1350 matches found
HTTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an MIPSBE payload from an HTTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/http/mipsbe/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...
HTTP Fetch, Reverse TCP Stager
Fetch and execute an AARCH64 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/linux/http/aarch64/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...
TFTP Fetch
Fetch and execute an ARMBE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/armbe/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...
TFTP Fetch
Fetch and execute an MIPSLE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/mipsle/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show...
TFTP Fetch
Fetch and execute a PPC64LE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/ppc64le/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and...
Metasploit Wrap-Up 01/17/2025
Clarity in Cleo Exploitation Last Month, Huntress reported that several Cleo products were being attacked in the wild, including Harmony, VLTrader, and LexiCom. Cleo announced CVE-2024-50623 and that these issues were patched in 5.8.0.21, but Huntress reported the vulnerability was still in those...
cups-browsed Information Disclosure
Retrieve CUPS version and kernel version information from cups-browsed services. Module Options msf use auxiliary/scanner/misc/cupsbrowsedinfodisclosure msf auxiliarycupsbrowsedinfodisclosure show actions ...actions... msf auxiliarycupsbrowsedinfodisclosure set ACTION msf...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
CVE-2023-38831 WinRAR Exploit Generator Created by: tech...
CVE-2013-4557
creationtimestamp| type| source ---|---|--- 2024-09-11 14:19:17+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/spipconnectexec.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...
OpenMediaVault rpc.php Authenticated Cron Remote Code Execution Exploit
OpenMediaVault allows an authenticated user to create cron jobs as root on the system. An attacker can abuse this by sending a POST request via rpc.php to schedule and execute a cron entry that runs arbitrary commands as root on the system. All OpenMediaVault versions including the latest release...
metasploit-framework
This is the Metasploit Framework repository, a comprehensive collection of tools and resources for penetration testing and vulnerability assessment. The repository is maintained by Rapid7 and is used by security professionals to identify and exploit vulnerabilities in computer systems and network...
SMB Fetch, Windows x64 IPv6 Bind TCP Stager
Fetch and execute an x64 payload from an SMB server. Listen for an IPv6 connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/peinject/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6tcp show options ...show an...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ This exploit...
LG Simple Editor Remote Code Execution Exploit
This Metasploit module exploits broken access control and directory traversal vulnerabilities in LG Simple Editor software for gaining code execution. The vulnerabilities exist in versions of LG Simple Editor prior to v3.21. By exploiting this flaw, an attacker can upload and execute a malicious...
CVE-2023-2915
creationtimestamp| type| source ---|---|--- 2023-08-17 20:37:32+00:00| seen| https://t.me/cibsecurity/68769 2025-06-05 15:18:07+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/networking/thinmanagertraversaldelete.rb 2025-10-23 21:13:01+00:00| seen|...
TerraMaster TOS 4.2.15 Remote Code Execution Exploit
This Metasploit module is a Terramaster chained exploit that performs session crafting to achieve escalated privileges that allows an attacker to access vulnerable code execution flaws. TOS versions 4.2.15 and below are affected. This module requires Metasploit: https://metasploit.com/download...
TFTP Fetch, Windows Command Shell, Encrypted Reverse TCP Stager
Fetch and execute an x64 payload from a TFTP server. Spawn a piped command shell staged. Connect to MSF and read in stage Module Options msf use payload/cmd/windows/tftp/x64/encryptedshell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf...
PhoneSploit-Pro - An All-In-One Hacking Tool To Remotely Exploit Android Devices Using ADB And Metasploit-Framework To Get A Meterpreter Session
An all-in-one hacking tool written in Python to remotely exploit Android devices using ADB Android Debug Bridge and Metasploit-Framework. Complete Automation to get a Meterpreter session in One Click This tool can automatically Create , Install , and Run payload on the target device using...
CVE-2022-4978
creationtimestamp| type| source ---|---|--- 2022-11-28 21:16:21+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/remotecontrolcollectionrce.rb 2025-10-23 21:13:00+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...
CVE-2023-31902
creationtimestamp| type| source ---|---|--- 2022-09-28 15:17:23+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/mobilemouserce.rb 2023-05-17 16:31:14+00:00| seen| https://t.me/cibsecurity/64313 2025-10-23 21:13:01+00:00| seen|...