Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds session documentation #18961

Merged
merged 2 commits into from
Mar 25, 2024
Merged

Adds session documentation #18961

merged 2 commits into from
Mar 25, 2024

Conversation

zgoldman-r7
Copy link
Contributor

This adds documentation for the SQL/SMB session types. Please let me know if there's anything we need more detail on/should phrase better.

@adfoster-r7
Copy link
Contributor

I think this is missing the changes to the pentesting section of the docs site:

https://docs.metasploit.com/docs/pentesting/
https://docs.metasploit.com/docs/pentesting/metasploit-guide-mysql.html etc

cgranleese-r7
cgranleese-r7 reviewed Mar 15, 2024
View reviewed changes
Copy link
Contributor

@cgranleese-r7 cgranleese-r7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the comments I have for mssql_login.md are relevant for the rest as well. Adding as much command line output as we can would help as well I think. So if we talk about a command, add the console interactions output to the markdown.

documentation/modules/auxiliary/scanner/mssql/mssql_login.md Outdated Show resolved Hide resolved
documentation/modules/auxiliary/scanner/mssql/mssql_login.md Outdated Show resolved Hide resolved
documentation/modules/auxiliary/scanner/mssql/mssql_login.md Outdated
session within the smb instance. Running the following commands with all other options set:

```
set CreateSession true
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thoughts on maybe adding more steps here on using a login module. I.e copy pasta the full steps so if a user wants to try this then don't have to go elsewhere in the docs to figure out how to use the login modules. I think a single example of lets say mssql_login would be fine.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this already exists below in 'Scenarios' - do you think we should restructure things to make it more cohesive?

documentation/modules/auxiliary/scanner/mssql/mssql_login.md Outdated Show resolved Hide resolved
documentation/modules/auxiliary/scanner/mssql/mssql_login.md Outdated Show resolved Hide resolved
documentation/modules/auxiliary/scanner/mssql/mssql_login.md Show resolved Hide resolved
@cgranleese-r7 cgranleese-r7 self-assigned this Mar 15, 2024
@cgranleese-r7 cgranleese-r7 added the rn-documentation release notes for Metasploit Framework documentation label Mar 15, 2024
adfoster-r7
adfoster-r7 reviewed Mar 16, 2024
View reviewed changes
docs/metasploit-framework.wiki/Metasploit-Guide-MSSQL.md Outdated
The CreateSession option, when set to true, will result in returning an interactive MSSQL session with the target machine
on a successful login:

```
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adding msf6 to all of the Metasploit console examples will give you syntax highlighting 👀

Suggested change
```
```msf6

cgranleese-r7
cgranleese-r7 reviewed Mar 19, 2024
View reviewed changes
Copy link
Contributor

@cgranleese-r7 cgranleese-r7 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Took another look through this and added some more shuffling I think might make thing clearer. Let me know your thoughts 👍

I added feedback on one markdown again, but it would be relevant to all if you decide to go ahead with the changes.

docs/metasploit-framework.wiki/Metasploit-Guide-MySQL.md Outdated Show resolved Hide resolved
docs/metasploit-framework.wiki/Metasploit-Guide-MySQL.md Outdated Show resolved Hide resolved
docs/metasploit-framework.wiki/Metasploit-Guide-MySQL.md Outdated Show resolved Hide resolved
docs/metasploit-framework.wiki/Metasploit-Guide-MySQL.md Outdated Show resolved Hide resolved
docs/metasploit-framework.wiki/Metasploit-Guide-MySQL.md Show resolved Hide resolved
@zgoldman-r7 zgoldman-r7 force-pushed the session-documentation branch 2 times, most recently from 31b7250 to e8f71f2 Compare March 20, 2024 17:10
@adfoster-r7 adfoster-r7 added the blocked Blocked by one or more additional tasks label Mar 20, 2024
@adfoster-r7
Copy link
Contributor

adfoster-r7 commented Mar 20, 2024
edited
Loading

Will aim to get this in on Monday since we can do docs releases out of band from the normal release cycle

@zgoldman-r7
Adds session documentation
2c307f1 
add more console output, add to pentesting side

split out session, help, query, query_interactive sections

add multiline examples

update mysql, smb
@zgoldman-r7 zgoldman-r7 force-pushed the session-documentation branch from e8f71f2 to 2c307f1 Compare March 21, 2024 14:52
@adfoster-r7
Copy link
Contributor

I think this is a good first step 🎉

We might want to circle back and reduce some of the verbosity in parts, but we'll be able to come back later with fresh eyes and spot what improvements we want to make then

@cgranleese-r7 cgranleese-r7 merged commit 9b4114e into rapid7:master Mar 25, 2024
36 of 37 checks passed
@cgranleese-r7 cgranleese-r7 removed the blocked Blocked by one or more additional tasks label Mar 25, 2024
@cgranleese-r7
Copy link
Contributor

Release Notes

This PR adds documentation for the new SQL and SMB session types.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cgranleese-r7 cgranleese-r7 cgranleese-r7 left review comments

@adfoster-r7 adfoster-r7 adfoster-r7 left review comments

@dwelch-r7 dwelch-r7 dwelch-r7 left review comments

Assignees

@cgranleese-r7 cgranleese-r7

Labels
rn-documentation release notes for Metasploit Framework documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@zgoldman-r7 @adfoster-r7 @cgranleese-r7 @dwelch-r7