13537 matches found
CVE-2024-55964
creationtimestamp| type| source ---|---|--- 2025-03-26 20:25:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8967 2025-03-26 22:15:26+00:00| seen| https://t.me/cvedetector/21220 2025-04-07 14:00:17+00:00| seen|...
Eramba Remote Code Execution
This Metasploit module exploits a remote code execution vulnerability in Eramba. An authenticated user can execute arbitrary commands on the server by exploiting the path parameter in the download-test-pdf endpoint. Eramba debug mode has to be enabled. Versions up to 3.19.1 are affected. This...
Creating an FTP Server Buffer Overflow Exploit with Metasploit
This paper, written in Brazilian Portuguese, explains how to create a common exploit from the data of a Metasploit Framework exploit to exploit a vanilla buffer overflow on an FTP server. In the context of application security, the author provides mitigation recommendations...
Windows Cloud File Mini Filer Driver Heap Overflow
This module exploits the Windows Cloud Files Mini FIlter Driver cldflt.sys on Windows workstation versions 101809 through 1123H2 and Windows server versions 2022 to 2223H2. Module Options msf use exploit/windows/local/cve202430085cloudfiles msf exploitcve202430085cloudfiles show targets...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft
CVE-2025-24071: NTLM Hash Leak via .library-ms File Metasplo...
Metasploit Weekly Wrap-Up 03/14/25
New module content 1 InvoiceShelf unauthenticated PHP Deserialization Vulnerability Authors: Mickaël Benassouli, Rémi Matasse, and h00die-gr3y Type: Exploit Pull request: 19950 contributed by h00die-gr3y Path: linux/http/invoiceshelfunauthrcecve202455556 AttackerKB reference: CVE-2024-55556...
Get NAA Credentials
This module attempts to retrieve the Network Access Accounts, if configured, from the SCCM server. This requires a computer account, which can be added using the samraccount module. Module Options msf use auxiliary/admin/sccm/getnaacredentials msf auxiliarygetnaacredentials show actions...
NetAlertX File Read Vulnerability
This module exploits improper authentication in logs.php endpoint. An unathenticated attacker can request log file and read any file due path traversal vulnerability. Module Options msf use auxiliary/scanner/http/netalertxfileread msf auxiliarynetalertxfileread show actions ...actions... msf...
Metasploit Weekly Wrap-Up 02/21/2025
BeyondTrust exploit + fetch payload updates This Metasploit release includes an exploit module that chains two vulnerabilities, one exploited in the wild by APT groups and another one, a 0-day discovered by Rapid7 during the vulnerability analysis. This week's release also includes a significant...
TFTP Fetch
Fetch and execute a PPC64LE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/ppc64le/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show...
HTTPS Fetch
Fetch and execute an ARMBE payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/armbe/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...
TFTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an AARCH64 payload from a TFTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/tftp/aarch64/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...
TFTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an MIPSLE payload from a TFTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/tftp/mipsle/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sh...
TFTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an ARMLE payload from a TFTP server. Connect to target and spawn a command shell Module Options msf use payload/cmd/linux/tftp/armle/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show an...
HTTPS Fetch
Fetch and execute an MIPSBE payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/mipsbe/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...sh...
HTTPS Fetch, Linux dup2 Command Shell, Bind TCP Stager
Fetch and execute an ARMLE payload from an HTTPS server. dup2 socket in r12, then execve. Listen for a connection Module Options msf use payload/cmd/linux/https/armle/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show...
HTTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an ARMLE payload from an HTTP server. Connect to target and spawn a command shell Module Options msf use payload/cmd/linux/http/armle/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show a...
HTTP Fetch, Linux Reboot
Fetch and execute an MIPSLE payload from an HTTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/http/mipsle/reboot msf payloadreboot...
HTTP Fetch
Fetch and execute an ARMLE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/armle/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show a...
TFTP Fetch
Fetch and execute an ARMBE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/armbe/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show an...