OS Command Exec, Unix Command Shell, Reverse TCP SSL (via python)

Execute an OS command from PHP. Creates an interactive shell via python, uses SSL, encodes with base64 by design. Module Options msf use payload/php/unix/cmd/reversepythonssl msf payloadreversepythonssl show actions ...actions... msf payloadreversepythonssl set ACTION msf payloadreversepythonssl...

OS Command Exec, Unix Command Shell, Reverse TCP SSL (via php)

Execute an OS command from PHP. Creates an interactive shell via php, uses SSL Module Options msf use payload/php/unix/cmd/reversephpssl msf payloadreversephpssl show actions ...actions... msf payloadreversephpssl set ACTION msf payloadreversephpssl show options ...show and set options... msf...

OS Command Exec, Unix Command Shell, Bind TCP (via Zsh)

Execute an OS command from PHP. Listen for a connection and spawn a command shell via Zsh. Note: Although Zsh is often available, please be aware it isn't usually installed by default. Module Options msf use payload/php/unix/cmd/bindzsh msf payloadbindzsh show actions ...actions... msf...

OS Command Exec, Unix Command Shell, Reverse TCP (via socat)

Execute an OS command from PHP. Creates an interactive shell via socat Module Options msf use payload/php/unix/cmd/reversesocattcp msf payloadreversesocattcp show actions ...actions... msf payloadreversesocattcp set ACTION msf payloadreversesocattcp show options ...show and set options... msf...

PHP Exec, PHP Command Shell, Bind TCP (via php) IPv6

Execute a PHP payload as an OS command from a Posix-compatible shell. Listen for a connection and spawn a command shell via php IPv6 Module Options msf use payload/cmd/unix/php/bindphpipv6 msf payloadbindphpipv6 show actions ...actions... msf payloadbindphpipv6 set ACTION msf payloadbindphpipv6...

PHP Exec, PHP Command Shell, Reverse TCP (via PHP)

Execute a PHP payload as an OS command from a Posix-compatible shell. Reverse PHP connect back shell with checks for disabled functions Module Options msf use payload/cmd/unix/php/reversephp msf payloadreversephp show actions ...actions... msf payloadreversephp set ACTION msf payloadreversephp sh...

PHP Exec, PHP Command Shell, Bind TCP (via PHP)

Execute a PHP payload as an OS command from a Posix-compatible shell. Listen for a connection and spawn a command shell via php Module Options msf use payload/cmd/unix/php/bindphp msf payloadbindphp show actions ...actions... msf payloadbindphp set ACTION msf payloadbindphp show options ...show a...

CVE-2024-44540

Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain a privileged command shell via the UART Debugging Port...

CVE-2020-29014

A concurrent execution using shared resource with improper synchronization 'race condition' in the command shell of FortiSandbox before 3.2.2 may allow an authenticated attacker to bring the system into an unresponsive state via specifically orchestrated sequences of commands...

CVE-2019-12889

An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must...

RHEL 7 : openstack-ironic-discoverd (RHSA-2015:1929)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1929 advisory. Ironic provides bare metal provisioning for OpenStack nodes. It was discovered that enabling debug mode in openstack-ironic-discoverd also enables...

Security Bulletin: This Power System update is being released to address CVE 2021-29891

Summary POWER9: In response to a security issue with BMC's HTTPS server, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2021-29891. Vulnerability Details CVEID:CVE-2021-29891 DESCRIPTION: IBM OPENBMC could allow a privileged...

F5 BIG-IP TMSH CLI Command Injection

A command injection vulnerability exists in the F5 tmsh restricted CLI which allows an authenticated attacker to leverage the commands accessible by a low privilege user in order to bypass restrictions, inject arbitrary commands and obtain remote code execution as the root user on the target syst...

HTTP Fetch, Linux Command Shell, Reverse TCP Stager

Fetch and execute an MIPSLE payload from an HTTP server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/http/mipsle/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show...

TFTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an ARMLE payload from a TFTP server. Connect to target and spawn a command shell Module Options msf use payload/cmd/linux/tftp/armle/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show an...

TFTP Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an MIPSLE payload from a TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/mipsle/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...

TFTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an AARCH64 payload from a TFTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/tftp/aarch64/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an ARMLE payload from an HTTP server. Connect to target and spawn a command shell Module Options msf use payload/cmd/linux/http/armle/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show a...

TFTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an MIPSLE payload from a TFTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/tftp/mipsle/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sh...

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an ARMLE payload from an HTTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/http/armle/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sho...