla 3.7.0 2018-03-28 11:08:38 -05:00
Jacob Robles 0fa63ae7b3
Update documentation and module
Included Super User in the documentation.
Implemented changes h00die suggested.
Modified sqli to generate strings used in regex.
2018-03-28 10:57:28 -05:00
h00die c97743925f jhart suggestions 2018-03-27 18:46:31 -04:00
Wei Chen 94fd599756
Land #9684, Adding ManageEngine Application Manager RCE
Land #9684
2018-03-27 15:17:20 -05:00
Wei Chen fb0d87163c Update documentation for manageengine_appmanager_exec 2018-03-27 15:16:39 -05:00
Wei Chen 0a0bef0c4f
Land #9633, Exodus Wallet Remote Code Execution
Land #9633
2018-03-27 14:51:15 -05:00
William Vu a8914f2f9f
Land #9775, module doc improvements to MS17-010 2018-03-27 14:38:20 -05:00
William Vu 7e4e6e6437 Update ms17_010_{psexec,command} module docs 2018-03-27 14:32:21 -05:00
Wei Chen 8c88c53e5d
Land #9670, Gitstack v2.3.10 RCE
Land #9670
2018-03-27 13:00:47 -05:00
Wei Chen df49345f5d Update gitstack_rce.md 2018-03-27 12:59:49 -05:00
h00die e462cb49a2 updated docs 2018-03-25 14:53:30 -04:00
h00die 1371684df7 add linux mint to docs 2018-03-25 07:58:51 -04:00
h00die 80c4d59560
Land #9702 exploit for clipbucket 2018-03-24 19:59:17 -04:00
h00die 0028e2c5ba documentation update 2018-03-24 19:25:59 -04:00
Brendan Coles d5961f277e Add documentation 2018-03-24 23:16:51 +00:00
h00die e8d910ac08 spelling 2018-03-23 21:40:46 -04:00
h00die 200f8ae849 Merge branch 'master' of https://github.com/rapid7/metasploit-framework into cve201716995 2018-03-23 21:17:07 -04:00
h00die 6b0691a91a cve-2017-16995 2018-03-23 21:09:56 -04:00
Brendan Coles fdd2af2d2a Update tested versions 2018-03-24 00:23:12 +00:00
Adam Cammack 5ece14b064
Convert SMBLoris to an external module 2018-03-23 14:55:18 -05:00
Daniel Teixeira d192173792
Vulnerable application link update 2018-03-22 11:57:54 +00:00
Brendan Coles 6885f16e38 Add documentation 2018-03-22 06:27:13 +00:00
Jacob Robles 8d12118d1f
Add get_user_spns external module and documentation 2018-03-21 06:26:15 -05:00
Brendan Coles ac9f506b45 Update tested versions 2018-03-20 02:49:56 +00:00
Mehmet İnce 53eabfc1df Update documentation and add check before exploit 2018-03-19 23:27:18 +03:00
Touhid M Shaikh 0817e6b15f
Delete playsms_uploadcsv_exec.md 2018-03-18 13:57:04 +05:30
Touhid M Shaikh 0e0fcdf727 PlaySMS 1.4 RCE
PlaySMS 1.4 Remote Code Execution using Phonebook import Function in import.php
2018-03-18 13:46:30 +05:30
Brent Cook 44d5022380
Land #9529, Add module for HP iLO CVE-2017-12542 authentication bypass 2018-03-16 16:50:54 -05:00
Jacob Robles 1b2f1ced02
Land #8422, Typo3 News Module Sql Injection exploit 2018-03-15 10:55:04 -05:00
Jacob Robles ba0d990273
Documentation added and Error Checks 2018-03-15 10:46:08 -05:00
Ege Balcı 177eca30e8
Usage instructions adjusted. 2018-03-15 12:39:22 +03:00
h00die d736a6d2ec updated juniper docs 2018-03-14 21:02:22 -04:00
Mehmet İnce b55a750fa9 Fix typo and couple tiny nitpicks 2018-03-14 11:51:21 +03:00
Mehmet İnce 889c914b3d Updating documentation and minor code changes 2018-03-13 12:05:27 +03:00
Ege Balcı b7b09c5010
Documentation added. 2018-03-12 20:30:15 +03:00
Brent Cook d86dcbc237
Land #9632, owa_login and auth_brute enhancements 2018-03-12 10:31:20 -05:00
Touhid M Shaikh 9b0ba4a6fa clipbucket_fileupload_exec 2018-03-12 14:17:13 +05:30
Jacob Robles 1fd0087a97
Land #7654, varnish file read 2018-03-09 10:59:04 -06:00
Luis Hernandez 37bf4d118a Changes suggested by h00die 0803 2018-03-09 09:55:50 -05:00
Jacob Robles ea78e21961
Documentation accuracy 2018-03-09 07:43:12 -06:00
Jacob Robles 2735ae57cb
Documentation accuracy 2018-03-09 07:31:55 -06:00
Luis Hernandez 048d0d1fe4 Changes suggested by h00die 2018-03-08 20:13:01 -05:00
Jacob Robles 178fa16953
Grammar fix 2018-03-08 07:42:29 -06:00
Jacob Robles 24079c345d
Style guide and grammar fixes 2018-03-08 07:30:02 -06:00
Mehmet İnce 611b208267 Adding ManageEngine Application Manager RCE 2018-03-07 23:54:01 +03:00
Kirk Swidowski fb04fef3a5 added documentation. 2018-03-07 08:34:49 -08:00
Kirk Swidowski 81596b627d added documentation. 2018-03-07 08:31:25 -08:00
Jacob Robles 15269ec3ce
Land #9678, Add memcached UDP version scanner 2018-03-07 10:14:29 -06:00
Jacob Robles 86dd382e6a
Land #9554, Eclipse Equinoxe OSGi console RCE 2018-03-07 08:41:31 -06:00
Fab e8a227b1a6 Changes as requested by jhart-r7:
- Default Username / Password are now random
- Doc fixed
- REST typo fixed
2018-03-07 10:48:05 +01:00
Jon Hart 7733662767
Add docs for memcached_udp_version 2018-03-06 18:12:40 -08:00
Luis Hernandez 05a653b853 Add module documentation 2018-03-06 20:37:11 -05:00
Brent Cook d6871f5733
Land #9614, Juniper post enum module 2018-03-06 10:29:56 -06:00
Jacob Robles 99799f1e98
Update doc 2018-03-05 13:40:37 -06:00
Jacob Robles a4f48eb80f
Add GitStack v2.3.10 RCE 2018-03-05 13:25:41 -06:00
Jon Hart 3028dccd7a
Land #9644, @xistence's memcached stats amplification scanner 2018-03-05 09:02:28 -08:00
h00die d454267ea5 update docs 2018-03-02 21:00:41 -05:00