Commit Graph

1635 Commits (e7ac2cd155d74b4f79bb91ca2693960b076c2503)

Author SHA1 Message Date
William Vu 3936d3baa1 Clean up module 2017-11-10 18:15:22 -06:00
Steven Patterson df2b62dc27
Add Mako Server CMD injection Linux support, update docs, move to multi 2017-11-10 16:28:39 -05:00
h00die 52888871e3
Land #8747 RCE for Geutebrueck GCore on Windows 2017-11-08 20:22:54 -05:00
h00die 7ad151e68b gcore formatting update 2017-11-08 20:21:40 -05:00
Adam Cammack 39916ef61a
Land #9133, Command injection in Mako Server examples 2017-11-08 15:11:01 -06:00
Patrick Webster d95b333ae9 Added exploit module for HP LoadRunner command exec vuln CVE-2010-1549. 2017-11-09 03:59:18 +11:00
bwatters-r7 5a07be9b96
Land #9041, Add LPE on Windows using CVE-2017-8464 2017-11-08 10:09:03 -06:00
bwatters-r7 19e3e181c1 Fix compiling instructions 2017-11-08 09:36:32 -06:00
Spencer McIntyre fa8d017579 Change documentation from a first person context 2017-11-08 09:29:46 -05:00
bwatters-r7 11093b8393 Added documentation 2017-11-08 08:07:06 -06:00
Pearce Barry fc87ee08d9
Land #9060, IBM Lotus Notes DoS (CVE-2017-1130). 2017-11-07 11:20:12 -06:00
attackdebris d770406049 Add docs 2017-11-07 10:58:28 -05:00
RootUp 85b8b4116a
Create ibm_lotus_notes2.md 2017-11-07 12:08:08 +05:30
h00die c9e3b8816b remove old name 2017-11-04 13:53:04 -04:00
h00die 9236aff6ee forgot to add my docs 2017-11-04 13:51:41 -04:00
Austin 646c7f7c0a
update doc 2017-11-04 11:40:32 -04:00
Austin 40bcb3f0c8
update documentation 2017-11-03 09:09:51 -04:00
h00die 697031eb36 mysql UDF now multi 2017-11-03 05:26:05 -04:00
Austin caad1bbf27
Create dlink_dir850l_unauth_exec.md 2017-11-02 15:54:45 -04:00
William Vu e3ac6b8dc2
Land #9109, wp-mobile-detector upload and execute 2017-11-01 13:25:16 -05:00
Steven Patterson 8613852ee8
Add Mako Server v2.5 command injection module/docs 2017-10-26 23:29:11 -04:00
h00die cd35ae4661
Land #9106 negear dgn1000 unauth rce module 2017-10-22 22:18:53 -04:00
h00die 210f6f80b7 netgear1000dng cleanup 2017-10-22 22:17:40 -04:00
Austin e9fdb5bd94 Create netgear_dgn1000_unauth_setup_exec.md 2017-10-22 16:54:06 -04:00
h00die cfd7761818 wp_mobile_detector rce 2017-10-20 23:19:58 -04:00
Jon Hart 9658776adf
Land #9079, adding @h00die's gopher scanner 2017-10-20 17:16:08 -07:00
h00die f250e15b6e
Land #9105 rename psh to polycom for name collision 2017-10-20 20:10:57 -04:00
h00die fd028338e1 move psh to polycom so no more powershell name collision 2017-10-20 20:08:11 -04:00
h00die 5a6da487ab
Land #9043 two exploit modules for unitrends backup 2017-10-20 20:00:35 -04:00
caleBot e8de6a46d5 Update ueb9_bpserverd.md 2017-10-20 12:21:17 -06:00
Jon Hart f938a1029b
Make note about stopping container after 2017-10-20 10:30:12 -07:00
Jon Hart e82cb4577d
Show module selection + config 2017-10-20 10:12:46 -07:00
Jon Hart a8b4d4e4a2
Link to gopher container 2017-10-20 10:04:09 -07:00
Jon Hart 811bae7361
Add docker go(pher) example 2017-10-20 09:59:25 -07:00
Wei Chen c67a5872cd
Land #9055, Add exploit for Sync Breeze HTTP Server
Land #9055
2017-10-13 17:34:03 -05:00
h00die 297ca25953 fix IPs 2017-10-12 21:40:27 -04:00
h00die a63c947768 gopher proto 2017-10-12 21:32:01 -04:00
William Webb 8cfd4928ed
Land #9069, Add docs for scanner/http/open_proxy 2017-10-11 23:08:07 -05:00
Wei Chen d0e65a4177
Land #9068, add doc for auxiliary/scanner/http/files_dir
Land #9068
2017-10-11 17:13:26 -05:00
Wei Chen eaf686f164
Fix format 2017-10-11 17:12:45 -05:00
Wei Chen 3a8a85bbe5
Land #9065, add doc for auxiliary/scanner/http/http_login
Land #9065
2017-10-11 17:09:35 -05:00
Wei Chen fc40fe0da2
Fix format 2017-10-11 17:08:49 -05:00
Wei Chen 2503d2ab2e
Land #9067, add doc for auxiliary/scanner/http/http_header
Land #9067
2017-10-11 17:03:29 -05:00
Wei Chen 17b4678998
Fix format 2017-10-11 17:02:41 -05:00
Indranil Roy 72291d31fb Update open_proxy.md 2017-10-12 03:29:49 +05:30
itsmeroy2012 17d7faa96b fixing typos 2017-10-12 03:00:09 +05:30
bwatters-r7 294230c455
Land #8509, add Winsxs bypass for UAC 2017-10-11 16:24:52 -05:00
Wei Chen 978ede363e
Land #9066, add doc for http_version
Land #9066
2017-10-11 15:39:44 -05:00
Jeffrey Martin 1786634906
Land #9059, Tomcat JSP Upload via PUT Bypass 2017-10-11 15:05:00 -05:00
Wei Chen 8b3cc2b94f Tweak format 2017-10-11 14:14:56 -05:00
root 03e7797d6c fixed msftidy errors and added documentation 2017-10-11 07:57:01 -04:00
itsmeroy2012 1c8871cbe3 Documentation on auxiliary module open_proxy 2017-10-11 16:29:56 +05:30
itsmeroy2012 579cfed5f4 Documentation on auxiliary module files_dir 2017-10-11 16:15:19 +05:30
itsmeroy2012 fcf6a1ec96 Documentation on http_header 2017-10-11 15:30:43 +05:30
itsmeroy2012 e526b37e81 Fixing whitespaces 2017-10-11 15:18:51 +05:30
itsmeroy2012 ee3b638b48 Changing description 2017-10-11 15:17:54 +05:30
itsmeroy2012 7f1f862dc2 KB for http_version 2017-10-11 15:14:22 +05:30
Ernesto Fernandez ffa29de6c9 Update bypassuac_injection_winsxs.md 2017-10-11 11:43:28 +02:00
itsmeroy2012 d64312c24f Changing description 2017-10-11 14:55:48 +05:30
itsmeroy2012 9ebf8328ee adding colon 2017-10-11 14:51:53 +05:30
itsmeroy2012 26c45f4c74 adding new sub heading 2017-10-11 14:47:19 +05:30
itsmeroy2012 3f411a5559 separating sections 2017-10-11 14:45:34 +05:30
itsmeroy2012 9ceaa39451 removing whitespaces 2017-10-11 14:44:01 +05:30
itsmeroy2012 064f4d56aa adding label 2017-10-11 14:43:06 +05:30
itsmeroy2012 d32edfd53e Documentation for http_login 2017-10-11 14:39:05 +05:30
h00die e976a91b15
land #9053 RCE for rend micro imsva 2017-10-10 19:27:06 -04:00
bwatters-r7 59d03ec4db
Added markdown doc for documentation. 2017-10-10 13:05:29 -05:00
William Vu ab63caef7b
Land #9009, Apache Optionsbleed module 2017-10-10 12:13:40 -05:00
jakxx fd0ce33341 Updated Module Documentation 2017-10-10 12:36:32 -04:00
h00die 850aeda097
land #9052 RCE of Trend Micro OfficeScan 2017-10-09 20:46:30 -04:00
Pearce Barry a3d47ea838
Land #8989, IBM Lotus Notes DoS (CVE-2017-1129) 2017-10-09 19:37:59 -05:00
h00die b796c0be16 fixing docs 2017-10-09 20:31:23 -04:00
Pearce Barry fd8b72ca66
Minor tweaks. 2017-10-09 17:02:24 -05:00
Mehmet Ince a2d32b460c
Fixing grammer issue 2017-10-09 22:31:13 +03:00
Mehmet Ince c14c93d450
Integrate OfficeScan 11 exploitation and fix grammer issues 2017-10-09 22:11:42 +03:00
Mehmet Ince 395c82050b
Adding Trend Micro IMSVA Widget RCE 2017-10-08 18:15:32 +03:00
Mehmet Ince 79c9123261
Adding Trend Micro OfficeScan widget rce module 2017-10-08 17:54:18 +03:00
Martin Pizala d8ff99b1f6
Change to ARCH_X64, remove python dependency 2017-10-08 13:51:07 +02:00
h00die 015e30c4f3
land #9048 docs for xmas portscan 2017-10-07 15:50:41 -04:00
Deepanshu Gajbhiye d28b023058 Update xmas.md
added requested changes.
2017-10-08 00:16:43 +05:30
h00die 7a87e11767
land #8781 Utilize Rancher Server to exploit hosts 2017-10-07 13:04:34 -04:00
Deepanshu Gajbhiye fa98fe4fe6 Update xmas.md
removed blank spaces.
2017-10-07 14:20:19 +05:30
Deepanshu Gajbhiye 0e6843eae1 Update xmas.md 2017-10-07 04:40:28 -04:00
Deepanshu Gajbhiye 3092ad9ea0 Documentation for auxiliary/scanner/portscan/xmas 2017-10-07 04:23:40 -04:00
h00die 7535fe255f
land #8736 RCE for orientdb 2017-10-06 14:35:42 -04:00
h00die e7aa06c1c4 fix documentation 2017-10-06 14:29:39 -04:00
caleBot 36610b185b initial commit for UEB9 exploits - CVE-2017-12477, CVE-2017-12478 2017-10-06 09:38:33 -06:00
M4P0 7fe750422e Update geutebrueck_gcore_x64_rce_bo.md 2017-10-06 15:41:12 +02:00
Maurice Popp 770547269b added documentation, and fixed 4 to 2 indentation 2017-10-06 15:39:25 +02:00
Brent Cook c701a53def
Land #9018, Add Bind Shell JCL Payload for z/OS 2017-10-05 17:24:50 -05:00
h00die c5cc2f89a0 add docs for wlan_geolocate 2017-10-01 19:49:48 -04:00
Martin Pizala 701d628a1b
Features for selecting the target 2017-10-01 02:04:10 +02:00
bigendiansmalls 9ae8bdda1c
Added Bind Shell JCL Payload for mainframe
The bind shell is the companion payload to the reverse_shell_jcl
payload for the mainframe platform.
2017-09-29 16:52:36 -05:00
William Vu 9b75ef7c36
Land #8343, qmail Shellshock module 2017-09-29 00:28:30 -05:00
Martin Pizala f973ff13b6
Add some lines to Exploit Detection and Mitigation 2017-09-29 00:55:53 +02:00
Martin Pizala 40c58e3017 Function for selecting the target host 2017-09-28 23:43:59 +02:00
Martin Pizala cc98e80002
Change arch to ARCH_X64 2017-09-28 20:50:18 +02:00
RootUp 26108f5ac9 Create ibm_lotus_notes.md 2017-09-28 10:31:42 -05:00
h00die 2295146dcd working optionsbleed module 2017-09-27 22:07:57 -04:00
bwatters-r7 66d6ac418a
Land #8978, Add smb1 scanner 2017-09-26 16:06:41 -05:00
William Vu 98ae054b06
Land #8931, Node.js debugger exploit 2017-09-25 14:00:13 -05:00
h00die 273d49bffd
Land #8891 login scanner for Inedo BuildMaster 2017-09-24 13:30:17 -04:00
h00die e6c4a87bda documentation update 2017-09-24 13:29:34 -04:00
h00die 4d1e51a0ff
Land #8906 RCE for supervisor 2017-09-24 08:03:30 -04:00
h00die 9528f279a5 cleaned up version, and docs 2017-09-23 10:51:52 -04:00
Mehmet Ince 3d543b75f5
Fixing typos and replacing double quotes with single 2017-09-21 23:48:12 +03:00
Mehmet Ince ee969ae8e5
Adding DenyAll RCE module 2017-09-19 14:53:37 +03:00
loftwing c584592a4b Remove leftover IPs in docs 2017-09-18 15:12:42 -05:00
loftwing c953842c96 Added docs and additional dialects 2017-09-18 15:02:38 -05:00
William Webb d5362333e2
Land #8958, Add Disk Pulse Enterprise web server buffer overflow 2017-09-15 13:34:22 -05:00
loftwing e3deaadcc7 Documentation added 2017-09-14 11:52:15 -05:00
Craig Smith b218cc3c7f Merge branch 'master' into hw_auto_padding_fix 2017-09-11 18:30:34 -07:00
Craig Smith 363e11850b Added FC to documentation 2017-09-11 18:29:27 -07:00
Martin Pizala 5ae708081d
Wording, reviewer remarks 2017-09-11 23:25:10 +02:00
h00die fc52ef9941
Land #8942 docs for syn port scanner 2017-09-10 10:03:34 -04:00
h00die ddfa1d722b fixed grammar 2017-09-10 10:02:07 -04:00
james 861f4a6201 Changes to buildmaster_login from code review
Use peer property in messages instead of rhost rport combination for consistency.
Documentation updated accordingly.
2017-09-09 18:00:04 -05:00
Deepanshu Gajbhiye 4ec72d7091 Update syn.md 2017-09-09 20:15:13 +05:30
Deepanshu Gajbhiye 8138396ab5 Update syn.md 2017-09-09 13:28:18 +05:30
Brent Cook 8f864c27e3
Land #8924, Add Apache Struts 2 REST Plugin XStream RCE 2017-09-08 13:59:52 -05:00
Brent Cook 54a62976f8 update versions and add quick module docs 2017-09-08 13:59:29 -05:00
dmohanty-r7 c91ef1f092
Land #8768, Add Docker Daemon TCP exploit module 2017-09-08 12:50:00 -05:00
Deepanshu Gajbhiye 35ecc822f1 Update syn.md 2017-09-08 13:23:30 +05:30
Deepanshu Gajbhiye bead7374de syn.md
documentation for syn portscan
2017-09-08 02:57:46 -04:00
Brent Cook a0181a4d54
Land #8831, Add Maven post-exploitation credential extraction module
Merge remote-tracking branch 'upstream/pr/8831' into upstream-master
2017-09-08 00:37:03 +02:00
Brent Cook c67e407c9c
Land #8880, added Cisco Smart Install (SMI) scanner 2017-09-07 08:06:03 -05:00
Brent Cook a304df265c fix spelling 2017-09-07 08:02:30 -05:00
Patrick Thomas 637b83a0ea add docs for nodejs debugger eval exploit 2017-09-06 22:29:46 -07:00
h00die be66ed8af3
Land #8788 exploits for Gh0st and PlugX malware controllers 2017-09-05 20:42:07 -04:00
h00die d05c401866 modules cleanup and add docs 2017-09-04 20:57:23 -04:00
Calum Hutton 52c8fff3cb Make options a list 2017-08-30 03:10:46 +01:00
Calum Hutton 42ab00fd2c Add documentation for module 2017-08-30 03:10:46 +01:00
Brent Cook 202c936868
Land #8826, git submodule remote command execution 2017-08-29 18:11:32 -05:00
Brent Cook 8928197584 rename module docs so they are viewable 2017-08-29 18:09:30 -05:00
Pearce Barry d5124fdc94
Land #8759, Add TeamTalk Gather Credentials auxiliary module 2017-08-29 13:17:28 -05:00
Tim e1b38ac3a3 fix malicious typo 2017-08-29 17:52:51 +08:00
Tim 5631ddc246 add docs for the git submodule vulnerability 2017-08-29 17:06:30 +08:00
james 5bf1d916bc Fix uneven quotes in various documentation files
Uneven quotes lead to malformed markdown, which will not render as intended.
Even out the quotes in several files.
2017-08-26 19:12:48 -05:00
james f785fe63ad Grammar fix in buildmaster_login documentation 2017-08-26 18:35:13 -05:00
james 2e9d7cdf0a Documentation formatting fix for buildmaster_login 2017-08-26 18:23:00 -05:00
james 7dfde651ea Add login scanner module for Inedo BuildMaster
This module attempts to log into BuildMaster. BuildMaster is an application release automation tool.

More information about BuildMaster:
http://inedo.com/
2017-08-26 17:56:53 -05:00
Erik Lenoir 682851ac59 Edit doc 2017-08-25 18:28:24 +02:00
h00die 899c2cc6fa
Land #8866 tcp scanner docs 2017-08-23 20:23:51 -04:00
h00die a54ef94c79 style fixes 2017-08-23 20:20:31 -04:00
Deepanshu Gajbhiye 0fac36c2af Update tcp.md 2017-08-23 10:36:56 +05:30
Deepanshu Gajbhiye 99dfc9901c Update tcp.md
Adding documentation for tcp module
2017-08-23 10:36:08 +05:30
Deepanshu Gajbhiye d254da5150 Update tcp.md 2017-08-23 10:23:28 +05:30
Deepanshu Gajbhiye 6fb90640b9 Update tcp.md 2017-08-23 10:02:21 +05:30
William Vu 4c285c0129
Land #8827, QNAP Transcode Server RCE 2017-08-22 23:07:01 -05:00
h00die a0585dcb9e
Land #8872 docs for octopusdeploy_deploy 2017-08-22 21:36:44 -04:00
Jon Hart e4fc307ebb
Add docs 2017-08-22 15:12:02 -07:00
Erik Lenoir be2739d335 Transform loots into creds 2017-08-22 11:57:51 +02:00
james 7f8e6b83dc Update documentation for exploit/windows/http/octopusdeploy_deploy
Remove self explanatory options.
2017-08-21 19:47:24 -05:00
james 60215297be Update documentation for exploit/windows/http/octopusdeploy_deploy
Fix awkward wording.
2017-08-21 19:17:41 -05:00
james de9392995a Add documentation for exploit/windows/http/octopusdeploy_deploy 2017-08-21 19:11:36 -05:00
Deepanshu Gajbhiye 8f4fcb5094 tcp.md
This module does a complete full tcp scan of each port on the target host. It does a full 3 way handshake on each port.
2017-08-21 13:09:12 -04:00
Brent Cook eabe4001c2
Land #8492, Add IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution module 2017-08-20 18:48:22 -05:00
Brent Cook cbd7790e95
Land #8751, Add Asterisk Gather Credentials auxiliary module 2017-08-20 18:34:27 -05:00
Brent Cook 840c0d5f56
Land #7808, add exploit for VMware VDP with known ssh private key (CVE-2016-7456) 2017-08-20 17:36:45 -05:00
Brent Cook f7dc831e9a
Land #8799, Add module to detect Docker, LXC, and systemd-nspawn containers 2017-08-20 14:45:57 -05:00
Brent Cook 2eba188166
Land #8789, Add COM class ID hijack method for bypassing UAC 2017-08-20 13:57:17 -05:00
Erik Lenoir cde319a5ec Optim module and add doc 2017-08-18 19:30:41 +02:00
Jay Turla b0a4634b24 Update connect.md
Adding the command in installing gem "serialport".
2017-08-17 18:55:44 +08:00
Brendan Coles 3fcd248d3a Add documentation 2017-08-17 09:51:09 +00:00
Tim 648dca7bdb fix silly documentation mistake 2017-08-17 14:43:58 +08:00
james 1c44092ba9 Add module documentation for post/linux/gather/checkcontainer 2017-08-16 21:15:56 -05:00
OJ 408a83a36b
Added comhijack module documentation 2017-08-16 13:05:27 +10:00
Erik Lenoir 6ac8ed490b Add documentation file 2017-08-15 16:56:20 +02:00
Brendan Coles 60f7534969 Add documentation 2017-08-15 03:43:22 +00:00
Brent Cook 68f569d8f5
Land #8809, Add documentation for OSX meterpreter 2017-08-13 09:31:28 -04:00
William Vu 4315c2d8ea
Land #8802, single-char args for terp scripts 2017-08-10 01:29:55 -05:00
Pearce Barry bb5fffebc4
Land #8796, SMBLoris Denial of Service Module. 2017-08-09 16:24:55 -05:00
Pearce Barry 901a1fdd1b
Minor tweaks. 2017-08-09 15:44:32 -05:00
bwatters-r7 dd79aa3afb
Land #8627, Add post module multi/gather/jenkins 2017-08-09 10:43:21 -05:00
Tim 9c87f5f52f commands should be highlighted 2017-08-08 12:45:39 +08:00
Tim eb3e07ee10 minor tweak since background is default now 2017-08-08 12:37:28 +08:00
Tim 61bb59d653 fix typos 2017-08-08 12:31:30 +08:00
Tim 0fde536691 add documentation for OSX meterpreter 2017-08-08 12:26:22 +08:00
Tim 46ca543712 add docs for Android APK injection 2017-08-07 15:56:48 +08:00
Josh Hale ed2286c637 Fix references to multi_console_command 2017-08-06 18:58:38 -05:00
Pearce Barry e1576154fb Document the new padding option. 2017-08-06 18:34:56 -05:00
David Maloney 289f03241b
add module documentation
add module docs for the new smbloris DoS
2017-08-04 16:10:44 -05:00
Brent Cook da3ca9eb90 update some documentation 2017-08-03 17:09:44 -05:00
Yorick Koster 67dddd2402 Typo reported by @nixawk 2017-08-02 15:47:21 -05:00
Yorick Koster 3229320ba9 Code review feedback from @nixawk 2017-08-02 15:46:51 -05:00
Yorick Koster 565a3355be CVE-2017-8464 LNK Remote Code Execution Vulnerability
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain a dynamic icon, loaded from a
malicious DLL.

This vulnerability is a variant of MS15-020 (CVE-2015-0096). The
created LNK file is similar except in an additional
SpecialFolderDataBlock is included. The folder ID set in this
SpecialFolderDataBlock is set to the Control Panel. This is enought to
bypass the CPL whitelist. This bypass can be used to trick Windows into
loading an arbitrary DLL file.
2017-08-02 15:46:30 -05:00
Martin Pizala d7d64286e2
Add documentation for exploit module Rancher Server - Docker Exploit 2017-07-28 08:04:59 +02:00
Brendan Coles 798dfe0b88 Add documentation 2017-07-26 10:18:23 +00:00
Martin Pizala dd0c78484a
Fix mistake 2017-07-26 02:17:51 +02:00
Martin Pizala cd418559bc
Docker Daemon - Unprotected TCP Socket Exploit 2017-07-26 00:21:35 +02:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
Ricardo Almeida fe5c6dc28f
Orientdb 2.2.x RCE - Update documentation 2017-07-24 10:09:06 +01:00
Brent Cook 7c55cdc1c8 fix some module documentation
3 modules got documentation landed in the wrong spot. This also fixes a few
typos and improves formatting.
2017-07-23 07:46:52 -07:00
Pearce Barry 6bb745744b
Land #8471, Add VICIdial user_authorization Unauthenticated Command Execution module 2017-07-21 15:57:08 -05:00
Ricardo Almeida 00a817d228
Orientdb 2.2.x RCE - Add documentation 2017-07-20 09:03:26 +01:00
bwatters-r7 ffad0d1bbf
Land #8559, Ipfire oinkcode exec 2017-07-19 14:31:18 -05:00
thesubtlety 47f55b1c81 add documentation 2017-07-18 21:30:53 -04:00
Jon Hart e93e524c3b
Merge branch 'upstream-master' into feature/rdp-scanner 2017-07-17 13:46:59 -07:00
Jon Hart e5ef737c21
Add documentation 2017-07-17 13:45:12 -07:00
David Maloney 8f6cac9c37
Land #8652, rpc console write exploit
lands pr for the metasploit rpc console write exploit
2017-07-14 14:47:35 -05:00
bwatters-r7 de230478eb
Land #8566, Add ye olde NNTP Login Utility scanner module 2017-07-13 13:19:34 -05:00
Pearce Barry 59de7d3635
Land #8671, Add a module for CVE-2017-7615 2017-07-12 14:58:02 -05:00
Corey Harding 6cb956ea81 Update rfpwnon.md 2017-07-09 05:07:36 -04:00
jvoisin f10cf75ae0 Fix some stuff 2017-07-09 10:45:15 +02:00
jvoisin e1b9330136 Add some documentation 2017-07-09 02:25:11 +02:00
Pearce Barry e3f95954ba Minor doc update. 2017-07-07 16:54:56 -05:00
Brendan Coles 95ba5d61ce Move documentation to correct folder 2017-07-07 16:54:56 -05:00
Brendan Coles 8e2ff7a4c5 Add command stager and code cleanup 2017-07-07 16:54:56 -05:00
dmohanty-r7 8f464e17a1
Land #8658, Add Gather PDF Authors auxiliary module 2017-07-07 16:20:29 -05:00
Brendan Coles afc704aea5 Ad documentation 2017-07-07 18:54:48 +00:00
Brent Cook f4820d24fb add a few more AKA references 2017-07-06 22:43:46 -05:00
Brent Cook b0c5d734ee
s/swith/switch/ - ok @bcoles 2017-07-06 07:03:06 -05:00
Brendan Coles baff473cae Add Metasploit RPC Console Command Execution module 2017-07-05 08:48:35 +00:00
dmohanty-r7 aa387e96a7
Land #8577, Add SurgeNews User Credentials scanner 2017-07-03 10:14:03 -05:00
Pearce Barry a2602bf514
Land #8600, Add GoAutoDial 3.3 RCE Command Injection / SQL injection module 2017-06-30 17:32:51 -05:00
Pearce Barry 3d4d03c9b4
Land #8575, Cerberus Helpdesk hash disclosure 2017-06-30 16:02:53 -05:00
Pearce Barry 71b2ddaa2c
Minor doc tweaking. 2017-06-30 15:53:27 -05:00
Brent Cook 796fe99744
update docs to note that cluster mode is not necessary to exploit 2017-06-30 11:26:35 -04:00
Brent Cook 40f0d36f6b
Land #8615, add @artkond's DoS module for Cisco CVE-2017-3881 2017-06-30 11:17:09 -04:00
William Webb 6349026134
Land #8442, Exploit module for Backup Exec Windows Agent UaF 2017-06-28 10:39:28 -05:00
Brent Cook 0d9f57ad7c add @artkond's DoS module for Cisco CVE-2017-3881
This makes a few improvements, adds module docs.
2017-06-27 01:53:23 -05:00
Brent Cook 05c72214ae
Land #8205, Add Satel SenNet Command Exec Module 2017-06-25 18:01:44 -05:00
Rob Fuller 2918b3af13
Land #8599, Dynamic DNS updater module 2017-06-25 15:08:22 -05:00
Rob Fuller 24fe6ac0fe Update dns_dyn_update.md 2017-06-24 17:07:56 -05:00
h00die cc9326d946 bcoles updates and table printing 2017-06-24 13:01:39 -04:00
Brendan Coles f259682f12 Add documentation 2017-06-23 12:40:53 +00:00
dmohanty-r7 18410d8230
Land #8540, Add Symantec Messaging Gateway RCE 2017-06-22 19:00:32 -05:00
Brent Cook 5e48a11e60 handle specific exceptions, update docs 2017-06-22 18:01:52 -05:00
Brent Cook 6a261b172f move from scanner to admin 2017-06-22 17:47:04 -05:00
Brent Cook cdf0091962 fixup docs 2017-06-22 16:07:34 -05:00
KINGSABRI 2410a3232f Adding DNS Server Dynamic Update Record Injection module 2017-06-22 15:41:25 -05:00
Brent Cook 4fdd77f19a
Land #8051, Add Netgear DGN2200v1/v2/v3/v4 Command Injection Module 2017-06-22 11:46:40 -05:00
Pearce Barry 24d9bec0ae
Land #8260, OpManager Version Check 2017-06-20 17:58:10 -05:00
Pearce Barry 700d392106
Add markdown docs. 2017-06-20 17:45:44 -05:00
Pearce Barry 3cd28b28e2
Land #8569, Add ability to specify API token instead of password 2017-06-19 17:42:35 -05:00
Pearce Barry 58cd432120
Added docs, minor code tweak to remove duplication. 2017-06-19 17:35:41 -05:00
h00die 071dc09b1f fix spelling 2017-06-19 10:31:24 -05:00
mccurls 19ceb53304 Modified payload handling and uploaded documentation 2017-06-18 02:04:22 +10:00
Brendan Coles b82051757d Add SurgeNews User Credentials scanner module 2017-06-17 01:49:47 +00:00
h00die 41e96f9ff1 updated docs 2017-06-16 20:54:25 -04:00
h00die f008f2aa8f working code 2017-06-16 08:24:54 -04:00
Brendan Coles 414f440d62 Add documentation 2017-06-15 21:12:09 +00:00
h00die 46ffd250a0 module working and docs 2017-06-14 21:15:56 -04:00
Brendan Coles 0766f92013 Add option for workspace 2017-06-13 12:46:36 +00:00
William Vu bb9d1a6768
Land #8507, Riverbed SteelHead VCX file read 2017-06-12 10:39:48 -05:00
Mehmet Ince 6ae540d889
Adding Symantec messaging gateway rce 2017-06-10 12:23:12 +03:00
Brendan Coles f326014483 Add documentation 2017-06-10 09:01:20 +00:00
bwatters-r7 99fa52e660
Land #8434, Add Windows 10 Bypassuac fodhelper module 2017-06-07 11:15:01 -05:00
Brent Cook bac17a8e80
Land #8053, Add DC/OS Marathon UI Exploit 2017-06-06 09:29:26 -05:00
Brent Cook 385daddb9d
Land #8499, doc header consistency fixes 2017-06-05 17:40:15 -05:00
Pearce Barry bc3b883758
Add docs, fix typo, add missing report mixin to avoid error. 2017-06-05 13:49:59 -05:00
h00die ea5db9a039 working module 2017-06-02 23:09:19 -04:00
Brendan Coles 24505f91de Add documentation 2017-06-01 06:03:10 +00:00
h00die 4eb86cae99 add L3 header for version under scenarios 2017-05-31 21:22:44 -04:00
h00die 1c23be91a7 sample output to scenarios conversion in docs 2017-05-31 21:21:38 -04:00
h00die 44c9292f92
Land #8485 docs for snare_registry 2017-05-31 20:51:01 -04:00
h00die 609b131e46
Land #8482 docs for processmaker_exec 2017-05-31 20:39:43 -04:00
Brendan Coles 31975b49ec Update docs 2017-05-31 02:04:40 +00:00
Brendan Coles 30f652eb5c Update docs 2017-05-31 01:46:18 +00:00
wolfthefallen bac23757a4 Updated based on busterb comments 2017-05-30 09:33:03 -04:00
Brendan Coles 5042b04ff8 Add documentation 2017-05-30 09:29:01 +00:00
Brendan Coles 475510787d Add documentation 2017-05-30 08:40:57 +00:00
Brent Cook a01a2ead1a
Land #8467, Samba CVE-2017-7494 Improvements 2017-05-30 00:15:03 -05:00
Brent Cook 28fb5cc7da spelling 2017-05-30 00:14:33 -05:00
h00die 5698896672
Land #8323 wordpress pre4.6 dos 2017-05-29 07:59:43 -04:00
h00die eb87185e25 fixed up docs format 2017-05-29 07:59:06 -04:00
root 72a5142e37 Update directory traversal DoS module and docs 2017-05-29 00:30:23 +02:00
Brendan Coles 2c3d5bd786 Add documentation 2017-05-28 04:51:39 +00:00
Brendan Coles dfb5806dcb Add documentation 2017-05-28 03:08:45 +00:00
William Webb d4ba28a20b
Land #8457, Update multi/fileformat/office_word_macro to allow custom templates 2017-05-26 15:09:23 -05:00
h00die b3a5a8840b added ubuntu information 2017-05-26 14:10:26 -04:00
root 33ddef9303 Add documentation, add configurable depth path 2017-05-26 16:14:03 +02:00
wchen-r7 ee13195760 Update office_word_macro exploit to support template injection 2017-05-25 15:53:45 -05:00
h00die e8a34c5797 updates to docs 2017-05-25 16:53:39 -04:00
h00die 98ad754475 updated OJ info and wvu ubuntu box 2017-05-25 08:09:37 -04:00
h00die b1514fcbc0 docs 2017-05-24 22:18:46 -04:00
juushya af4eafdf70 Updated module and doc 2017-05-24 06:33:08 +05:30
Matthew Daley d530c49645 Add documentation for CVE-2017-8895 exploit module 2017-05-24 00:28:37 +12:00
Jeffrey Martin b7b1995238
Land #8274, Wordpress admin upload `check` 2017-05-22 22:08:32 -05:00
Brent Cook 47d2917a5f
Land #8418, Add docs for 3 smb related aux modules 2017-05-22 22:04:22 -04:00
amaloteaux 2fbbc98b5d document little trick for those who read :) 2017-05-22 19:50:40 +01:00
amaloteaux 93bb47d546 msftidy fix 2017-05-22 19:27:15 +01:00
amaloteaux 6f1f630b0e add documentation 2017-05-22 19:17:26 +01:00
William Webb 467f1ce0ca
Land #8411, Buffer overflow in VXSearch Enterprise v9.5.12 2017-05-22 07:37:31 -05:00
h00die ae0fd66d91 smb docs looking good 2017-05-19 16:10:22 -04:00
h00die 48b85e9ad3 added info on pr flag for nmap 2017-05-19 13:10:01 -04:00
h00die 34f724cbc1 first add 2017-05-19 12:55:04 -04:00
Renato Piccoli 3203937811 Added a confirmation tip, using nmap. 2017-05-19 00:52:23 +02:00
Renato Piccoli 99eaffd232 Formatting fix (my bad).
[*] Start msfconsole
[*] use the module
[*] info -d
[ ] Verify spelling and grammar
2017-05-19 00:18:08 +02:00
Renato Piccoli dc436805bf doc for arp_sweep aux scanner discovery mod #8296 2017-05-18 22:54:29 +02:00
Daniel Teixeira ca6b00161d VX Search Enterprise GET Buffer Overflow Doc 2017-05-18 17:12:10 +01:00
wchen-r7 c0bf2cc6e7 Land #8401, Buffer Overflow on Sync Breeze Enterprise 9.4.28 2017-05-17 23:39:50 -05:00
wchen-r7 3360171977 Land #8319, Add exploit module for Mediawiki SyntaxHighlight extension 2017-05-17 23:23:50 -05:00
wchen-r7 1cc00b2944 Add vulnerable setup info in mediawiki_syntaxhighlight.md 2017-05-17 23:23:00 -05:00
wchen-r7 ca1f8da7e5 Get around encoding issues in mediawiki_syntaxhighlight.md 2017-05-17 22:50:56 -05:00
James Lee b78749bc1b
Land #8221, move autoroute 2017-05-17 15:17:45 -05:00
Daniel Teixeira 57eac49222 Add files via upload 2017-05-17 10:52:36 +01:00
William Webb 7e2dab4ddc
Land #8303, Buffer Overflow on Dupscout Enterprise v9.5.14 2017-05-17 01:04:59 -05:00
William Vu 21e741b530
Comment out x86 targets in ms17_010_eternalblue.md
Still under development.
2017-05-16 19:52:44 -05:00
wchen-r7 11da7c7c81 Land #8394, Add Moxa Credential Recovery Module 2017-05-16 16:45:22 -05:00
wchen-r7 77a9676efb Land #8347, Add Serviio Media Server checkStreamUrl Command Execution 2017-05-16 16:20:39 -05:00
James Lee e3f4cc0dfd
Land #8345, WordPress PHPMailer Exim injection
CVE-2016-10033
2017-05-16 15:07:21 -05:00
wchen-r7 e62fc3e93c Land #8376, Add BuilderEngine 3.5 Arbitrary file upload & exec exploit 2017-05-16 14:53:32 -05:00
William Vu 3893bc4d83 Update doc with new prestager command 2017-05-16 14:48:12 -05:00
wchen-r7 2ed8ae11b4 Add doc and make minor changes 2017-05-16 14:47:19 -05:00
William Vu eff4914240
Land #8381, ETERNALBLUE exploit (to be continued) 2017-05-16 12:19:45 -05:00
Patrick DeSantis 77dd3d19b9 add moxa credentials recovery module documentation 2017-05-16 10:22:50 -04:00
Gabriel Follon 4e3d5fa8a3 Added docs 2017-05-16 13:06:09 +02:00
William Vu 8021b209ba Update doc with new usage
Also kick version down to 4.6, since I wasn't using the tag originally.
2017-05-15 21:28:41 -05:00
William Vu 2055bf8f65 Add note about PHPMailer being bundled 2017-05-15 14:29:11 -05:00
William Webb 85d99d8cf1
Land #8373, Add documentation for VMWare aux modules 2017-05-14 22:17:01 -05:00
zerosum0x0 e3dcf0ab2d added docs 2017-05-14 19:22:26 -06:00
Brent Cook 8be51bb56b
Land #8372, rservice documentation 2017-05-14 19:31:55 -05:00
h00die fb236df18f added AIX reference 2017-05-12 19:15:00 -04:00
h00die 5d2b4e0fdb links, and spelling 2017-05-12 19:10:37 -04:00
h00die af4505a9de
land #8009 post module for jboss creds gather 2017-05-11 22:39:54 -04:00
h00die 6fa51aee8f moving docs to correct folder 2017-05-11 22:33:00 -04:00
h00die ea232cb39f esx_fingerprint 2017-05-11 21:19:13 -04:00
h00die f0e3a1f9da vmauthd_version 2017-05-11 21:04:10 -04:00
h00die 4c40c6289e add rlogin and rsh 2017-05-11 20:22:44 -04:00
h00die 7f34e985f7 rexec docs 2017-05-11 17:08:21 -04:00
William Vu 0627b10996 Add Ubuntu version to module doc 2017-05-11 14:13:45 -05:00
Josh Hale bb815c0f8c Add delete all to module doc 2017-05-10 23:01:03 -05:00
Brent Cook 099fc0176a move autoroute to a more sensible location 2017-05-10 23:01:02 -05:00
Brent Cook 28c20cf35d
Land #7873, haraka mail server command injection 2017-05-10 22:52:40 -05:00
Brent Cook 0f089020cb update example output from module 2017-05-10 22:52:13 -05:00
Brent Cook 6e8f226f36 update docs, move module out of the way 2017-05-10 22:09:26 -05:00
William Vu a1d92573fc Add module doc to appease the @h00die god 2017-05-10 15:17:20 -05:00
Michael Scherer a3dc82d51c Fix mispelling in meterpreter readme 2017-05-10 22:08:22 +02:00
Brent Cook faf01ed5ef
Land #8353, add aux scanner for Intel AMT digest bypass 2017-05-09 18:45:21 -05:00
Brent Cook ad37f88a34 add module docs 2017-05-09 18:44:43 -05:00
Brent Cook 96e3d61883
Land #8297, add docs for energizer duo scanner and exploit 2017-05-08 17:14:36 -05:00
Pearce Barry af3f1fbc37
Land #8332, Canprobe Module 2017-05-07 12:20:27 -05:00
Pearce Barry 1c099a3d14
Minor doc tweaks. 2017-05-07 12:13:57 -05:00
Brendan Coles 283a40a279 Add documentation 2017-05-06 12:58:53 +00:00
h00die 01c726089a
Land #8334, docs for http/crawler and http/robots 2017-05-05 17:31:45 -04:00
h00die 4309cc42a2 minor doc edits 2017-05-05 17:30:03 -04:00
Jon P cf0b3c9476
Add h00die's swaggy recommendations 2017-05-04 10:50:34 +02:00
Jon P df201e65b4
Documentation for the HTTP crawler 2017-05-03 18:20:35 +02:00
Jon P 733c8c291c
Documentation for the robots_txt scanner module 2017-05-03 17:41:46 +02:00
Craig Smith 9877aa9ef9 Added documentation and cleand up how STOPID worked 2017-05-02 18:57:32 -07:00
Yorick Koster 006ed42248 Added fix information
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/0002
09.html
2017-05-01 09:01:14 +02:00
h00die a83a7a12e9
land #8320, docs for ftp_login 2017-04-30 08:15:56 -04:00
h00die a936713252 fixing formatting 2017-04-30 08:14:36 -04:00
Yorick Koster a7436b6afa Typo 2017-04-29 20:42:15 +02:00
Yorick Koster 0a7b9eedda Typo 2017-04-29 20:39:17 +02:00
Yorick Koster 673dbdc4b9 Code review feedback from h00die 2017-04-29 20:37:39 +02:00
itsmeroy2012 cae564ea3b Highlighting filenames 2017-04-29 23:20:13 +05:30
itsmeroy2012 9e7719c428 Adding white space 2017-04-29 20:30:28 +05:30
itsmeroy2012 640368a391 Changing a line 2017-04-29 20:28:23 +05:30
itsmeroy2012 a1765c9e8c Add KB for ftp_login 2017-04-29 20:27:11 +05:30
Yorick Koster 0eb79e8c8c Added docs for mediawiki_syntaxhighlight.rb 2017-04-29 16:14:25 +02:00
William Vu 56990517b0
Update finger_users doc with nmap --script finger 2017-04-28 17:45:50 -05:00
dmohanty-r7 24004f16b3
Land #8298, docs for aux scanner finger 2017-04-28 10:36:50 -05:00
h00die 1843f03665 add nmap equivalent 2017-04-26 19:39:46 -04:00
William Vu 7a6a124272
Land #8279, POSIX Meterpreter replaced by Mettle 2017-04-26 18:32:17 -05:00
Brent Cook 855aa3f850
Land #8295, fix doc paths 2017-04-26 18:25:14 -05:00
Brent Cook 12ed3dad20 update documentation to point to meterpreter again 2017-04-26 17:49:08 -05:00
Daniel Teixeira cd038aed82 Dup Scout Enterprise documentation 2017-04-26 15:19:59 +01:00
William Vu bbee7f86b5
Land #8263, Mercurial SSH exec module 2017-04-26 01:38:01 -05:00
William Vu ad084ae0cc
Land #8286, x11_keyboard_exec docs 2017-04-26 01:12:41 -05:00
William Vu 6739725489
Land #8285, open_x11 docs 2017-04-26 01:12:27 -05:00
h00die 43847f9606 finger docs 2017-04-25 22:29:39 -04:00
h00die c4bb918cca addition of energizer duo docs 2017-04-25 22:05:55 -04:00
h00die 285358e2a4 fix paths 2017-04-25 21:12:55 -04:00
h00die 0ae6142b76
land #8283, docs for ftp/anonymous 2017-04-25 20:55:17 -04:00
h00die d1911a78c5 minor syntax change 2017-04-25 20:51:40 -04:00
h00die 323650dfe4
land #8284 docs for ftp_version 2017-04-25 19:37:04 -04:00
h00die 4c71a9908d minor adjustment 2017-04-25 19:35:03 -04:00
wchen-r7 320898697a
Land #8266, Add Buffer Overflow Exploit on Disk Sorter Enterprise 2017-04-24 17:17:30 -05:00
wchen-r7 e775f9ccbd
Land #8259, Add post module to upload and execute a file 2017-04-24 17:00:55 -05:00
wchen-r7 8c463ab570 Add doc for upload_exec 2017-04-24 17:00:09 -05:00
wchen-r7 35bc1fbf28
Land #8282, Add module doc for auxiliary/scanner/chargen/chargen_probe 2017-04-24 16:14:19 -05:00
wchen-r7 5bbb4d755a
Land #8254, Add CVE-2017-0199 - Office Word HTA Module 2017-04-24 16:05:00 -05:00
wchen-r7 6029a9ee2b Use a built-in HTA server and update doc 2017-04-24 16:04:27 -05:00
Daniel Teixeira a404a1ed04 Rename disksorter_bof.rb.md to disksorter_bof.md 2017-04-24 21:58:37 +01:00
James Lee 47e5f90ded
Add docs for wp_admin_shell_upload 2017-04-24 15:50:59 -05:00
itsmeroy2012 7192836515 few edits added 2017-04-24 23:15:14 +05:30
itsmeroy2012 47b8738bdc few edits added 2017-04-24 23:08:20 +05:30
Daniel Teixeira c5b594d928 Disk Sorter Enterprise Documentation 2017-04-24 14:59:47 +01:00
h00die b2f9bbc43c add xdotool 2017-04-23 16:04:11 -04:00
h00die d1ed6afad1 x11 exploit docs 2017-04-23 15:48:48 -04:00
h00die f84061e195 docs 2017-04-23 15:10:23 -04:00
itsmeroy2012 03099cd57b adding confirmation 2017-04-24 00:15:53 +05:30
itsmeroy2012 2990c3b2fb minor fix 2017-04-24 00:10:30 +05:30
itsmeroy2012 98d1997cfa KB for ftp_version 2017-04-24 00:09:20 +05:30
itsmeroy2012 1650492e7b update 2017-04-23 23:50:02 +05:30
itsmeroy2012 ef29cf441a adding sample output 2017-04-23 23:48:38 +05:30
itsmeroy2012 56aed7a998 whitespace fix 2017-04-23 23:45:29 +05:30
itsmeroy2012 e10a346d01 minor fixes 2017-04-23 23:41:58 +05:30
itsmeroy2012 2abaa9cc0a fixing numbers 2017-04-23 23:38:23 +05:30
itsmeroy2012 5d71ce9508 adding confirmation 2017-04-23 23:37:04 +05:30
itsmeroy2012 57f0a4f00c KB for ftp/anonymous 2017-04-23 23:35:55 +05:30
h00die 562389df57 add comma 2017-04-23 11:49:52 -04:00
h00die c6109f7138 add newline 2017-04-23 11:41:08 -04:00
h00die e8e2a3dd61 chargen_probe docs 2017-04-23 11:38:29 -04:00
h00die 8e4c093a22 added version numbers 2017-04-22 09:45:55 -04:00
Matthias Brun ca03140531 Add documentation for WiPG-1000 module 2017-04-21 15:37:47 +02:00
Jonathan Claudius 999a5dfb9c
Make tested against a bulleted list 2017-04-18 22:29:04 -04:00
h00die 9f892c56fb
land #8244 docs for manageengine_connectionid_write 2017-04-18 21:43:58 -04:00