1198 matches found
Windows 10 UAC Protection Bypass Via Windows Store (WSReset.exe) And Registry Exploit
This Metasploit module exploits a flaw in the WSReset.exe file associated with the Windows Store. This binary has autoelevate privs, and it will run a binary file contained in a low-privilege registry location. By placing a link to the binary in the registry location, WSReset.exe will launch the...
Windows 10 UAC Protection Bypass Via Windows Store (WSReset.exe) and Registry
This module exploits a flaw in the WSReset.exe file associated with the Windows Store. This binary has autoelevate privs, and it will run a binary file contained in a low-privilege registry location. By placing a link to the binary in the registry location, WSReset.exe will launch the binary as a...
Ubiquiti airOS Arbitrary File Upload
This module exploits a pre-auth file upload to install a new root user to /etc/passwd and an SSH key to /etc/dropbear/authorizedkeys. FYI, /etc/passwd,dropbear/authorizedkeys will be overwritten. /etc/persistent/rc.poststart will be overwritten if PERSISTETC is true. This method is used by the "m...
ManageEngine Application Manager 14.2 Privilege Escalation / Remote Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Application Manager v14.2 - Privilege Escalation / Remote Command Execution", 'Description' = %q This module exploits sqli and comman...
ManageEngine Application Manager 14.2 - Privilege Escalation / Remote Command Execution Exploit
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Application Manager v14.2 - Privilege Escalation / Remote Command Execution", 'Description' = %q This module exploits sqli and comman...
ManageEngine Application Manager 14.2 - Privilege Escalation Remote Command Execution (Metasploit)
ManageEngine Application Manager 14.2 - Privilege Escalation Remote Command Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Application Manager v14.2 - Privileg...
Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload Remote Code Execution (Metasploit)
Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload Remote Code Execution Metasploit Exploit Title: Authenticated insecure file upload and code execution flaw in Ahsay Backup v7.x - v8.1.1.50. Metasploit Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage:...
Microsoft Windows NtUserSetWindowFNID Win32k User Callback
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows NtUserSetWindowFNID Win32k User Callback', 'Description' = %q An elevation of privilege vulnerability exists in Windows when the Win32k...
Microsoft Windows RDP BlueKeep Denial Of Service
Exploit Title: Bluekeep Denial of Service metasploit module Shodan Dork: port:3389 Date: 07/14/2019 Exploit Author: RAMELLA Sebastien https://github.com/mekhalleh/ Vendor Homepage: https://microsoft.com Version: all affected RDP services by cve-2019-0708 Tested on: Windows XP 32-bits / Windows 7...
Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service (Metasploit)
Exploit Title: Bluekeep Denial of Service metasploit module Shodan Dork: port:3389 Date: 07/14/2019 Exploit Author: RAMELLA Sebastien https://github.com/mekhalleh/ Vendor Homepage: https://microsoft.com Version: all affected RDP services by cve-2019-0708 Tested on: Windows XP 32-bits / Windows 7...
Xymon useradm Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xymon useradm Command Execution', 'Description' = %q This module exploits a command injection vulnerability in Xymon versions before 4.3.25 which...
Nagios XI Magpie_debug.php Root Remote Code Execution Exploit
This Metasploit module exploits two vulnerabilities in Nagios XI 5.5.6. One allows for unauthenticated remote code execution and another allows for local privilege escalation. When combined, these two vulnerabilities give us a root reverse shell. This module requires Metasploit:...
Cisco Prime Infrastructure Runrshell Privilege Escalation Exploit
Exploit for hardware platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Prime Infrastructure Runrshell Privilege Escalation', 'Description' = %q This...
Working BlueKeep Exploit Developed by DHS
The Department of Homeland Security has confirmed it has developed a working exploit for the “wormable” BlueKeep vulnerability. The agency issued an alert on Monday urging Windows users to update their machines as soon as possible. The alert heightens concerns that malicious actors could soon als...
Cisco Prime Infrastructure Runrshell Privilege Escalation
This modules exploits a vulnerability in Cisco Prime Infrastructure's runrshell binary. The runrshell binary is meant to execute a shell script as root, but can be abused to inject extra commands in the argument, allowing you to execute anything as root. This module requires Metasploit:...
LibreNMS addhost Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreNMS addhost Command Injection', 'Description' = %q This module exploits a command injection vulnerability in the open source network...
Yum Package Manager Persistence Exploit
This Metasploit module will run a payload when the package manager is used. No handler is run automatically so you must configure an appropriate exploit/multi/handler to connect. Module modifies a yum plugin to launch a binary of choice. grep -F 'enabled=1' /etc/yum/pluginconf.d/ will show what...
ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution Exploit
This Metasploit module exploits SQL injection and command injection vulnerabilities in ManageEngine AM 14 and prior versions. An unauthenticated user can gain the authority of "system" on the server due to the SQL injection vulnerability. The exploit allows the writing of the desired file to the...
WordPress 5.0.0 crop-image Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Crop-image Shell Upload', 'Description' = %q This module exploits a path traversal and a local file inclusion vulnerability on WordPres...
IBM BigFix Relay Server Sites and Package Enum
This module retrieves masthead, site, and available package information from IBM BigFix Relay Servers. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM BigFix Relay Server Sites and Package...