6043d0ffba
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
9f6950c6c8
Ensure HTML is escaped in markdown codeblocks
2022-04-27 19:51:05 +01:00
8495bff61c
Merge master and update the smb_shadow module
...
Add comments detailing the technique used to attack SMBv3. Remove some
comments that are no longer needed. Fix Gemfile.lock conflict.
2022-04-06 07:06:45 +09:00
7e010cbde2
Merge master and update smb_shadow + dispatcher
...
The smb_shadow module can confirm the server smb version supported with
the ConfirmServerDialect option. The shadow_mitm_dispatcher closes each
stream before opening a new one to prevent leaking file descriptors.
2022-04-02 10:39:02 +09:00
22f88f9ab7
Add docs
2022-03-08 23:52:24 +00:00
3051c5d9f5
Add mutex to cleanup in smb_shadow
...
The mutex will prevent multiple calls to cleanup when the module is
stopped with Ctrl-C. Add a Notes section to the documentation which
describes arpspoof usage and such.
2022-01-07 14:18:15 +09:00
609bf4be3c
Update smb_shadow module to clean unnecessary code
...
Remove the return statement after fail_with which will never be reached.
Add documentation for the module options. Reset the packet forwarding
settings during the module cleanup.
2021-12-07 08:41:52 +09:00
260ea0725c
Update smb_shadow module and docs for review
...
Add mutex to module to prevent race condition. Add sleep to after arp
query to prevent arp cache restoration. Add DefangedMode to indicate
system network changes. Change module INTERFACE option to be explicit.
Remove unnecessary module payload parameters. Add module Notes.
2021-12-03 14:33:40 +09:00
e19511a31c
Update documentation for the smb_shadow module.
...
Add additional clarity and details to the existing documentation for the
smb_shadow module. Remove some outdated comments and fix some spelling
errors.
2021-11-25 08:12:13 +09:00
e2734293e1
Add SMB Shadow Module: Direct SMB Session Takeover
...
This module intercepts direct SMB connections on the LAN.
Both the SMB Server and Client must be on the LAN.
The SMB Client must be authenticating to the Server as an Administrator.
This module is dependent on an external ARP spoofer.
2021-11-24 20:05:30 +09:00
b9d2f30bbd
Update psexec module to use SMBSHARE option name for consistency
2021-08-10 13:17:57 +01:00
a276f336f0
Final touchup work for PR 15438 to reference kernel pool and clear some wording up
2021-07-16 13:12:14 -05:00
42a751e0db
Add new supported targets
2021-07-16 16:58:34 +01:00
39455827aa
Land #15254 , use obfuscated powershell protection bypasses
2021-07-12 12:20:17 +01:00
82c078c888
Updates for psexec usage
2021-05-25 14:38:52 -04:00
a6f650a1a3
Add a clear warning about instability due to KPP
2021-05-20 17:28:14 -04:00
ba9674ca69
Search a wider range of the hal heap and remove an irrelevant sentence
2021-04-13 14:44:24 -04:00
63e438e992
Bump RubySMB and add a simple check method
2021-04-09 14:44:27 -04:00
dd9936ae84
Add SMBGhost RCE module docs
2021-04-09 14:15:11 -04:00
3da8fce9cf
Add Microsoft Windows RRAS Service MIBEntryGet Overflow
2021-03-03 02:50:42 +00:00
7797a52bd2
Ninja edit for msftidy_docs.rb compliance purposes
2020-08-06 12:33:22 -05:00
06702abec0
Update the documentaiton for PsExec
2020-08-06 11:36:22 -04:00
cb8bcb5cb1
Update the psexec module documentation for the new command target
2020-07-06 10:36:25 -04:00
fa6573f8e7
Note arch in supported target
2020-02-03 11:16:16 -06:00
e12d993027
Move SMB DOPU module to match new naming scheme
2020-02-03 11:16:16 -06:00
bd48588fd5
catch false positive spaces at eol from code indent
2020-01-28 14:28:18 -05:00
5fc561e916
Land #12661 , more docs
2019-12-13 17:42:36 -05:00
a945095ddf
doc touchup
2019-12-12 16:58:14 -05:00
f0ac300338
h00die review
...
Thanks h00die for the in depth review, as always.
2019-12-10 13:37:13 -07:00
fdce27c675
Land #12632 , lots more module docs
2019-12-05 15:00:45 -05:00
ea670d02fe
Update group_policy_startup.md
...
Add module authors blog post .
2019-12-04 20:38:57 -07:00
a6db0202f4
Create group_policy_startup.md
2019-12-04 20:31:59 -07:00
196029b959
Update ms04_007_killbill.md
2019-12-04 01:41:07 -07:00
5ab266e049
Update ms06_040_netapi.md
2019-12-02 22:29:45 -07:00
e732291be9
h00die
2019-12-02 22:28:16 -07:00
c66f3c4388
Update ms06_040_netapi.md
2019-12-02 20:51:45 -07:00
7dfe86034c
update ms04_007_killbill.md and update ms06_040_netapi.md
2019-12-02 19:08:14 -07:00
3881743847
Create ms06_040_netapi.md
2019-12-02 19:03:15 -07:00
7473a79cb3
Create ms04_007_killbill.md
2019-11-28 11:33:42 -07:00
b22d2a1685
Update prints in DOUBLEPULSAR exploit check method
...
vprint_good should be print_warning, and most vprints should be print,
even if in check, since check is critical functionality.
2019-11-25 18:33:46 -06:00
a1d1303ab9
Add module doc
2019-09-30 16:49:14 -05:00
6f58a15e00
removed template line
2018-10-24 15:14:15 -05:00
cecc7177f7
added documentation for modules
2018-10-24 09:47:05 -05:00
7e4e6e6437
Update ms17_010_{psexec,command} module docs
2018-03-27 14:32:21 -05:00
9dde5ebf92
Update eternalblue docs
...
- Add a reference for OS protection rings
- Uncomment some windows versions
- Fix a word choice issue
2018-02-02 13:21:43 -05:00
8627f6b834
added docs
2018-01-29 01:34:25 -07:00
593813cdef
Fix small grammar issues in ms08_067 and ms17_010
...
Also includes very small changes to improve punctuation consistency
within CONTRIBUTING.md
2018-01-15 19:32:44 -08:00
21e741b530
Comment out x86 targets in ms17_010_eternalblue.md
...
Still under development.
2017-05-16 19:52:44 -05:00
e3dcf0ab2d
added docs
2017-05-14 19:22:26 -06:00
4c42a74d48
MS-1195 minor grammatical edits to psexec kb
2016-03-21 14:18:16 -05:00
Grant Willcox