24 matches found
FTP Fetch, Windows x86 Pingback, Bind TCP Inline
Fetch and execute an x86 payload from an FTP server. Open a socket and report UUID when a connection is received Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/pingbackbindtcp msf payloadpingbackbindtcp show actions ...actions... msf payloadpingbackbindtcp set ACTION msf...
FTP Fetch, Bind TCP Stager (No NX or Win7)
Fetch and execute an x86 payload from an FTP server. Listen for a connection No NX Module Options msf use payload/cmd/windows/ftp/x86/patchupdllinject/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf payloadbindnonxtcp show options ...show and se...
FTP Fetch, Windows Upload/Execute, Reverse TCP Stager
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/upexec/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp...
FTP Fetch, Windows Disable Windows ICF, Command Shell, Bind TCP Inline
Fetch and execute an x86 payload from an FTP server. Disable the Windows ICF, then listen for a connection and spawn a command shell Module Options msf use payload/cmd/windows/ftp/x86/shellbindtcpxpfw msf payloadshellbindtcpxpfw show actions ...actions... msf payloadshellbindtcpxpfw set ACTION ms...
FTP Fetch, Reverse TCP Stager (IPv6)
Fetch and execute a x86 payload from an FTP server. Connect back to attacker over IPv6 Module Options msf use payload/cmd/linux/ftp/x86/meterpreter/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options ...sh...
HTTPS Fetch, Windows Command Shell, Bind TCP Inline
Fetch and execute an x86 payload from an HTTPS server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/windows/https/x86/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...
HTTPS Fetch, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/https/x86/patchupdllinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp sh...
HTTP Fetch, Reverse TCP Stager (DNS)
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/patchupmeterpreter/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options...
HTTP Fetch, Windows MessageBox
Fetch and execute an x86 payload from an HTTP server. Spawns a dialog via MessageBox using a customizable title, text & icon Module Options msf use payload/cmd/windows/http/x86/messagebox msf payloadmessagebox show actions ...actions... msf payloadmessagebox set ACTION msf payloadmessagebox show...
HTTP Fetch, Windows Disable Windows ICF, Command Shell, Bind TCP Inline
Fetch and execute an x86 payload from an HTTP server. Disable the Windows ICF, then listen for a connection and spawn a command shell Module Options msf use payload/cmd/windows/http/x86/shellbindtcpxpfw msf payloadshellbindtcpxpfw show actions ...actions... msf payloadshellbindtcpxpfw set ACTION...
HTTP Fetch, Reverse TCP Stager with UUID Support
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/http/x86/dllinject/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf payloadreversetcpuuid sho...
HTTPS Fetch, Linux Chmod
Fetch and execute an AARCH64 payload from an HTTPS server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/https/aarch64/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set...
EUVD-2016-1908
Malware in sbrugna...
Path Traversal in Asset "import from server" option
Impact An authenticated attacker can abuse import-server-files with a path traversal to download an arbitrary file from the server An arbitrary file read vulnerability allows an attacker to read files on the server that they should not have access to, potentially including sensitive files such as...
WordPress Add From Server plugin <= 3.4.2 - Authenticated Path Traversal leading to Arbitrary File Access vulnerability
Authenticated Path Traversal leading to Arbitrary File Access vulnerability found by HoanHP in WordPress Add From Server plugin versions = 3.4.2. Solution Update the WordPress Add From Server plugin to the latest available version at least 3.4.3...
Netskope Client Buffer Error Overflow Hole
Netskope Client is a client program for connecting to and managing the Netskope Cloud Platform from Netskope USA. A buffer error vulnerability exists in the 'doHandshakefromServer' function in Netskope Client versions 57 before 57.2.0.219 and 60 before 60.2.0.214. An attacker can exploit this...
WordPress add-from-server plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. add-from-server is a file upload plugin used in it. A cross-site request forgery vulnerability exists in the WordPress add-from-server...
CVE-2016-10914
The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file...
Cross site request forgery (csrf)
The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file...
CVE-2016-10914
The CVE-2016-10914 issue affects the WordPress add-from-server plugin prior to version 3.3.2, where CSRF allows importing a large file. Several sources (Red Hat, CNVD, CVE listings, WPVulnDB) consistently describe this as a CSRF vulnerability in the add-from-server plugin, with potential impact i...