1194 matches found
ElasticSearch Snapshot API Directory Traversal
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'json' class Metasploit3 'ElasticSearch Snapshot API Directory Traversal', 'Description' = %q This module exploits a directory traversal...
ElasticSearch Snapshot API Directory Traversal
'This module exploits a directory traversal vulnerability in ElasticSearch, allowing an attacker to read arbitrary files with JVM process privileges, through the Snapshot API.' This module requires Metasploit: https://metasploit.com/download Current source:...
ManageEngine ServiceDesk Plus Arbitrary File Upload Exploit
This Metasploit module exploits a file upload vulnerability in ManageEngine ServiceDesk Plus. The vulnerability exists in the FileUploader servlet which accepts unauthenticated file uploads. This Metasploit module has been tested successfully on versions v9 b9000 - b9102 in Windows and Linux. The...
Zemra Botnet CnC Web Panel Remote Code Execution Exploit
This Metasploit module exploits the CnC web panel of Zemra Botnet which contains a backdoor inside its leaked source code. Zemra is a crimeware bot that can be used to conduct DDoS attacks and is detected by Symantec as Backdoor.Zemra. This module requires Metasploit: http://metasploit.com/downlo...
ManageEngine ServiceDesk Plus Arbitrary File Upload
This module exploits a file upload vulnerability in ManageEngine ServiceDesk Plus. The vulnerability exists in the FileUploader servlet which accepts unauthenticated file uploads. This module has been tested successfully on versions v9 b9000 - b9102 in Windows and Linux. The MSP versions do not...
ManageEngine OpManager Remote Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ManageEngine OpManager Remote Code Execution', 'Description' = %q This module exploits a default credential vulnerability in...
Endian Firewall Proxy Password Change Command Injection Exploit
This Metasploit module exploits an OS command injection vulnerability in a web-accessible CGI script used to change passwords for locally-defined proxy user accounts. Valid credentials for such an account are required. Command execution will be in the context of the "nobody" account, but this...
BusyBox DNS Configuration
This module will be applied on a session connected to a BusyBox shell. It allows to set the DNS server on the device executing BusyBox so it will be sent by the DHCP server to network hosts. This module requires Metasploit: https://metasploit.com/download Current source:...
D-Link Cookie Command Execution
This module exploits an anonymous remote upload and code execution vulnerability on different D-Link devices. The vulnerability is a command injection in the cookie handling process of the lighttpd web server when handling specially crafted cookie values. This module has been successfully tested ...
Heroes Of Might And Magic III .h3m Map File Buffer Overflow Exploit
This Metasploit module embeds an exploit into an uncompressed map file .h3m for Heroes of Might and Magic III. Once the map is started in-game, a buffer overflow occurring when loading object sprite names leads to shellcode execution. This module requires Metasploit: http://metasploit.com/downloa...
OpenSSL Alternative Chains Certificate Forgery MITM Proxy
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'openssl' class Metasploit3 'OpenSSL Alternative Chains Certificate Forgery MITM Proxy', 'Description' = %q This module exploits a logic error ...
WordPress All-in-One Migration Export
This module allows you to export Wordpress data such as the database, plugins, themes, uploaded files, etc via the All-in-One Migration plugin without authentication. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...
D-Link Devices - Cookie Command Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'D-Link Cookie Command Execution', 'Description' = %q This module exploits an anonymous remote upload and code execution vulnerabilit...
Hacking Team Flash Zero Day Weaponized in Exploit Kits
Handlers for three major exploit kits have managed to utilize in short order a zero-day vulnerability in Adobe Flash Player uncovered among the 400 Gb of data stolen from Hacking Team. Experts, including French researcher Kafeine and a number of others from security companies, revealed last night...
SysAid Help Desk Administrator Portal < 14.4 - Arbitrary File Upload (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'SysAid Help Desk Administrator Portal Arbitrary File Upload', 'Description' = %q This module exploits a file upload vulnerabili...
Airties login-cgi Buffer Overflow Exploit
Exploit for hardware platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Airties login-cgi Buffer Overflow', 'Description' = %q This module exploit...
Realtek SDK Miniigd UPnP SOAP Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Realtek SDK Miniigd UPnP SOAP Command Execution', 'Description' = %q Different devices using the Realtek SDK with the miniigd daemon...
Airties login-cgi Buffer Overflow
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Airties login-cgi Buffer Overflow', 'Description' = %q This module exploits a remote buffer overflow vulnerability on several Airtie...
WordPress Simple Backup File Read Vulnerability
This module exploits a directory traversal vulnerability in WordPress Plugin "Simple Backup" version 2.7.10, allowing to read arbitrary files with the web server privileges. This module requires Metasploit: https://metasploit.com/download Current source:...
F5 BigIP HTTP Virtual Server Scanner
This module scans for BigIP HTTP virtual servers using banner grabbing. BigIP system uses different HTTP profiles for managing HTTP traffic and these profiles allow to customize the string used as Server HTTP header. The default values are "BigIP" or "BIG-IP" depending on the BigIP system version...