📄 Generic Payload Handler

This Metasploit module is a stub that provides all of the features of the Metasploit payload system to exploits that have been launched outside of the framework. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

📄 Malicious XDG Desktop File

This Metasploit module creates a malicious XDG Desktop .desktop file. On most modern systems, desktop files are not trusted by default. The user will receive a warning prompt that the file is not trusted when running the file, but may choose to run the file anyway. The default file manager...

📄 Malicious Windows Script Host VBScript File

This Metasploit module creates a Windows Script Host WSH VBScript .vbs file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Malicious Windows Script Host VBScript .vbs File', 'Description' = %...

shellshocker-pocs

This repository contains a collection of Proof of Concepts PoCs and potential targets for the Shellshock vulnerability, also known as Bash Bug. The vulnerability affects the Bash shell and allows an attacker to execute arbitrary code by injecting malicious environment variables. The repository...

Exploit for Classic Buffer Overflow in Microsoft

ExplodingCan An implementation of ExplodingCan's exploit extracted from FuzzBunch, the "Metasploit" of the NSA. Details Vulnerability: Microsoft IIS WebDav 'ScStoragePathFromUrl' Remote Buffer Overflow CVE: CVE-2017-7269 Disclosure date: March 31 2017 Affected product: Microsoft Windows Server 20...

Exploit for Command Injection in Tp-Link Tl-Wr940N_Firmware

CVE-2023-33538 – TP-Link TL-WR940N/841N Command Injection Met...

Exploit for Allocation of Resources Without Limits or Throttling in Openbsd Openssh

CVE-2025-26466 Metasploit module OpenSSH versions 9.5p1 to...

OS Command Exec, Unix Command Shell, Reverse TCP SSL (via php)

Execute an OS command from PHP. Creates an interactive shell via php, uses SSL Module Options msf use payload/php/unix/cmd/reversephpssl msf payloadreversephpssl show actions ...actions... msf payloadreversephpssl set ACTION msf payloadreversephpssl show options ...show and set options... msf...

OS Command Exec, Unix Command Shell, Reverse UDP (via socat)

Execute an OS command from PHP. Creates an interactive shell via socat Module Options msf use payload/php/unix/cmd/reversesocatudp msf payloadreversesocatudp show actions ...actions... msf payloadreversesocatudp set ACTION msf payloadreversesocatudp show options ...show and set options... msf...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

Blackash-CVE-2025-24071 CVE-2025-24071: NTLM Hash Leak via...

📄 Langflow AI Remote Code Execution

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

Appsmith RCE

An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. Module Options msf use exploit/linux/http/appsmithrcecve202455964 msf exploitappsmithrcecve202455964 show targets ...targets... msf...

📄 Appsmith Remote Code Execution

An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

CrushFTP AWS4-HMAC Authentication Bypass

This module leverages an authentication bypass in CrushFTP 11 use auxiliary/gather/crushftpauthbypasscve20252825 msf auxiliarycrushftpauthbypasscve20252825 show actions ...actions... msf auxiliarycrushftpauthbypasscve20252825 set ACTION msf auxiliarycrushftpauthbypasscve20252825 show options...

Sitecore CVE-2025-27218 BinaryFormatter Deserialization

This Metasploit module exploits a .NET deserialization vulnerability in Sitecore Experience Manager XM and Experience Platform XP 10.4 by injecting a malicious Base64-encoded BinaryFormatter payload into an HTTP header. This module requires Metasploit: https://metasploit.com/download Current...

CVE-2024-55964

creationtimestamp| type| source ---|---|--- 2025-03-26 20:25:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8967 2025-03-26 22:15:26+00:00| seen| https://t.me/cvedetector/21220 2025-04-07 14:00:17+00:00| seen|...

Eramba Remote Code Execution

This Metasploit module exploits a remote code execution vulnerability in Eramba. An authenticated user can execute arbitrary commands on the server by exploiting the path parameter in the download-test-pdf endpoint. Eramba debug mode has to be enabled. Versions up to 3.19.1 are affected. This...

Windows Cloud File Mini Filer Driver Heap Overflow

This module exploits the Windows Cloud Files Mini FIlter Driver cldflt.sys on Windows workstation versions 101809 through 1123H2 and Windows server versions 2022 to 2223H2. Module Options msf use exploit/windows/local/cve202430085cloudfiles msf exploitcve202430085cloudfiles show targets...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2025-24071: NTLM Hash Leak via .library-ms File Metasplo...

Get NAA Credentials

This module attempts to retrieve the Network Access Accounts, if configured, from the SCCM server. This requires a computer account, which can be added using the samraccount module. Module Options msf use auxiliary/admin/sccm/getnaacredentials msf auxiliarygetnaacredentials show actions...