Exploit for Improper Input Validation in Oracle Linux

CVE-2016-2776 A tale of a DNS Packet, a detailed walk-thr...

Hak5 WiFi Pineapple Preconfiguration Command Injection

This module exploits a login/csrf check bypass vulnerability on WiFi Pineapples version 2.0 'Hak5 WiFi Pineapple Preconfiguration Command Injection', 'Description' = %q This module exploits a login/csrf check bypass vulnerability on WiFi Pineapples version 2.0 'catatonicprime', 'License' =...

NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Code Execution', 'Description' = %q The NVRmini 2...

Internet Explorer 11 VBScript engine memory corruption vulnerability

No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Internet Explorer 11 VBScript Engine Memory Corruption", 'Description' = %q This module...

Wolf CMS Metasploit Module Arbitrary File Upload Vulnerability

Wolf CMS is a content management system CMS.Metasploit is one of the security vulnerability detection tool components. An arbitrary file upload vulnerability exists in the Metasploit module of Wolf CMS version 0.8.2. An attacker can use this vulnerability to upload arbitrary files to the /public...

Wolf CMS Metasploit module arbitrary file upload vulnerability (CNVD-2016-04300)

Wolf CMS is a content management system CMS.Metasploit is one of the security vulnerability detection tool components. An arbitrary file upload vulnerability exists in the Metasploit module of Wolf CMS version 0.8.2. An attacker can use this vulnerability to upload arbitrary files to the /public...

SSH Key Persistence

This module will add an SSH key to a specified user or all, to allow remote login via SSH at any time. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sshkey' class MetasploitModule 'SSH Key Persistence',...

Tomabo M3U SEH Based Stack Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Tomabo M3U SEH Based Stack Buffer Overflow', 'Description' = %q This module exploits a stack over flow in Tomabo MP4 Player...

Ubiquiti airOS - Arbitrary File Upload (Metasploit)

Exploit for unix platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ubiquiti airOS Arbitrary File Upload', 'Description' = %q This module exploits a pre-auth fi...

Oracle ATS Arbitrary File Upload

This module exploits an authentication bypass and arbitrary file upload in Oracle Application Testing Suite OATS, version 12.4.0.2.0 and unknown earlier versions, to upload and execute a JSP shell. This module requires Metasploit: https://metasploit.com/download Current source:...

Advantech Webaccess Dashboard Viewer - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Advantech WebAccess Dashboard Viewer Arbitrary File Upload", 'Description' = %q This module exploits an arbitrary file upload...

Exim - 'perl_startup' Privilege Escalation (Metasploit)

Exploit for linux platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Exim "perlstartup" Privilege Escalation', 'Description' = %q This module exploits a Perl...

Exim "perl_startup" Privilege Escalation

This module exploits a Perl injection vulnerability in Exim 'Exim "perlstartup" Privilege Escalation', 'Description' = %q This module exploits a Perl injection vulnerability in Exim 'Dawid Golunski', Vulnerability discovery 'wvu' Metasploit module , 'References' = %wCVE 2016-1531, %wEDB 39549,...

Novell Service Desk 7.1.0 Code Execution / Information Disclosure

Hi, Novell Service Desk now rebranded as Micro Focus Service Desk 7.1.0 and below has a number of critical vulnerabilities that allow remote code execution, information disclosure, etc, by authenticated users. Check the full advisory below for details. Novell / Micro Focus have documented these...

Novell ServiceDesk Authenticated File Upload

This module exploits an authenticated arbitrary file upload via directory traversal to execute code on the target. It has been tested on versions 6.5 and 7.1.0, in Windows and Linux installations of Novell ServiceDesk, as well as the Virtual Appliance provided by Novell. This module requires...

Apache Jetspeed Arbitrary File Upload

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Jetspeed Arbitrary File Upload', 'Description' = %q This module exploits the unsecured User Manager REST API and a ZIP file path traversal ...

PHP Utility Belt - Remote Code Execution (Metasploit)

Exploit for php platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'PHP Utility Belt Remote Code Execution', 'Description' = %q This module exploit...

Environmental Systems Corporation Data Controllers Vulnerabilities

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-147-01A Environmental Systems Corporation Data Controllers Vulnerabilities that was published June 2, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified data controller...

Microsoft Windows - NetAPI32.dll Code Execution (Python) (MS08-067)

Microsoft Windows - NetAPI32.dll Code Execution Python MS08-067 import struct import time import sys from threading import Thread Thread is imported incase you would like to modify try: from impacket import smb from impacket import uuid from impacket import dcerpc from impacket.dcerpc.v5 import...

http-vuln-cve2014-3704 NSE Script

Exploits CVE-2014-3704 also known as 'Drupageddon' in Drupal. Versions 7.32 of Drupal core are known to be affected. Vulnerability allows remote attackers to conduct SQL injection attacks via an array containing crafted keys. The script injects new Drupal administrator user via login form and the...