1194 matches found
Ra1NX PHP Bot Authentication Bypass Remote Code Execution
Exploit Title: "Ra1NX" PHP Bot pubcall Authentication Bypass Remote Code Execution Date: March 24, 2013 Exploit Author: bwall Software Link: https://defense.ballastsecurity.net/decoding/index.php?hash=69401ac90262f3855c23cd143d7d2ae0 Version: v2.0 Tested on: Ubuntu require 'msf/core' class...
D-Link DIR 645 Password Extractor
This module exploits an authentication bypass vulnerability in DIR 645 'D-Link DIR 645 Password Extractor', 'Description' = %q This module exploits an authentication bypass vulnerability in DIR 645 'OSVDB', '90733' , 'BID', '58231' , 'PACKETSTORM', '120591' , 'Author' = 'Roberto Paleari ',...
Nagios Remote Plugin Executor Arbitrary Command Execution
The Nagios Remote Plugin Executor NRPE is installed to allow a central Nagios server to actively poll information from the hosts it monitors. NRPE has a configuration option dontblamenrpe which enables command-line arguments to be provided remote plugins. When this option is enabled, even when NR...
KingView Log File Parsing Buffer Overflow
This module exploits a vulnerability found in KingView "KingView Log File Parsing Buffer Overflow", 'Description' = %q This module exploits a vulnerability found in KingView MSFLICENSE, 'Author' = 'Lucas Apa', Vulnerability discovery 'Carlos Mario Penagos Hollman', Vulnerability discovery...
Firebird Relational Database CNCT Group Number Buffer Overflow
This Metasploit module exploits a vulnerability in Firebird SQL Server. A specially crafted packet can be sent which will overwrite a pointer allowing the attacker to control where data is read from. Shortly, following the controlled read, the pointer is called resulting in code execution. The...
BigAnt Server DUPF Command Arbitrary File Upload Vulnerability
This Metasploit module exploits an arbitrary file upload vulnerability in BigAnt Server 2.97 SP7. A lack of authentication allows to make unauthenticated file uploads through a DUPF command. Additionally the filename option in the same command can be used to launch a directory traversal attack an...
BigAnt Server 2 SCH And DUPF Buffer Overflow
This exploits a stack buffer overflow in BigAnt Server 2.97 SP7. The vulnerability is due to the dangerous usage of strcpy while handling errors. This module uses a combination of SCH and DUPF request to trigger the vulnerability, and has been tested successfully against version 2.97 SP7 over...
Polycom HDX Telnet Authorization Bypass Vulnerability
The Polycom HDX is a series of telecommunication and video devices. The telnet component of Polycom HDX video endpoint devices is vulnerable to an authorization bypass when multiple simultaneous connections are repeatedly made to the service, allowing remote network attackers to gain full access ...
Foxit Reader Plugin URL Processing Buffer Overflow
This module exploits a vulnerability in the Foxit Reader Plugin, it exists in the npFoxitReaderPlugin.dll module. When loading PDF files from remote hosts, overly long query strings within URLs can cause a stack-based buffer overflow, which can be exploited to execute arbitrary code. This exploit...
Novell Groupwise Agents HTTP Directory Traversal
This module exploits a directory traversal vulnerability in Novell Groupwise. The vulnerability exists in the web interface of both the Post Office and the MTA agents. This module has been tested successfully on Novell Groupwise 8.02 HP2 over Windows 2003 SP2. This module requires Metasploit:...
Nagios3 history.cgi Host Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class Metasploit3 'Nagios3 history.cgi Hos...
FreeSSHd 1.2.6 Authentication Bypass
require 'msf/core' require 'tempfile' class Metasploit3 "Freesshd Authentication Bypass", 'Description' = %q This module exploits a vulnerability found in FreeSSHd MSFLICENSE, 'Author' = 'Aris', Vulnerability discovery and Exploit 'kcope', 2012 Exploit 'Daniele Martini ' Metasploit module ,...
Exploit Code, Metasploit Module Out for Ruby on Rails Flaws
Just two days after the disclosure of a string of serious vulnerabilities in Ruby on Rails, researchers have released proof-of-concept exploit code for a couple of the flaws and the team at Metasploit have released a module for the penetration testing framework that exploit one of the bugs, as...
Enterasys NetSight nssyslogd.exe Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Enterasys NetSight nssyslogd.exe Buff...
Enterasys NetSight - 'nssyslogd.exe' Remote Buffer Overflow (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Enterasys NetSight nssyslogd.exe Buff...
Enterasys NetSight nssyslogd.exe Buffer Overflow
This module exploits a stack buffer overflow in Enterasys NetSight. The vulnerability exists in the Syslog service nssylogd.exe when parsing a specially crafted PRIO from a syslog message. The module has been tested successfully on Enterasys NetSight 4.0.1.34 over Windows XP SP3 and Windows 2003...
POP3 Login Utility
This module attempts to authenticate to an POP3 service. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/loginscanner/pop3' require 'metasploit/framework/credentialcollection' class...
IBM Lotus QuickR qp2 ActiveX Buffer Overflow Vulnerability
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "AttachmentTimes" property, due to the insecure usage of the swscanf. The affected ActiveX is provided by the qp2.dll installed with the IBM Lotus Quickr...
IBM Lotus iNotes dwa85W ActiveX Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
HP Data Protector DtbClsLogin Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP Data Protector...