finished cleanup

Author: h00die

documentation/modules/auxiliary/scanner/dcerpc/endpoint_mapper.md

@@ -9,12 +9,10 @@ The endpoint_mapper module queries the EndPoint Mapper service of a remote syste
 3. Do: ```set THREADS [number of threads]```
 4. Do: ```run```
 
-In order to run the module, all we need to do is pass it a range of IP addresses, set the THREADS count, and let it go to work.
-
 ### Example Windows 2003, and Windows 7 Targets
 
-**Running the scanner**
 ```
+msf > use auxiliary/scanner/dcerpc/endpoint_mapper
 msf auxiliary(endpoint_mapper) > set RHOSTS 192.168.1.200-254
 RHOSTS => 192.168.1.200-254
 msf auxiliary(endpoint_mapper) > set THREADS 55

documentation/modules/auxiliary/scanner/dcerpc/hidden.md

@@ -9,13 +9,10 @@ The hidden scanner connects to a given range of IP addresses and tries to locate
 3. Do: ```set THREADS [number of threads]```
 4. Do: ```run```
 
-As you can see, there are not many options to configure so we will just point it at some targets and let it run.
-
 ## Scenarios
 
-**Running the scanner**
-
 ```
+msf > use auxiliary/scanner/dcerpc/hidden
 msf auxiliary(hidden) > set RHOSTS 192.168.1.200-254
 RHOSTS => 192.168.1.200-254
 msf auxiliary(hidden) > set THREADS 55
@@ -62,4 +59,4 @@ msf auxiliary(hidden) > run
 [*] Scanned 55 of 55 hosts (100% complete)
 [*] Auxiliary module execution completed
 msf auxiliary(hidden) >
-```
+```

documentation/modules/auxiliary/scanner/dcerpc/management.md

@@ -9,12 +9,12 @@ The dcerpc/management module scans a range of IP addresses and obtains informati
 3. Do: ```set THREADS [number of threads]```
 4. Do: ```run```
 
-There is minimal configuration required for this module; we simply need to set our THREADS value and the range of hosts we want scanned and run the module.
+## Scenarios
 
 ### Example Windows 2003, and Windows 7 Targets
 
-**Running the scanner**
 ```
+msf > use auxiliary/scanner/dcerpc/management
 msf auxiliary(management) > set RHOSTS 192.168.1.200-254
 RHOSTS => 192.168.1.200-254
 msf auxiliary(management) > set THREADS 55
@@ -84,4 +84,4 @@ msf auxiliary(management) > run
 [*] Scanned 55 of 55 hosts (100% complete)
 [*] Auxiliary module execution completed
 msf auxiliary(management) >
-```
+```

documentation/modules/auxiliary/scanner/dcerpc/tcp_dcerpc_auditor.md

@@ -9,12 +9,12 @@ The dcerpc/tcp_dcerpc_auditor module scans a range of IP addresses to determine
 3. Do: ```set THREADS [number of threads]```
 4. Do: ```run```
 
-To run this scanner, we just need to set our RHOSTS and THREADS values and let it run.
+## Scenarios
 
 ### Example Windows 2003, and Windows 7 Targets
 
-**Running the scanner**
 ```
+msf > use auxiliary/scanner/dcerpc/tcp_dcerpc_auditor
 msf auxiliary(tcp_dcerpc_auditor) > set RHOSTS 192.168.1.200-254
 RHOSTS => 192.168.1.200-254
 msf auxiliary(tcp_dcerpc_auditor) > set THREADS 55
@@ -40,4 +40,4 @@ The connection timed out (192.168.1.205:135).
 [*] Scanned 55 of 55 hosts (100% complete)
 [*] Auxiliary module execution completed
 msf auxiliary(tcp_dcerpc_auditor) >
-```
+```

documentation/modules/auxiliary/scanner/discovery/ipv6_neighbor.md

@@ -11,27 +11,10 @@ This auxiliary module probes the local network for IPv6 hosts that respond to Ne
 5. Do: ```set THREADS [number of threads]```
 6. Do: ```run```
 
-In addition to setting our RHOSTS value, we also need to set our source MAC address(SMAC) and source host(SHOST) IP address. We then set our RHOSTS and THREADS values and let the scanner run.
-
 ## Scenarios
 
-**Running the scanner**
 ```
 msf > use auxiliary/scanner/discovery/ipv6_neighbor
-msf auxiliary(ipv6_neighbor) > show options
-
-Module options:
-
-   Name       Current Setting  Required  Description
-   ----       ---------------  --------  -----------
-   INTERFACE                   no        The name of the interface
-   PCAPFILE                    no        The name of the PCAP capture file to process
-   RHOSTS                      yes       The target address range or CIDR identifier
-   SHOST                       yes       Source IP Address
-   SMAC                        yes       Source MAC Address
-   THREADS    1                yes       The number of concurrent threads
-   TIMEOUT    500              yes       The number of seconds to wait for new data
-
 msf auxiliary(ipv6_neighbor) > set RHOSTS 192.168.1.2-254
 RHOSTS => 192.168.1.200-254
 msf auxiliary(ipv6_neighbor) > set SHOST 192.168.1.101
@@ -64,4 +47,4 @@ msf auxiliary(ipv6_neighbor) > run
 [*] Scanned 253 of 253 hosts (100% complete)
 [*] Auxiliary module execution completed
 msf auxiliary(ipv6_neighbor) >
-```
+```

documentation/modules/auxiliary/scanner/discovery/udp_sweep.md

@@ -9,11 +9,8 @@ The `udp_sweep` module scans across a given range of hosts to detect commonly av
 3. Do: ```set THREADS [number of threads]```
 4. Do: ```run```
 
-To configure this module, just set the RHOSTS and THREADS values and run it.
-
 ## Scenarios
 
-**Running the scanner**
 ```
 msf > use auxiliary/scanner/discovery/udp_sweep
 msf auxiliary(udp_sweep) > set RHOSTS 192.168.1.2-254
@@ -42,4 +39,4 @@ msf auxiliary(udp_sweep) > run
 [*] Scanned 253 of 253 hosts (100% complete)
 [*] Auxiliary module execution completed
 msf auxiliary(udp_sweep) >
-```
+```

documentation/modules/auxiliary/scanner/http/cert.md

@@ -9,8 +9,6 @@ This module is a useful administrative scanner that allows you to cover a subnet
 3. Do: ```set THREADS [number of threads]```
 4. Do: ```run```
 
-Just set target RHOSTS and THREADS values and let it do its thing.
-
 ## Scenarios
 
 ```
@@ -32,7 +30,7 @@ msf auxiliary(cert) >
 
 ## Confirming
 
-The following are other industry tools which can also be used.
+The following are other industry tools which can also be used.  Note that the targets are not the same as those used in the previous documentation.
 
 ### [nmap](https://nmap.org/nsedoc/scripts/ssl-cert.html)
 

documentation/modules/auxiliary/scanner/http/dir_scanner.md

@@ -11,7 +11,7 @@ This module scans one or more web servers for interesting directories that can b
 ## Scenarios
 
 ```
-> use auxiliary/scanner/http/dir_scanner
+msf > use auxiliary/scanner/http/dir_scanner
 msf auxiliary(dir_scanner) > set RHOSTS 192.168.1.201
 RHOSTS => 192.168.1.201
 msf auxiliary(dir_scanner) > run
@@ -34,7 +34,7 @@ msf auxiliary(dir_scanner) >
 
 ## Confirming
 
-The following are other industry tools which can also be used.
+The following are other industry tools which can also be used.  Note that the targets are not the same as those used in the previous documentation.
 
 ### [dirb](http://dirb.sourceforge.net/)
 

documentation/modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.md

@@ -1,6 +1,6 @@
 ## Description
 
-The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as demonstrated by inserting %c0%af into a `/protected/` initial pathname component to bypass the password protection on the protected\ folder, aka "IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1122. More info about this vulnerability can be found in [cve-2009-1535](http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-1535).
+The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a `%c0%af` (Unicode / character) at an arbitrary position in the URI, as demonstrated by inserting `%c0%af` into a `/protected/` initial pathname component to bypass the password protection on the `protected` folder, aka "IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1122. More info about this vulnerability can be found in [CVE-2009-1535](http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-1535).
 
 ## Verification Steps
 
@@ -13,23 +13,6 @@ The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.
 
 ```
 msf > use auxiliary/scanner/http/dir_webdav_unicode_bypass
-msf auxiliary(dir_webdav_unicode_bypass) > show options
-
-Module options (auxiliary/scanner/http/dir_webdav_unicode_bypass):
-
-   Name        Current Setting                                          Required  Description
-   ----        ---------------                                          --------  -----------
-   DICTIONARY  /usr/share/metasploit-framework/data/wmap/wmap_dirs.txt  no        Path of word dictionary to use
-   ERROR_CODE  404                                                      yes       Error code for non existent directory
-   HTTP404S    /usr/share/metasploit-framework/data/wmap/wmap_404s.txt  no        Path of 404 signatures to use
-   PATH        /                                                        yes       The path to identify files
-   Proxies                                                              no        A proxy chain of format type:host:port[,type:host:port][...]
-   RHOSTS                                                               yes       The target address range or CIDR identifier
-   RPORT       80                                                       yes       The target port (TCP)
-   SSL         false                                                    no        Negotiate SSL/TLS for outgoing connections
-   THREADS     1                                                        yes       The number of concurrent threads
-   VHOST                                                                no        HTTP server virtual host
-
 msf auxiliary(dir_webdav_unicode_bypass) > set RHOSTS 192.168.1.200-254
 RHOSTS => 192.168.1.200-254
 msf auxiliary(dir_webdav_unicode_bypass) > set THREADS 20

documentation/modules/auxiliary/scanner/http/http_login.md

@@ -1,6 +1,6 @@
 ## Description
 
-This module is a brute-force login scanner that attempts to authenticate to a system using HTTP authentication. More info can be found [here](https://www.cvedetails.com/cve/cve-1999-0502).
+This module is a brute-force login scanner that attempts to authenticate to a system using HTTP authentication. More info can be found in [cve-1999-0502](https://www.cvedetails.com/cve/cve-1999-0502).
 
 ## Verification Steps
 
@@ -11,35 +11,8 @@ This module is a brute-force login scanner that attempts to authenticate to a sy
 
 ## Scenarios
 
-**Running the scanner**
-
 ```
 msf > use auxiliary/scanner/http/http_login
-msf auxiliary(http_login) > show options
-
-Module options (auxiliary/scanner/http/http_login):
-
-   Name              Current Setting                                                           Required  Description
-   ----              ---------------                                                           --------  -----------
-   AUTH_URI                                                                                    no        The URI to authenticate against (default:auto)
-   BLANK_PASSWORDS   false                                                                     no        Try blank passwords for all users
-   BRUTEFORCE_SPEED  5                                                                         yes       How fast to bruteforce, from 0 to 5
-   DB_ALL_CREDS      false                                                                     no        Try each user/password couple stored in the current database
-   DB_ALL_PASS       false                                                                     no        Add all passwords in the current database to the list
-   DB_ALL_USERS      false                                                                     no        Add all users in the current database to the list
-   PASS_FILE         /usr/share/metasploit-framework/data/wordlists/http_default_pass.txt      no        File containing passwords, one per line
-   Proxies                                                                                     no        A proxy chain of format type:host:port[,type:host:port][...]
-   REQUESTTYPE       GET                                                                       no        Use HTTP-GET or HTTP-PUT for Digest-Auth, PROPFIND for WebDAV (default:GET)
-   RHOSTS                                                                                      yes       The target address range or CIDR identifier
-   RPORT             80                                                                        yes       The target port (TCP)
-   SSL               false                                                                     no        Negotiate SSL/TLS for outgoing connections
-   STOP_ON_SUCCESS   false                                                                     yes       Stop guessing when a credential works for a host
-   THREADS           1                                                                         yes       The number of concurrent threads
-   USERPASS_FILE     /usr/share/metasploit-framework/data/wordlists/http_default_userpass.txt  no        File containing users and passwords separated by space, one pair per line
-   USER_AS_PASS      false                                                                     no        Try the username as the password for all users
-   USER_FILE         /usr/share/metasploit-framework/data/wordlists/http_default_users.txt     no        File containing users, one per line
-   VERBOSE           true                                                                      yes       Whether to print output for all attempts
-   VHOST
 msf auxiliary(http_login) > set AUTH_URI /xampp/
 AUTH_URI => /xampp/
 msf auxiliary(http_login) > set RHOSTS 192.168.1.201