Oracle Secure Backup Authentication Bypass / Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability', 'Description' = %q This module exploits an authentication bypass...

Nuuo Central Management Server User Session Token Bruteforce

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'benchmark' class MetasploitModule 'Nuuo Central Management Server User Session Token Bruteforce', 'Description' = %q Nuuo Central Management Server below versio...

Cisco Data Center Network Manager Unauthenticated File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Data Center Network Manager Unauthenticated File Download', 'Description' = %q DCNM exposes a servlet to download files on...

Cisco IKE Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IKE Information Disclosure', 'Description' = %q A vulnerability in Internet Key Exchange version 1 IKEv1 packet processing code in Cisco IO...

MMS Client

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MMS Client', 'Description' = %q This module sends an MMS message to multiple phones of the same carrier. You can use it to send a malicious...

Ruby on Rails Action View MIME Memory Exhaustion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby on Rails Action View MIME Memory Exhaustion', 'Description' = %q This module exploits a Denial of Service DoS condition in Action View that...

Fake DNS Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'resolv' class MetasploitModule 'Fake DNS Service', 'Description' = %q This module provides a DNS service that redirects all queries to a particular address. ,...

Windows Secrets Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rubysmb/dcerpc/client' class MetasploitModule Rex::Proto::Kerberos::Crypto::Encryption::DESCBCCRC, 3 = Rex::Proto::Kerberos::Crypto::Encryption::DESCBCMD5, 17 =...

Microsoft RRAS InterfaceAdjustVLSPointers NULL Dereference

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft RRAS InterfaceAdjustVLSPointers NULL Dereference', 'Description' = %q This module triggers a NULL dereference in svchost.exe on all...

LDAP Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LDAP Information Disclosure', 'Description' = %q This module uses an anonymous-bind LDAP connection to dump data from an LDAP server. Searching f...

Dolibarr Gather Credentials via SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dolibarr Gather Credentials via SQL Injection', 'Description' = %q This module enables an authenticated user to collect the usernames and encrypt...

Ray Static Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ray static arbitrary file read', 'Description' = %q Ray before 2.8.1 is vulnerable to a local file inclusion. , 'Author' = 'byt3bl33d3r ', Python...

Netlogon Weak Cryptographic Authentication

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'windowserror' class MetasploitModule 'Netlogon Weak Cryptographic Authentication', 'Description' = %q A vulnerability exists within the Netlogon authentication...

Cambium CnPilot R200/r201 Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium cnPilot r200/r201 Command Execution as 'root'", 'Description' = %q Cambium cnPilot r200/r201 device software versions 4.2.3-R4 to 4.3.3-R...

Telisca IPS Lock Cisco IP Phone Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Telisca IPS Lock Cisco IP Phone Control', 'Description' = %q This module allows an unauthenticated attacker to exercise the "Lock" and "Unlock"...

Tomcat UTF-8 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tomcat UTF-8 Directory Traversal Vulnerability', 'Description' = %q This module tests whether a directory traversal vulnerability is present in...

Native DNS Spoofer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Native DNS Spoofer Example', 'Description' = %q This module provides a Rex based DNS service to resolve queries intercepted via the capture mixin...

Pi3Web ISAPI Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi3Web ISAPI DoS', 'Description' = %q The Pi3Web HTTP server crashes when a request is made for an invalid DLL file in /isapi for versions 2.0.13...

IBM Lotus Sametime Version Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule Release .+?/i , 'api', 'meeting', /^meeting=.$/i , 'api', 'appshare', /^appshare=.$/i , 'api', 'docshare', /^docshare=.$/i , 'api',...

Gather Quake Server Information

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gather Quake Server Information', 'Description' = %q This module uses the getstatus or getinfo request to obtain information from a Quakeserver. ...