12152 matches found
Open WebUI 'LDAP Empty Password' - Authentication Bypass
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP authentication endpoint does not validate that the submitted password is non-empty before performing a Simple Bind against the LDAP server. The LdapForm Pydantic model accep...
MAL-2026-10566 Malicious code in sight-bind (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 398788014436c7e95df3045f9b32398c3de46b8c9275c0437e44bda1dcb6cc00 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in sight-bind (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 398788014436c7e95df3045f9b32398c3de46b8c9275c0437e44bda1dcb6cc00 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Linux dup2 Command Shell, Bind TCP Stager
dup2 socket in s1, then execve. Listen for a connection Module Options msf use payload/linux/riscv32le/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set options... msf payloadbindtcp run frozenstringliteral:...
Linux dup2 Command Shell, Bind TCP Stager
dup2 socket in s1, then execve. Listen for a connection Module Options msf use payload/linux/riscv64le/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set options... msf payloadbindtcp run frozenstringliteral:...
FTP Fetch, Hidden Bind Ipknock TCP Stager
Fetch and execute an x86 payload from an FTP server. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socket...
FTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an FTP server. Listen for a connection Module Options msf use payload/cmd/windows/ftp/x86/vncinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options... msf...
FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/vncinject/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid set ACTION msf...
FTP Fetch, Windows Command Shell, Bind IPv6 TCP Stager (Windows x86)
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/shell/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf...
FTP Fetch, Windows Command Shell, Hidden Bind Ipknock TCP Stager
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get yo...
FTP Fetch, Windows Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Listen for a connection Module Options msf use payload/cmd/windows/ftp/x86/shell/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options...
FTP Fetch, Windows Command Shell, Bind TCP Stager (Windows x86)
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Listen for a connection Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options...
FTP Fetch, Windows Command Shell, Bind TCP Stager (No NX or Win7)
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Listen for a connection No NX Module Options msf use payload/cmd/windows/ftp/x86/shell/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf payloadbindnonxtcp sh...
FTP Fetch, Windows Command Shell, Bind TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Listen for a connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/shell/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION m...
FTP Fetch, Hidden Bind Ipknock TCP Stager
Fetch and execute an x86 payload from an FTP server. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socket...
FTP Fetch, Windows Upload/Execute, Bind IPv6 TCP Stager (Windows x86)
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/upexec/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf...
FTP Fetch, Windows Command Shell, Hidden Bind TCP Inline
Fetch and execute an x86 payload from an FTP server. Listen for a connection from certain IP and spawn a command shell. The shellcode will reply with a RST packet if the connections is not coming from the IP defined in AHOST. This way the port will appear as "closed" helping us to hide the...
FTP Fetch, Windows Upload/Execute, Hidden Bind TCP Stager
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/ftp/x86/upexec/bindhiddentcp msf payloadbindhiddentcp show actions...
FTP Fetch, Windows Upload/Execute, Hidden Bind Ipknock TCP Stager
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could...
FTP Fetch, Windows Upload/Execute, Bind IPv6 TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/upexec/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf...