1194 matches found
Disk Savvy Enterprise - GET Buffer Overflow (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'DiskSavvy Enterprise GET Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability ...
DiskSavvy Enterprise GET Buffer Overflow
This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise v9.1.14 and v9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on Windows XP SP...
DiskBoss Enterprise - GET Buffer Overflow (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'DiskBoss Enterprise GET Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability i...
Malware exploit: Dakcomet
Dakcomet Kevin Breen - DarkComet From Defense To Offense - Identify your Attacker Slides POC by Shawn Denbow and Jesse Herts Wikipedia Vulnerabilities Remote file read Data base poisoning SQL injection DarkComet ToolKit DarkComet Metasploit Module Last updated on 14th Jan 2017 None...
Cisco Firepower Management Console 6.0 - Post Authentication UserAdd (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Cisco Firepower Management Console 6.0 Post Authentication UserAdd Vulnerability", 'Description' = %q This module exploits a...
Zyxel / Eir D1000 DSL Modem NewNTPServer Command Injection Over TR-064 Exploit
Broadband DSL modems manufactured by Zyxel and distributed by some European ISPs are vulnerable to a command injection vulnerability when setting the 'NewNTPServer' value using the TR-64 SOAP-based configuration protocol. In the tested case, no authentication is required to set this value on...
PowerShellEmpire Arbitrary File Upload (Skywalker) Exploit
A vulnerability existed in the PowerShellEmpire server prior to commit f030cf62 which would allow an arbitrary file to be written to an attacker controlled location with the permissions of the Empire server. This exploit will write the payload to /tmp/ directory followed by a cron.d file to execu...
PowerShellEmpire Arbitrary File Upload (Skywalker)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'PowerShellEmpire Arbitrary File Upload Skywalker', 'Description' = %q A vulnerability existed in the PowerShellEmpire server...
DLink DIR Routers HNAP Login Stack Buffer Overflow Vulnerability
A stack buffer overflow affects several D-Link routers and can be exploited by an unauthenticated attacker. The interesting thing about this vulnerability is that it affects both ARM and MIPS devices, so exploitation is slightly different for each type. A stack bof in several Dlink routers, which...
UNIX Gather AWS Keys
This module will attempt to read AWS configuration files .aws/config, .aws//credentials and .s3cfg for users discovered on the session'd system and extract AWS keys from within. This module requires Metasploit: https://metasploit.com/download Current source:...
Telpho10 Backup Credentials Dumper
This module exploits a vulnerability present in all versions of Telpho10 telephone system appliance. This module generates a configuration backup of Telpho10, downloads the file and dumps the credentials for admin login, phpmyadmin, phpldapadmin, etc. This module has been successfully tested on t...
Hak5 WiFi Pineapple Preconfiguration Command Injection 2
This Metasploit module exploits a command injection vulnerability on WiFi Pineapples versions 2.0 and below and pineapple versions prior to 2.4. We use a combination of default credentials with a weakness in the anti-csrf generation to achieve command injection on fresh pineapple devices prior to...
Hak5 WiFi Pineapple Preconfiguration Command Injection 2
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Hak5 WiFi Pineapple Preconfiguration Command Injection', 'Description' = %q This module exploits a command injection...
PowerShellEmpire Arbitrary File Upload (Skywalker)
A vulnerability existed in the new Empire maintained by BC Security prior to commit e73e883 Authors Spencer McIntyre Erik Daguerre ACE-Responder Takahiro Yokoyama Platform Linux,Python This module requires Metasploit: https://metasploit.com/download Current source:...
Allwinner 3.4 Legacy Kernel Local Privilege Escalation
Exploit for hardware platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule "Allwinner 3.4 Legacy Kernel Local Privilege Escalation", "Description...
Linux Kernel recvmmsg Privilege Escalation
This module attempts to exploit CVE-2014-0038, by sending a recvmmsg system call with a crafted timeout pointer parameter to gain root. This exploit has offsets for 3 Ubuntu 13 kernels: 3.8.0-19-generic 13.04 default; 3.11.0-12-generic 13.10 default; 3.11.0-15-generic 13.10. This exploit may take...
Exploit for Improper Input Validation in Oracle Linux
CVE-2016-2776 A tale of a DNS Packet, a detailed walk-thr...
Hak5 WiFi Pineapple Preconfiguration Command Injection
This module exploits a login/csrf check bypass vulnerability on WiFi Pineapples version 2.0 'Hak5 WiFi Pineapple Preconfiguration Command Injection', 'Description' = %q This module exploits a login/csrf check bypass vulnerability on WiFi Pineapples version 2.0 'catatonicprime', 'License' =...
NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Code Execution', 'Description' = %q The NVRmini 2...
Internet Explorer 11 VBScript engine memory corruption vulnerability
No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Internet Explorer 11 VBScript Engine Memory Corruption", 'Description' = %q This module...