8c1f1696af
Kill trailing whitespace in docs
2017-12-18 17:35:49 -06:00
4aa480d655
Land #9311 , docs for #9180
2017-12-18 17:34:55 -06:00
c2b8d23854
Kill trailing whitespace
2017-12-18 16:56:09 -06:00
65da14c165
Adding docs for modules
2017-12-18 16:47:43 -06:00
a33ed82a40
Land #9214 , @realoriginal's update to the Cisco SMI scanner to also fetch Cisco IOS configs
2017-12-18 12:22:26 -08:00
369d74cdb2
Updating documentation
...
Added a missing backtick
2017-12-18 10:34:00 -05:00
76823e9fe6
Land #9183 , Jenkins Groovy XStream RCE
2017-12-18 03:38:27 -06:00
880a1d4283
Land #9312 , Module acting as a Pyrotechnical Device Deployment Tool (PDT) for Hardware Bridge
2017-12-17 18:32:28 -06:00
8344401484
Add docs, minor tweaks.
2017-12-17 18:15:49 -06:00
95e2f1da95
Update samsung_browser_sop_bypass.md
2017-12-17 11:02:24 +05:30
53a098a7f3
Update samsung_browser_sop_bypass.md
2017-12-16 22:46:29 +05:30
6b54fe6775
Create samsung_browser_sop_bypass.md
2017-12-16 22:26:08 +05:30
c6a2ae2551
Land #9248 , Add wd_mycloud_multiupload_upload exploit
2017-12-13 18:51:02 -06:00
c0a534140d
Land #9284 a regex dos for ua_parser_js npm module
2017-12-13 19:31:49 -05:00
544e4e3d0b
fix md formatting
2017-12-13 19:30:50 -05:00
dd5532c5de
Addressing Formatting Issues
...
There were several formatting and layout issues
that are fixed in this commit. Also changing
`RHOSTS` to `RHOST`.
2017-12-13 14:26:27 -06:00
b99663fb6c
Bring #9282 up to date with upstream-master
2017-12-13 13:16:30 -06:00
37514eec17
Land #9234 , Add exploit for ClickJacking vuln for pfSense
...
Land #9234
2017-12-12 14:56:21 -06:00
6149f51273
Land #9256 , Add aux module to discover WSDD enabled devices
...
Land #9256
2017-12-12 11:55:42 -06:00
d79b0ad981
Land #9286 , Advantech WebAccess webvrpcs BOF RCE
2017-12-12 00:25:56 -05:00
7f93cca446
Land #9288 , Add Dup Scout Enterprise login buffer overflow
2017-12-11 17:12:20 -06:00
2d23054a1f
Changes as per comments
...
A few things were changed as per the PR comments:
1) The module title was reworded
2) The module description was multi-lined
3) Negative logic was rewritten to use 'unless'
4) Strings which did not require interpolation were rewritten
5) Documentation markdown was added.
2017-12-11 14:11:40 -06:00
f8977ed72c
added some fixes
2017-12-11 11:34:17 -06:00
c5f218c84c
Addressing comments
...
1. Updated documentation
2. Made the Sec-WebSocket-Key header a random value
2017-12-11 11:49:31 -05:00
3a14ac3b37
Fixed a spelling error in documentation
2017-12-09 02:30:42 -06:00
e91830efe7
Add Dup Scout Enterprise login buffer overflow
2017-12-09 02:20:05 -06:00
668585a1f9
Adding documentation
...
Adding module documentation for ws_dos.
2017-12-08 15:52:57 -05:00
073ffcb3bc
added some docs
2017-12-07 16:58:14 -06:00
900f7d6f69
docs on options
2017-12-07 14:47:40 -05:00
12425d962c
Rename office_dde_delivery to office_dde_delivery.md
2017-12-06 22:40:57 -05:00
1e4b707a60
MS Office DDE Documentation
2017-12-06 21:46:47 -05:00
ce2db3cd87
Land #9275 , CVE-2017-11882 (docs fix)
2017-12-05 10:16:54 -06:00
14226c5f33
missing docs on options
...
Missed fixes on documentation
2017-12-04 20:58:36 -05:00
69b01d26bb
Land #9226 , Microsoft Office OLE object memory corruption
2017-12-04 16:50:27 -08:00
b7f17f5519
fix documentation
2017-12-04 16:41:27 -05:00
f83e9815dd
Land #9210 , Add a Polycom HDX RCE
2017-12-04 12:49:35 -06:00
775529277f
Add documentation
2017-11-29 17:37:34 +00:00
9dc3d60fc2
Stupid Typos
2017-11-29 10:29:38 -06:00
efa8d566d7
Added documentation for iamroot
2017-11-29 10:26:06 -06:00
d174ef3a70
Add wd_mycloud_multiupload_upload exploit
2017-11-28 07:12:00 -06:00
244acc48b6
Land #9212 , pfsense group member exec module
2017-11-27 11:27:29 -06:00
43ff4f12e5
update docs
2017-11-22 06:57:35 -05:00
b5994bde79
Update pfsense_clickjacking.md
2017-11-22 11:10:47 +01:00
5b5c5520e6
Update pfsense_clickjacking.md
2017-11-22 11:09:54 +01:00
916ee05cce
Add exploit module for Clickjacking vulnerability in CSRF error page pfSense
2017-11-22 11:06:22 +01:00
73c692fb65
fix docs
2017-11-21 21:31:06 -05:00
879db5cf38
Land #9050 , @mpizala's improvements to the docker_daemon_tcp module
2017-11-21 17:13:24 -08:00
b6c81e6da0
Reimplement slowloris as external module
2017-11-21 16:21:01 -05:00
aa16288140
Update slow_loris.md
2017-11-21 15:49:45 -05:00
6d2007a4db
Update slow_loris.md
2017-11-21 15:49:44 -05:00
fbb9e9d473
Update slow_loris.md
2017-11-21 15:49:44 -05:00
4419c0d851
Create slow_loris.md
2017-11-21 15:49:44 -05:00
fcf2cfa134
Create office_ms17_11882.md
2017-11-21 14:45:56 -05:00
90d6165e68
bypass user namespaces docs
2017-11-19 22:10:39 +01:00
b7f7afb3be
version detect, 2.2.6 handling
2017-11-19 08:28:07 -05:00
40bb622b7a
update docs
...
Updating documentation
2017-11-18 13:07:24 -05:00
c3c8ec761d
Merge remote-tracking branch 'upstream/master'
2017-11-17 00:16:43 +05:30
74a1b405c4
action addition DOWNLOAD
2017-11-16 12:46:31 -05:00
f8891952c6
pfsense group member exec module
2017-11-15 21:00:58 -05:00
c740f4369c
Land #9197 , Cleanup Mako Server exploit
2017-11-15 15:01:31 -06:00
256bf5a5ca
Create polycom_hdx_traceroute_exec.md
2017-11-15 10:38:53 -05:00
54936b6ac3
Updatig documentation and tweaking initiate_session
2017-11-15 01:04:06 +03:00
86e47589b0
Add xplico remote code execution
2017-11-14 09:30:57 +03:00
44e69f1c5d
Documentation for Kaltura <= 13.1.0 RCE (CVE-2017-14143)
2017-11-14 02:46:29 +05:30
f3e2f4d500
Land #9167 , D-Link DIR-850L exploit
2017-11-10 18:15:39 -06:00
3936d3baa1
Clean up module
2017-11-10 18:15:22 -06:00
df2b62dc27
Add Mako Server CMD injection Linux support, update docs, move to multi
2017-11-10 16:28:39 -05:00
52888871e3
Land #8747 RCE for Geutebrueck GCore on Windows
2017-11-08 20:22:54 -05:00
7ad151e68b
gcore formatting update
2017-11-08 20:21:40 -05:00
39916ef61a
Land #9133 , Command injection in Mako Server examples
2017-11-08 15:11:01 -06:00
d95b333ae9
Added exploit module for HP LoadRunner command exec vuln CVE-2010-1549.
2017-11-09 03:59:18 +11:00
5a07be9b96
Land #9041 , Add LPE on Windows using CVE-2017-8464
2017-11-08 10:09:03 -06:00
19e3e181c1
Fix compiling instructions
2017-11-08 09:36:32 -06:00
fa8d017579
Change documentation from a first person context
2017-11-08 09:29:46 -05:00
11093b8393
Added documentation
2017-11-08 08:07:06 -06:00
fc87ee08d9
Land #9060 , IBM Lotus Notes DoS (CVE-2017-1130).
2017-11-07 11:20:12 -06:00
d770406049
Add docs
2017-11-07 10:58:28 -05:00
85b8b4116a
Create ibm_lotus_notes2.md
2017-11-07 12:08:08 +05:30
c9e3b8816b
remove old name
2017-11-04 13:53:04 -04:00
9236aff6ee
forgot to add my docs
2017-11-04 13:51:41 -04:00
646c7f7c0a
update doc
2017-11-04 11:40:32 -04:00
40bcb3f0c8
update documentation
2017-11-03 09:09:51 -04:00
697031eb36
mysql UDF now multi
2017-11-03 05:26:05 -04:00
caad1bbf27
Create dlink_dir850l_unauth_exec.md
2017-11-02 15:54:45 -04:00
e3ac6b8dc2
Land #9109 , wp-mobile-detector upload and execute
2017-11-01 13:25:16 -05:00
8613852ee8
Add Mako Server v2.5 command injection module/docs
2017-10-26 23:29:11 -04:00
cd35ae4661
Land #9106 negear dgn1000 unauth rce module
2017-10-22 22:18:53 -04:00
210f6f80b7
netgear1000dng cleanup
2017-10-22 22:17:40 -04:00
e9fdb5bd94
Create netgear_dgn1000_unauth_setup_exec.md
2017-10-22 16:54:06 -04:00
cfd7761818
wp_mobile_detector rce
2017-10-20 23:19:58 -04:00
9658776adf
Land #9079 , adding @h00die's gopher scanner
2017-10-20 17:16:08 -07:00
f250e15b6e
Land #9105 rename psh to polycom for name collision
2017-10-20 20:10:57 -04:00
fd028338e1
move psh to polycom so no more powershell name collision
2017-10-20 20:08:11 -04:00
5a6da487ab
Land #9043 two exploit modules for unitrends backup
2017-10-20 20:00:35 -04:00
e8de6a46d5
Update ueb9_bpserverd.md
2017-10-20 12:21:17 -06:00
f938a1029b
Make note about stopping container after
2017-10-20 10:30:12 -07:00
e82cb4577d
Show module selection + config
2017-10-20 10:12:46 -07:00
a8b4d4e4a2
Link to gopher container
2017-10-20 10:04:09 -07:00
811bae7361
Add docker go(pher) example
2017-10-20 09:59:25 -07:00
c67a5872cd
Land #9055 , Add exploit for Sync Breeze HTTP Server
...
Land #9055
2017-10-13 17:34:03 -05:00
297ca25953
fix IPs
2017-10-12 21:40:27 -04:00
a63c947768
gopher proto
2017-10-12 21:32:01 -04:00
8cfd4928ed
Land #9069 , Add docs for scanner/http/open_proxy
2017-10-11 23:08:07 -05:00
d0e65a4177
Land #9068 , add doc for auxiliary/scanner/http/files_dir
...
Land #9068
2017-10-11 17:13:26 -05:00
eaf686f164
Fix format
2017-10-11 17:12:45 -05:00
3a8a85bbe5
Land #9065 , add doc for auxiliary/scanner/http/http_login
...
Land #9065
2017-10-11 17:09:35 -05:00
fc40fe0da2
Fix format
2017-10-11 17:08:49 -05:00
2503d2ab2e
Land #9067 , add doc for auxiliary/scanner/http/http_header
...
Land #9067
2017-10-11 17:03:29 -05:00
17b4678998
Fix format
2017-10-11 17:02:41 -05:00
72291d31fb
Update open_proxy.md
2017-10-12 03:29:49 +05:30
17d7faa96b
fixing typos
2017-10-12 03:00:09 +05:30
294230c455
Land #8509 , add Winsxs bypass for UAC
2017-10-11 16:24:52 -05:00
978ede363e
Land #9066 , add doc for http_version
...
Land #9066
2017-10-11 15:39:44 -05:00
1786634906
Land #9059 , Tomcat JSP Upload via PUT Bypass
2017-10-11 15:05:00 -05:00
8b3cc2b94f
Tweak format
2017-10-11 14:14:56 -05:00
03e7797d6c
fixed msftidy errors and added documentation
2017-10-11 07:57:01 -04:00
1c8871cbe3
Documentation on auxiliary module open_proxy
2017-10-11 16:29:56 +05:30
579cfed5f4
Documentation on auxiliary module files_dir
2017-10-11 16:15:19 +05:30
fcf6a1ec96
Documentation on http_header
2017-10-11 15:30:43 +05:30
e526b37e81
Fixing whitespaces
2017-10-11 15:18:51 +05:30
ee3b638b48
Changing description
2017-10-11 15:17:54 +05:30
7f1f862dc2
KB for http_version
2017-10-11 15:14:22 +05:30
ffa29de6c9
Update bypassuac_injection_winsxs.md
2017-10-11 11:43:28 +02:00
d64312c24f
Changing description
2017-10-11 14:55:48 +05:30
9ebf8328ee
adding colon
2017-10-11 14:51:53 +05:30
26c45f4c74
adding new sub heading
2017-10-11 14:47:19 +05:30
3f411a5559
separating sections
2017-10-11 14:45:34 +05:30
9ceaa39451
removing whitespaces
2017-10-11 14:44:01 +05:30
064f4d56aa
adding label
2017-10-11 14:43:06 +05:30
d32edfd53e
Documentation for http_login
2017-10-11 14:39:05 +05:30
e976a91b15
land #9053 RCE for rend micro imsva
2017-10-10 19:27:06 -04:00
59d03ec4db
Added markdown doc for documentation.
2017-10-10 13:05:29 -05:00
ab63caef7b
Land #9009 , Apache Optionsbleed module
2017-10-10 12:13:40 -05:00
fd0ce33341
Updated Module Documentation
2017-10-10 12:36:32 -04:00
850aeda097
land #9052 RCE of Trend Micro OfficeScan
2017-10-09 20:46:30 -04:00
a3d47ea838
Land #8989 , IBM Lotus Notes DoS (CVE-2017-1129)
2017-10-09 19:37:59 -05:00
b796c0be16
fixing docs
2017-10-09 20:31:23 -04:00
fd8b72ca66
Minor tweaks.
2017-10-09 17:02:24 -05:00
a2d32b460c
Fixing grammer issue
2017-10-09 22:31:13 +03:00
c14c93d450
Integrate OfficeScan 11 exploitation and fix grammer issues
2017-10-09 22:11:42 +03:00
395c82050b
Adding Trend Micro IMSVA Widget RCE
2017-10-08 18:15:32 +03:00
79c9123261
Adding Trend Micro OfficeScan widget rce module
2017-10-08 17:54:18 +03:00
d8ff99b1f6
Change to ARCH_X64, remove python dependency
2017-10-08 13:51:07 +02:00
015e30c4f3
land #9048 docs for xmas portscan
2017-10-07 15:50:41 -04:00
d28b023058
Update xmas.md
...
added requested changes.
2017-10-08 00:16:43 +05:30
7a87e11767
land #8781 Utilize Rancher Server to exploit hosts
2017-10-07 13:04:34 -04:00
fa98fe4fe6
Update xmas.md
...
removed blank spaces.
2017-10-07 14:20:19 +05:30
0e6843eae1
Update xmas.md
2017-10-07 04:40:28 -04:00
3092ad9ea0
Documentation for auxiliary/scanner/portscan/xmas
2017-10-07 04:23:40 -04:00
7535fe255f
land #8736 RCE for orientdb
2017-10-06 14:35:42 -04:00
Tod Beardsley
Jon Hart
Ryan Knell
William Vu
Pearce Barry
RootUp
Brent Cook
h00die
Nicholas Starke
Wei Chen
Matthew Kienow
mr_me
Chris Higgins
Austin
William Webb
Brendan Coles
bwatters-r7
Zenofex
Yorick Koster
Daniel Teixeira
Martin Pizala
Pushpam Kumar
Adam Cammack
Mehmet İnce
Steven Patterson
Patrick Webster
Spencer McIntyre
attackdebris
Steven Patterson
caleBot
Indranil Roy
Jeffrey Martin
root
Ernesto Fernandez
jakxx
Deepanshu Gajbhiye