Merge pull request #20625 from h00die/fix_exploit_docs_options

Update exploit docs to use modern h3 for options instead of original spec (bold)

Author: jheysel-r7

documentation/modules/exploit/aix/local/xorg_x11_server.md

@@ -34,11 +34,11 @@ This table lists all vulnerable Xorg versions:
 
 ## Options
 
-**SESSION**
+### SESSION
 
 Which session to use, which can be viewed with `sessions`
 
-**WritableDir**
+### WritableDir
 
 A writable directory file system path. (default: `/tmp`)
 

documentation/modules/exploit/android/local/janus.md

@@ -77,7 +77,7 @@ Number of signers: 1
 
 ## Options
 
-  **PACKAGE**
+### PACKAGE
 
   Select a package to infect.  A list of packages can be obtained by running `app_list` on meterpreter.  Using `ALL` will
   loop through all packages and attempt to exploit them until successful.  This can take a while, and cause lots of data to be

documentation/modules/exploit/freebsd/local/intel_sysret_priv_esc.md

@@ -34,11 +34,11 @@
 
 ## Options
 
-  **SESSION**
+### SESSION
 
   Which session to use, which can be viewed with `sessions`
 
-  **WritableDir**
+### WritableDir
 
   A writable directory file system path. (default: `/tmp`)
 

documentation/modules/exploit/freebsd/local/rtld_execl_priv_esc.md

@@ -31,7 +31,7 @@
 
 ## Options
 
-  **SESSION**
+### SESSION
 
   Which session to use, which can be viewed with `sessions`
 

documentation/modules/exploit/linux/http/asuswrt_lan_rce.md

@@ -25,7 +25,7 @@
 
 ## Options
 
-  **ASUSWRTPORT**
+### ASUSWRTPORT
 
   AsusWRT HTTP portal port (default: `80`)
 

documentation/modules/exploit/linux/http/cisco_firepower_useradd.md

@@ -24,12 +24,22 @@ https://software.cisco.com/download/release.html?mdfid=286259687&softwareid=2862
 
 ## Options
 
-**USERNAME** The username for Cisco Firepower Management console.
+### USERNAME
 
-**PASSWORD** The password for Cisco Firepower Management console.
+The username for Cisco Firepower Management console.
 
-**NEWSSHUSER** The SSH account to create. By default, this is random.
+### PASSWORD
 
-**NEWSSHPASS** The SSH password for the new account. By default, this is also random.
+The password for Cisco Firepower Management console.
 
-**SSHPORT** In case for some reason, the SSH changed, otherwise this is 22 by default.
+### NEWSSHUSER
+
+The SSH account to create. By default, this is random.
+
+### NEWSSHPASS
+
+The SSH password for the new account. By default, this is also random.
+
+### SSHPORT
+
+In case for some reason, the SSH changed, otherwise this is 22 by default.

documentation/modules/exploit/linux/http/cisco_rv32x_rce.md

@@ -39,30 +39,30 @@ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2
 
 ## Options
 
-**RHOSTS**
+### RHOSTS
 
 Configure the remote vulnerable system.
 
-**RPORT**
+### RPORT
 
 Configure the TCP port of the HTTP/HTTPS management web interface.
 
-**USE_SSL**
+### USE_SSL
 
 This flag controls whether the remote management web interface is accessible
 via HTTPS or not. Should be false for HTTP and true for HTTPS.
 
-**PAYLOAD**
+### PAYLOAD
 
 Configure the Metasploit payload that you want to stage. Must be for MIPS64
 arch.  Set payload Options accordingly.
 
-**SRVHOST**
+### SRVHOST
 
 The module stages the payload via a web server. This is the binding interface
 IP. Default can be set to 0.0.0.0. 
 
-**HTTPDelay**
+### HTTPDelay
 
 This configures how long the module should wait for the incoming HTTP
 connection to the HTTP stager.

documentation/modules/exploit/linux/http/craftcms_preauth_rce_cve_2025_32432.md

@@ -75,8 +75,10 @@ ddev launch
 
 The module has the following option:
 
-- **ASSET_ID**: This option is required for older versions of Craft CMS, particularly in the 3.x series.
-    It specifies the asset ID for the Craft CMS instance. For 3.x versions, this ID must be set correctly to exploit the vulnerability.
+### ASSET_ID
+
+This option is required for older versions of Craft CMS, particularly in the 3.x series.
+It specifies the asset ID for the Craft CMS instance. For 3.x versions, this ID must be set correctly to exploit the vulnerability.
 
 For example, if you are targeting a Craft CMS version from the `>= 3.0.0`, `< 3.9.14`, make sure to specify the correct `ASSET_ID`.
 This is necessary for successful exploitation when dealing with these versions.

documentation/modules/exploit/linux/http/goahead_ldpreload.md

@@ -30,7 +30,7 @@ gcc ./cgitest.c -o cgi-bin/cgitest
 
 ## Options
 
-  **TARGET_URI**
+### TARGET_URI
 
   Optional. The full path to a CGI endpoint on the target server.
 

documentation/modules/exploit/linux/http/hp_van_sdn_cmd_inject.md

@@ -18,23 +18,23 @@ Tested on 2.7.18.0503.
 
 ## Options
 
-**RPORT**
+### RPORT
 
 Set this to the port for the REST API, usually 8081.
 
-**WEBUI_PORT**
+### WEBUI_PORT
 
 Set this to the port for the web UI, usually 8443.
 
-**TOKEN**
+### TOKEN
 
 Set this to the service token. Defaults to `AuroraSdnToken37`.
 
-**USERNAME**
+### USERNAME
 
 Set this to the service username. Defaults to `sdn`.
 
-**PASSWORD**
+### PASSWORD
 
 Set this to the service password. Defaults to `skyline`.