mirror of
https://github.com/rapid7/metasploit-framework
synced 2024-10-02 07:40:19 +02:00
Fix small grammar issues in ms08_067 and ms17_010
Also includes very small changes to improve punctuation consistency within CONTRIBUTING.md
This commit is contained in:
parent
e5bd36da1c
commit
593813cdef
@ -45,8 +45,8 @@ and Metasploit's [Common Coding Mistakes].
|
|||||||
* **Do** specify a descriptive title to make searching for your pull request easier.
|
* **Do** specify a descriptive title to make searching for your pull request easier.
|
||||||
* **Do** include [console output], especially for witnessable effects in `msfconsole`.
|
* **Do** include [console output], especially for witnessable effects in `msfconsole`.
|
||||||
* **Do** list [verification steps] so your code is testable.
|
* **Do** list [verification steps] so your code is testable.
|
||||||
* **Do** [reference associated issues] in your pull request description
|
* **Do** [reference associated issues] in your pull request description.
|
||||||
* **Do** write [release notes] once a pull request is landed
|
* **Do** write [release notes] once a pull request is landed.
|
||||||
* **Don't** leave your pull request description blank.
|
* **Don't** leave your pull request description blank.
|
||||||
* **Don't** abandon your pull request. Being responsive helps us land your code faster.
|
* **Don't** abandon your pull request. Being responsive helps us land your code faster.
|
||||||
|
|
||||||
@ -58,8 +58,8 @@ Pull requests [PR#2940] and [PR#3043] are a couple good examples to follow.
|
|||||||
- It would be even better to set up `msftidy.rb` as a [pre-commit hook].
|
- It would be even better to set up `msftidy.rb` as a [pre-commit hook].
|
||||||
* **Do** use the many module mixin [API]s. Wheel improvements are welcome; wheel reinventions, not so much.
|
* **Do** use the many module mixin [API]s. Wheel improvements are welcome; wheel reinventions, not so much.
|
||||||
* **Don't** include more than one module per pull request.
|
* **Don't** include more than one module per pull request.
|
||||||
* **Do** include instructions on how to setup the vulnerable environment or software
|
* **Do** include instructions on how to setup the vulnerable environment or software.
|
||||||
* **Do** include [Module Documentation](https://github.com/rapid7/metasploit-framework/wiki/Generating-Module-Documentation) showing sample run-throughs
|
* **Do** include [Module Documentation](https://github.com/rapid7/metasploit-framework/wiki/Generating-Module-Documentation) showing sample run-throughs.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
ms08_067_netapi is one of the most popular remote exploits against Microsoft Windows. It is
|
ms08_067_netapi is one of the most popular remote exploits against Microsoft Windows. It is
|
||||||
considered a reliable exploit, and allows you to gain access as SYSTEM - the highest Windows
|
considered a reliable exploit and allows you to gain access as SYSTEM - the highest Windows
|
||||||
privilege. In modern day penetration test, this exploit would most likely be used in an internal
|
privilege. In modern day penetration tests, this exploit would most likely be used in an internal
|
||||||
environment, and not so much from external due to the likelihood of a firewall.
|
environment and not so much from external due to the likelihood of a firewall.
|
||||||
|
|
||||||
The check command of ms08_067_netapi is also highly accurate, because it is actually testing the
|
The check command of ms08_067_netapi is also highly accurate, because it is actually testing the
|
||||||
vulnerable code path, not just passively.
|
vulnerable code path, not just passively.
|
||||||
@ -15,7 +15,7 @@ This exploit works against a vulnerable SMB service from one of these Windows sy
|
|||||||
* Windows XP
|
* Windows XP
|
||||||
* Windows 2003
|
* Windows 2003
|
||||||
|
|
||||||
To reliability determine whether the machine is vulnerable, you will have to either examine
|
To reliably determine whether the machine is vulnerable, you will have to either examine
|
||||||
the system's patch level, or use a vulnerability check.
|
the system's patch level, or use a vulnerability check.
|
||||||
|
|
||||||
## Verification Steps
|
## Verification Steps
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
ms17_010_eternalblue is a remote exploit against Microsoft Windows, originally written by the
|
ms17_010_eternalblue is a remote exploit against Microsoft Windows, originally written by the
|
||||||
Equation Group (NSA) and leaked by Shadow Brokers (an unknown hacking entity). It is
|
Equation Group (NSA) and leaked by Shadow Brokers (an unknown hacking entity). It is
|
||||||
considered a reliable exploit, and allows you to gain access not only as SYSTEM - the highest Windows
|
considered a reliable exploit and allows you to gain access not only as SYSTEM - the highest Windows
|
||||||
user mode privilege, but also full control of the kernel in ring 0. In modern day penetration test,
|
user mode privilege, but also full control of the kernel in ring 0. In modern day penetration tests,
|
||||||
this exploit can be found in internal and external environments.
|
this exploit can be found in internal and external environments.
|
||||||
|
|
||||||
As far as remote kernel exploits go, this one is highly reliable and safe to use.
|
As far as remote kernel exploits go, this one is highly reliable and safe to use.
|
||||||
|
Loading…
Reference in New Issue
Block a user