884a8b29e7
add doc for auxiliary/scanner/ike/cisco_ike_benigncertain.rb
2016-10-12 03:33:22 -05:00
2a308f76b1
Update rails_dynamic_render_code_exec.md
2016-10-10 22:43:24 -05:00
f2252bb179
fixed a few things, thanks @h00die
2016-10-10 22:30:01 -05:00
2ad82ff8e3
more nagios versatility
2016-10-10 10:21:49 -04:00
d1a11f46e8
Land #7418 , Linux recvmmsg Priv Esc (CVE-2014-0038)
2016-10-09 18:37:52 -05:00
f9060b0ac7
fixed doc numbering
2016-10-09 00:02:18 -04:00
2dfebe586e
working cve-2014-0038
2016-10-08 23:58:09 -04:00
b77a910205
Land #7355 , allwinner post to local exploit conversion
2016-10-08 21:38:54 -05:00
e074669406
Land #7296 , Added a SCADA module for detecting Profinet devices, e.g. Siemens controllers
2016-10-08 21:34:40 -05:00
7e2e98f96c
Land #7413 , Add KB for post/firefox/gather/passwords
2016-10-08 21:31:27 -05:00
bd24e7eba0
more cleanups and print output on auto-run
2016-10-08 21:14:26 -05:00
df597a7bb7
add module documentation
2016-10-08 20:17:54 -05:00
86465710e2
Add KB for post/firefox/gather/passwords.
2016-10-08 01:19:26 +02:00
27cf5c65c4
working module
2016-10-04 23:21:53 -04:00
cf20ccaccd
Add kb for aws_ec2_instance_metadata
2016-09-30 07:02:33 -07:00
7b0a8784aa
additional doc updates
2016-09-29 19:02:16 -04:00
c036c258a9
cve-2016-4557
2016-09-29 05:23:12 -04:00
7a108e2102
updated docs w/ error codes on failed attempts
2016-09-27 20:26:04 -04:00
35a2b3e59d
working panda
2016-09-27 20:15:17 -04:00
b87911bd0b
Land #7340 , auxiliary/server/socks4a docs
2016-09-26 17:34:45 -05:00
b9de73e803
Land #7334 , Add aux module to exploit WINDOWS based (java) Colorado
...
FTP server directory traversal
2016-09-26 14:15:23 -05:00
6382fffc75
Land #7326 , Linux Kernel Netfilter Privesc
2016-09-26 12:38:50 -05:00
23e5556a4c
binary drops work!
2016-09-24 21:31:00 -04:00
6f4c9435be
Add module documentation
2016-09-24 05:48:18 -04:00
cba297644e
post to local conversion
2016-09-22 22:08:24 -04:00
3dff41c833
documentation update
2016-09-22 21:06:31 -04:00
04f8f7a0ea
Land #7266 , Add Kaltura Remote PHP Code Execution
2016-09-21 17:14:49 -05:00
d1bf7d94bc
auxilary/server/socks4a documentation
2016-09-20 20:08:16 +01:00
fb00d1c556
Another minor grammer changes
2016-09-20 19:23:28 +03:00
513d8a8163
Edit fail
2016-09-20 10:51:12 -05:00
e1155fed77
Minor changes to grammar
2016-09-20 10:34:03 -05:00
385428684f
Move module and docs under the exploit/linux/http folder
2016-09-20 12:45:23 +03:00
0a58ada1da
Add missing steps and cite original wiki URL
2016-09-20 01:38:46 +03:00
e05cac15c6
auxilary/server/socks4a documentation
2016-09-19 21:37:35 +01:00
9c922d111f
colorado ftp
2016-09-18 20:03:16 -04:00
4f85a1171f
reexploit and other docs and edits added
2016-09-18 08:51:27 -04:00
d70cbf4ba7
Add documentation includes how to install Kaltura
2016-09-17 23:12:47 +03:00
1b7f706c6b
added doc note
2016-09-16 01:57:36 -04:00
2e42e0f091
first commit
2016-09-16 01:54:49 -04:00
030e09c9c6
Land #7322 , drupal_drupageddon module docs
2016-09-16 00:40:18 -05:00
a9502bfe9e
drupageddon docs
2016-09-15 13:29:06 -04:00
fcf7a98993
Land #7311 , add module documentation for post/linux/gather/checkvm and post/linux/gather/hashdump
2016-09-14 20:45:26 -05:00
373655c41d
Land #7314 , Module documentation for exagrid_privkey
2016-09-14 20:41:25 -05:00
18fa897644
Add initial at_persistence documentation
2016-09-14 16:06:15 -07:00
01327f0265
Land #7245 , NetBSD mail.local privilege escalation module
2016-09-14 16:07:12 -05:00
8f85a94664
remove example line
2016-09-14 09:29:19 -04:00
10dc30fe2a
remove example line
2016-09-14 09:27:22 -04:00
117790caac
adding docs
2016-09-14 01:13:13 -04:00
b9c876d6d7
fix numbering
2016-09-14 00:53:30 -04:00
2d925e5bdd
adding docs
2016-09-14 00:48:01 -04:00
8df8f7dda0
Initial commit of profinet_siemens.rb
2016-09-11 09:15:41 +02:00
a0e05d4c4c
Land #7287 , mdaemon cred dumper
2016-09-10 08:43:07 -05:00
f35fdfcd5f
Added documentation for auxiliary/scanner/http/owa_ews_login
2016-09-09 11:50:25 -05:00
1c598cd15d
SMTP Type
...
Change SMPT for SMTP
2016-09-09 01:36:08 -05:00
dcd3b6c092
Add space
2016-08-31 19:58:24 -05:00
a046c206f6
Improve doc
...
Better format and more info
2016-08-31 19:57:27 -05:00
7852ef7d0e
Remove HTML tags
2016-08-31 11:05:38 -05:00
31fc64034c
Update mdaemon_cred_collector.md
2016-08-31 09:51:37 -05:00
d1a7ea132b
mdaemon_cred_collector Doc
2016-08-31 09:50:56 -05:00
82da4b5072
forgot to save docs
2016-08-26 20:02:20 -04:00
5dff01625d
working code
2016-08-25 21:32:25 -04:00
1a22ac05df
Update module doc for smb_login
2016-08-23 23:14:19 -05:00
95b82219a3
Land #7233 , ssh over L# pivot
...
this lands egypt's fix for using Net::SSH over L# pivots
2016-08-23 14:12:54 -05:00
8d2bdb2a71
Quote commands
2016-08-22 14:39:51 -05:00
0b73786e10
avoid bad filter
2016-08-22 11:47:39 -05:00
1065b4cfe2
Linked the zip file
2016-08-23 00:33:04 +08:00
f2e2cb6a5e
cant transfer file
2016-08-21 19:42:29 -04:00
139d431230
eliminate space
2016-08-20 04:17:22 +08:00
51a2354fea
Add KB for multi/http/caidao_php_backdoor_exec
2016-08-20 04:12:31 +08:00
2b6576b038
Land #7012 , Linux service persistence module
2016-08-17 22:45:35 -05:00
c64d91457f
Land #7003 , cron/crontab persistence module
2016-08-17 22:45:16 -05:00
2fa4c7073b
Land #6995 , SSH key persistence module
2016-08-17 22:44:57 -05:00
8654baf3dd
Land #6880 , add a module for netcore/netdis udp 53413 backdoor
2016-08-08 15:43:34 -05:00
89417304b0
Fix format for netcore_udp_53413_backdoor.md
2016-08-08 15:42:46 -05:00
a48487578c
Land #7165 , Add documentation for juniper_backdoor, brocade_enable_login, and werkzeug_debug_rce
2016-08-01 15:46:20 -05:00
abf435d6c2
Land #6960 , Auth bypass for Polycom HDX video endpoints
2016-08-01 14:02:50 -05:00
5309f2e4fb
endpoints, not end points
2016-08-01 14:02:17 -05:00
50c918f889
update documentation with verification
2016-08-01 13:59:00 -05:00
38138e66d2
adding docs for #4888 #5697 #6731
2016-07-29 23:11:57 -04:00
b2a521475a
adding sparse docs
2016-07-29 22:02:11 -04:00
be65f2c4d3
add module doc
2016-07-26 20:26:22 -05:00
4720d77c3a
Land #6965 , centreon useralias exec
2016-07-26 15:02:36 -07:00
c21971cb4e
Added some info on problems encountered during testing.
2016-07-26 14:59:18 -07:00
df15eebdf8
Land #7106 , multiple keylog_recorder improvements
2016-07-25 14:54:06 -05:00
128887bfb1
Update module doc to reflect change in migration failure operation
2016-07-22 13:07:55 -05:00
2008190f40
Add docs for MSSQL local auth bypass module
2016-07-21 11:09:24 -07:00
5a9f2423c4
forgot python
2016-07-20 14:16:57 -04:00
56b1565955
updated docs for step by step install of software
2016-07-20 12:48:28 -04:00
722133491d
Wording change in advanced options and doc
2016-07-16 22:57:36 -05:00
b8edbec125
Minor change to module doc
2016-07-16 22:47:47 -05:00
ba9a59cfe6
Add module documentation
2016-07-16 22:40:17 -05:00
9862a2fc25
Land #7080 , Updated docs and made enhancements for Netgear soap password extractor
2016-07-13 14:30:46 -07:00
78bfced8dd
Land #7091 , Add docs for Windows Meterpreter reverse HTTPS
2016-07-13 14:21:05 -07:00
fcdb32795d
Land #6777 , Linux Xen 4.2.0 DoS
2016-07-13 00:40:42 -05:00
7b5e3a880d
added module docs and some output tweaks for consistency with other modules
2016-07-13 00:38:46 -05:00
f6751f3c90
Fix typos
2016-07-12 10:56:41 -05:00
6ab0dbc321
fix header
2016-07-11 15:34:14 -05:00
2c7ffcc3a8
Update windows/meterpreter/reverse_tcp doc about sleep control
2016-07-11 15:32:49 -05:00
8817de793a
Add module documentation for windows/meterpreter/reverse_https
2016-07-11 15:18:18 -05:00
202969fae9
Land #7081 , Add module documentation for linux/x86/meterpreter/reverse_tcp
2016-07-08 15:51:27 -05:00
d0e1c67c18
Land #7026 , Add Action Pack render exploit CVE-2016-2098
2016-07-07 16:16:37 -05:00
201750a31b
Add documentation for rails_actionpack_inline_exec
2016-07-07 16:15:51 -05:00
deecb24967
Update doc
2016-07-07 11:43:03 -05:00
54fa43030d
Add module documentation for linux/x86/meterpreter/reverse_tcp
2016-07-07 11:39:28 -05:00
47cf6d5edf
better docs, extract more data
2016-07-06 21:28:57 -04:00
fee361dae0
Land #7075 , Add ms16-016 local privilege escalation
2016-07-06 12:01:01 -05:00
bd566da5ca
Minor grammar changes and versions note
2016-07-06 11:10:05 -04:00
4ec69236d2
Add module documentation for python/meterpreter/reverse_tcp
2016-07-05 23:56:11 -05:00
d923a5d42d
typos in mod docs
2016-07-05 22:52:35 -05:00
899ea558e3
added module doc for ms16_016_webdav
2016-07-05 22:12:35 -05:00
54dfcee665
Land #7055 , add netgear_soap_password_extractor docs
2016-07-04 23:59:10 -05:00
844c13dc17
added new vuln device to netgear list, plus docs
2016-07-01 18:32:30 -04:00
70a79bb0e8
Land #7014 , Nagios remote root shell exploit
2016-07-01 08:17:38 -07:00
d42d9f8557
Add module docs to appease the Thao god
2016-07-01 01:17:27 -05:00
afbeb2b668
Land #7023 , fixes for swagger exploit
...
Thanks @sdavis-r7!
See #7015 as well.
2016-06-30 10:54:34 -04:00
70a7415185
Change description
2016-06-28 11:24:38 -05:00
c2b4e22b46
updated with discovered changes from k kali & documentation update changes requested.
2016-06-27 01:53:20 -04:00
1e7202cf9b
Add module documentation for auxiliary/admin/netbios/netbios_spoof
2016-06-25 12:20:08 -05:00
1c20122648
fedora compatibility, added naming options
2016-06-25 08:43:55 -04:00
5e1b7d8c0f
even more clean up.
2016-06-23 14:59:11 -07:00
63d8787101
added back (new) usage examples for nodejs,java,ruby,php.
2016-06-23 14:56:46 -07:00
ff741fbc35
Rename for docs
2016-06-23 14:53:49 -05:00
92522138c5
Remove the RC files
2016-06-23 14:52:23 -05:00
fbd0bc4308
updated as per @egypt & @todb-r7 recommendations.
2016-06-23 11:41:54 -04:00
47e4321424
CVE-2016-5641
2016-06-23 06:09:37 -07:00
a3b08418b9
fixed markdown
2016-06-22 20:32:51 -04:00
f3b0fc320d
fix up markdown
2016-06-22 20:27:52 -04:00
35e3fb3e2f
fixed markdown
2016-06-22 20:15:29 -04:00
bc293e2a8b
fixed bad markup
2016-06-22 20:10:25 -04:00
18a3bf5f62
service persistence
2016-06-22 19:22:18 -04:00
048741660c
Land #6980 , Add ClamAV Remote Command Transmitter
2016-06-22 15:50:45 -05:00
a1b1b31f98
Update clamav_control.md
2016-06-22 15:49:23 -05:00
f5e6eccce2
Add clamav_control.md doc
2016-06-22 15:43:31 -05:00
de5152401a
Land #6992 , Add tiki calendar exec exploit
2016-06-22 11:18:14 -05:00
8697d3d6fb
Update tiki_calendar_exec module and documentation
2016-06-22 11:17:45 -05:00
9cb57d78d7
updated check and docs that 14.2 may not be vuln
2016-06-21 16:48:09 -04:00
4b8f572976
cron persistence
2016-06-20 21:45:04 -04:00
c4a58fbc6c
doc variable name change
2016-06-19 22:47:17 -04:00
6905a29b10
sshkey persistence
2016-06-19 22:40:03 -04:00
6fe7698b13
follow redirect automatically
2016-06-19 20:24:54 -04:00
ddfd015310
functionalized calendar call, updated docs
2016-06-19 08:53:22 -04:00
1db10eec39
slight documentation update
2016-06-18 13:27:46 -04:00
3feff7533b
tiki calendar
2016-06-18 13:11:11 -04:00
9ea0b8f944
Land #6934 , Adds exploit for op5 configuration command execution
2016-06-16 14:36:10 -05:00
cfb034fa95
fixes all previously identified issues
2016-06-15 20:58:04 -04:00
1d27538545
Missing a word
2016-06-14 14:15:28 -05:00
a7c778b852
Update magento_unserialize.md
2016-06-14 11:15:25 -05:00
bd6eecf7b0
centreon useralias first add
2016-06-11 20:57:18 -04:00
7143095b4b
Land #6947 , add auxiliary/scanner/jenkins/jenkins_udp_broadcast_enum
2016-06-09 14:21:55 -05:00
312342b0fd
Add module documentation for jenkins_udp_broadcast_enum
2016-06-09 14:20:48 -05:00
7cdadca79b
Land #6945 , Add struts_dmi_rest_exec exploit
2016-06-08 23:16:46 -05:00
dff60d96c8
Add mod doc for struts_dmi_rest_exec and update struts_dmi_exec.md
2016-06-08 23:15:44 -05:00
036ba8057a
Add module doc for symantec_brightmail_ldapcreds
2016-06-07 19:39:55 -05:00
c4aa99fdac
Land #6925 , ipfire proxy exec
2016-06-07 10:24:59 -05:00
7e84c808b2
Merge remote-tracking branch 'upstream/pr/6924' into dev
2016-06-07 09:24:25 -05:00
b59d10d9c4
Land #6929 , Add HP Data Protector Encrypted Comms exploit
2016-06-06 22:45:53 -05:00
d8d6ab3ae8
Add hp_dataprotector_encrypted_comms.md
2016-06-06 22:45:17 -05:00
09e721c4eb
See #6885 , merge tiny whitespace fix
2016-06-03 08:00:24 -05:00
d5c2a8e3c8
whitespace
2016-06-03 07:59:48 -05:00
d371fd0798
Land #6885 , add aux control module for PhoenixContact PLCs
2016-06-03 07:50:39 -05:00
ba9a693435
condense a little more
2016-06-03 07:50:13 -05:00
064d6b3f51
wording and formatting updates
2016-06-03 07:42:54 -05:00
1dad9bf7fa
Correct module doc path for magento_unserialize.md
2016-06-02 17:12:39 -05:00
184802d7d1
Add documentation for magento_unserialize
2016-06-02 17:10:26 -05:00
68d647edf1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into op5
2016-06-01 18:05:18 -04:00
52d5028548
op5 config exec
2016-06-01 15:07:31 -04:00
3163af603d
md fix
2016-05-30 10:25:49 -04:00
057947d7e8
ipfire proxy exec
2016-05-30 10:24:17 -04:00
9b5e3010ef
doc/module cleanup
2016-05-30 06:33:48 -04:00
df55f9a57c
first add of ipfire shellshock
2016-05-29 20:40:12 -04:00
2c4b387eb2
Update phoenix_command.md
2016-05-28 15:35:00 +02:00
2afcda9d49
Did some more rubocopy work and
...
added module documentation
2016-05-28 15:32:18 +02:00
928a706135
Land #6890 , Allwinner CPU kernel module local privilege escalation
2016-05-23 22:00:52 -05:00
2f8562fba4
added documentation and minor style tweaks
2016-05-23 21:59:44 -05:00
cf0176e68b
Land #6867 , Add Dell SonicWALL Scrutinizer 11.0.1 MethodDetail SQL Injection
2016-05-16 19:00:10 -05:00
21d74a64fe
Land #6874 , Improve exploit for CVE-2016-0854
2016-05-14 11:08:17 -05:00
2e3e4f0069
Land #6296 , Added a multi-platform post module to generate TCP & UDP egress traffic
2016-05-14 00:03:00 -05:00
3542d907f7
simplify description, move the bulk of documentation to documentation/
2016-05-14 00:01:51 -05:00
9114e01ed9
update doc
2016-05-13 23:31:38 -05:00
d398419971
Land #6832 , Check LHOST value before running shell_to_meterpreter, add docs
2016-05-13 22:50:22 -05:00
a940481f62
Land #6834 , Authorized FTP JCL exploit for z/OS
2016-05-13 21:29:45 -05:00
3b5db26ff5
Fix #6872 , change upload action for CVE-2016-0854 exploit
...
This patch includes the following changes:
* Instead of the uploadFile action, this patch uses uploadImageCommon
to be able to support both Advantech WebAccess builds: 2014 and
2015.
* It uses an explicit check instead of the passive version check.
* It cleans up the malicious file after getting a session.
* Added module documentation to explain the differences between
different builds of Advantech WebAccess 8.0s, and 8.1.
Fix #6872
2016-05-13 19:47:18 -05:00
2d5cf6cfe4
Authorized FTP JCL exploit for z/OS
...
This exploit module allows a user with credentials to execute JCL on a
vulnerable mainframe system running z/OS and an appropriately configured
FTP server.
2016-05-12 14:46:31 -05:00
756673fcd7
Fix another typo
2016-05-12 00:13:53 -05:00
9d128cfd9f
Add Dell SonicWALL Scrutinizer 11.0.1 MethodDetail SQL Injection
2016-05-11 22:27:18 -05:00
08416c600f
Grammatical and style fixes for priv_migrate
2016-05-04 11:14:29 -07:00
d617ca59f3
Land #6844 , Add documentation for struts_dmi_exec
2016-05-02 14:31:34 -07:00
027855def4
Add module documentation for struts_dmi_exec
2016-05-02 15:43:34 -05:00
3aca699d09
Add priv_migrate.md
2016-04-30 19:02:45 -05:00
2f66442f1d
Fix #5191 , bad LHOST format causes shell_to_meterpreter to backtrace
...
When using shell_to_meterpreter via a pivot, the LHOST input's format
might be invalid. This is kind of a design limitation, so first we
check the input, and there is a module doc to go with it to explain
a workaround.
Fix #5191
2016-04-28 23:03:54 -05:00
ffdd3b1c92
Finish up autoroute.md
2016-04-17 18:23:30 -05:00
fb7194c125
Work on autoroute.md
2016-04-17 00:04:42 -05:00
880697d00a
Add documentation for make_csv_orgchart
2016-04-07 17:17:57 -05:00
c072028f0e
Add documentation for post/windows/gather/ad_to_sqlite
2016-04-07 16:43:55 -05:00
76c6f8c19d
Move module_doc_template
2016-03-24 17:07:19 -05:00
925cc3b56f
Adding docs for Lester https://issues.corp.rapid7.com/browse/MS-1193
2016-03-24 16:51:02 -05:00
0852973b18
Minor edits for the following:
...
https://issues.corp.rapid7.com/browse/MS-1197
https://issues.corp.rapid7.com/browse/MS-1198
https://issues.corp.rapid7.com/browse/MS-1199
https://issues.corp.rapid7.com/browse/MS-1200
https://issues.corp.rapid7.com/browse/MS-1201
2016-03-24 12:13:03 -05:00
7e5fced46b
MS-1196 Minor edits to the kb for the web_delivery module
2016-03-22 12:26:55 -05:00
4c42a74d48
MS-1195 minor grammatical edits to psexec kb
2016-03-21 14:18:16 -05:00
12b456e452
Add module documentation for android/meterpreter/reverse_tcp
2016-03-08 16:55:04 -06:00
f831d58c1c
Support tables
2016-03-08 12:19:27 -06:00
698f425821
Auto <hr>
2016-03-08 11:25:15 -06:00
ee63464b8c
Update doc
2016-03-07 15:41:54 -06:00
26b64a0702
Add correct doc for tomcat_mgr_login
2016-03-07 15:41:03 -06:00
d859194e4e
Update doc
2016-03-07 12:29:32 -06:00
1bfbbe918c
Add documentation for post/windows/gather/hashdump
2016-03-07 12:17:21 -06:00
03eb568af7
Add --- to make sections to stand out more
2016-03-05 15:17:19 -06:00
b82b1b0a47
Update windows/meterpreter/reverse_tcp doc
2016-03-05 15:14:05 -06:00
1b39d5f593
Add work in progress: windows/meterpreter/reverse_tcp.md
2016-03-05 00:43:08 -06:00
f4866fd5f0
Update template and web_delivery doc
2016-03-03 01:27:14 -06:00
11964c5c1a
Add remote exploit demo and web_delivery doc
2016-03-02 19:52:11 -06:00
eede7c9193
Link to WbemExec writeup
2016-03-02 11:05:33 -06:00
e615e1072e
Update information about SMBv1
2016-03-02 10:51:45 -06:00
c8e1396cb4
Add documentation for smb_login
2016-03-01 22:03:16 -06:00
d4c433e29f
Update psexec.md
2016-03-01 19:29:25 -06:00
876a5b55f9
Update psexec.md
2016-03-01 19:06:40 -06:00
f27d24fd60
Add module documentation for psexec
2016-03-01 18:52:47 -06:00
99d593e9a0
missing an of
2016-03-01 15:11:29 -06:00
552f2a148b
Add documentation for ms08_067_netapi
2016-03-01 15:09:30 -06:00
fd8e3e719d
real demo
2016-02-26 14:43:53 -06:00
250ce6fb17
lets be clear
2016-02-26 14:30:12 -06:00
4c58b67e37
Update browser_autopwn2.md
2016-02-24 19:09:35 -06:00
3125c99e45
Remove this fake doc
2016-02-24 15:17:18 -06:00
3f3b76bc86
Add example md for BAP2
2016-02-18 15:39:38 -06:00
509a1e8de1
Add manual for demo purposes
2016-02-16 23:18:29 -06:00
nixawk
mr_me
h00die
Pearce Barry
Brent Cook
Brent Cook
Daniel Werner
Jon Hart
William Vu
Brendan
Oliver Rumbelow
Mehmet Ince
William Webb
Tijl Deneut
scriptjunkie
Agora Security
h00die
David Maloney
James Lee
wchen-r7
Jay Turla
Josh Hale
thao doan
Spencer McIntyre
Tod Beardsley
Scott Lee Davis
Tijl Deneut
Bigendian Smalls