From 593813cdefb611055743078088a6d43831a5a9ab Mon Sep 17 00:00:00 2001 From: Brady Sullivan Date: Mon, 15 Jan 2018 19:32:44 -0800 Subject: [PATCH] Fix small grammar issues in ms08_067 and ms17_010 Also includes very small changes to improve punctuation consistency within CONTRIBUTING.md --- CONTRIBUTING.md | 8 ++++---- .../modules/exploit/windows/smb/ms08_067_netapi.md | 8 ++++---- .../modules/exploit/windows/smb/ms17_010_eternalblue.md | 4 ++-- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9dff7f654d..e69dfe85dc 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -45,8 +45,8 @@ and Metasploit's [Common Coding Mistakes]. * **Do** specify a descriptive title to make searching for your pull request easier. * **Do** include [console output], especially for witnessable effects in `msfconsole`. * **Do** list [verification steps] so your code is testable. -* **Do** [reference associated issues] in your pull request description -* **Do** write [release notes] once a pull request is landed +* **Do** [reference associated issues] in your pull request description. +* **Do** write [release notes] once a pull request is landed. * **Don't** leave your pull request description blank. * **Don't** abandon your pull request. Being responsive helps us land your code faster. @@ -58,8 +58,8 @@ Pull requests [PR#2940] and [PR#3043] are a couple good examples to follow. - It would be even better to set up `msftidy.rb` as a [pre-commit hook]. * **Do** use the many module mixin [API]s. Wheel improvements are welcome; wheel reinventions, not so much. * **Don't** include more than one module per pull request. -* **Do** include instructions on how to setup the vulnerable environment or software -* **Do** include [Module Documentation](https://github.com/rapid7/metasploit-framework/wiki/Generating-Module-Documentation) showing sample run-throughs +* **Do** include instructions on how to setup the vulnerable environment or software. +* **Do** include [Module Documentation](https://github.com/rapid7/metasploit-framework/wiki/Generating-Module-Documentation) showing sample run-throughs. diff --git a/documentation/modules/exploit/windows/smb/ms08_067_netapi.md b/documentation/modules/exploit/windows/smb/ms08_067_netapi.md index 6af5b746ad..4ca826c4ef 100644 --- a/documentation/modules/exploit/windows/smb/ms08_067_netapi.md +++ b/documentation/modules/exploit/windows/smb/ms08_067_netapi.md @@ -1,7 +1,7 @@ ms08_067_netapi is one of the most popular remote exploits against Microsoft Windows. It is -considered a reliable exploit, and allows you to gain access as SYSTEM - the highest Windows -privilege. In modern day penetration test, this exploit would most likely be used in an internal -environment, and not so much from external due to the likelihood of a firewall. +considered a reliable exploit and allows you to gain access as SYSTEM - the highest Windows +privilege. In modern day penetration tests, this exploit would most likely be used in an internal +environment and not so much from external due to the likelihood of a firewall. The check command of ms08_067_netapi is also highly accurate, because it is actually testing the vulnerable code path, not just passively. @@ -15,7 +15,7 @@ This exploit works against a vulnerable SMB service from one of these Windows sy * Windows XP * Windows 2003 -To reliability determine whether the machine is vulnerable, you will have to either examine +To reliably determine whether the machine is vulnerable, you will have to either examine the system's patch level, or use a vulnerability check. ## Verification Steps diff --git a/documentation/modules/exploit/windows/smb/ms17_010_eternalblue.md b/documentation/modules/exploit/windows/smb/ms17_010_eternalblue.md index 9c2d022b78..ac40de8209 100644 --- a/documentation/modules/exploit/windows/smb/ms17_010_eternalblue.md +++ b/documentation/modules/exploit/windows/smb/ms17_010_eternalblue.md @@ -1,7 +1,7 @@ ms17_010_eternalblue is a remote exploit against Microsoft Windows, originally written by the Equation Group (NSA) and leaked by Shadow Brokers (an unknown hacking entity). It is -considered a reliable exploit, and allows you to gain access not only as SYSTEM - the highest Windows -user mode privilege, but also full control of the kernel in ring 0. In modern day penetration test, +considered a reliable exploit and allows you to gain access not only as SYSTEM - the highest Windows +user mode privilege, but also full control of the kernel in ring 0. In modern day penetration tests, this exploit can be found in internal and external environments. As far as remote kernel exploits go, this one is highly reliable and safe to use.