Lucene search
+L

649 matches found

rapid7blog
rapid7blog
added 2024/01/26 9:12 p.m.73 views

Metasploit Weekly Wrap-Up 01/26/24

Direct Syscalls Support for Windows Meterpreter Direct system calls are a well-known technique that is often used to bypass EDR/AV detection. This technique is particularly useful when dynamic analysis is performed, where the security software monitors every process on the system to detect any...

7.5CVSS10AI score0.99999EPSS
Exploits104
metasploit
metasploit
added 2024/01/24 7:49 p.m.619 views

GL.iNet Unauthenticated Remote Command Execution via the logread module.

A command injection vulnerability exists in multiple GL.iNet network products, allowing an attacker to inject and execute arbitrary shell commands via JSON parameters at the glsystemlog and glcrashlog interface in the logread module. This exploit requires post-authentication using the Admin-Token...

9.8CVSS9.2AI score0.47804EPSS
Exploits5
metasploit
metasploit
added 2024/01/23 7:49 p.m.147 views

Memory Search

This module allows for searching the memory space of running processes for potentially sensitive data such as passwords. Module Options msf use post/multi/gather/memorysearch msf postmemorysearch show actions ...actions... msf postmemorysearch set ACTION msf postmemorysearch show options ...show...

7AI score
Exploits0
metasploit
metasploit
added 2024/01/23 7:49 p.m.174 views

Saltstack Minion Payload Deployer

This exploit module uses saltstack salt to deploy a payload and run it on all targets which have been selected default all. Currently only works against nix targets. Module Options msf use exploit/linux/local/saltstacksaltminiondeployer msf exploitsaltstacksaltminiondeployer show targets...

7.1AI score
Exploits0
packetstorm
packetstorm
added 2024/01/18 12:0 a.m.561 views

WordPress Backup Migration 1.3.7 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Backup Migration Plugin PHP Filter Chain RCE', 'Description' = %q This module exploits an unauth RCE in the WordPress plugin: Backup...

9.8CVSS7.4AI score0.97846EPSS
Exploits14
metasploit
metasploit
added 2024/01/17 7:50 p.m.197 views

Ansible Agent Payload Deployer

This exploit module creates an ansible module for deployment to nodes in the network. It creates a new yaml playbook which copies our payload, chmods it, then runs it on all targets which have been selected default all. Module Options msf use exploit/linux/local/ansiblenodedeployer msf...

7AI score
Exploits0
kitploit
kitploit
added 2023/11/27 11:30 a.m.32 views

MaccaroniC2 - A PoC Command And Control Framework That Utilizes The Powerful AsyncSSH

MaccaroniC2 is a proof-of-concept Command and Control framework that utilizes the powerful AsyncSSH Python library which provides an asynchronous client and server implementation of the SSHv2 protocol and use PyNgrok wrapper for ngrok integration. This tool is inspired for a specific scenario whe...

7.3AI score
Exploits0References2
rapid7blog
rapid7blog
added 2023/11/03 7:10 p.m.66 views

Metasploit Weekly Wrap-Up

PTT for DCSync This week, community member smashery made an improvement to the windowssecretsdump module to enable it to dump domain hashes using the DCSync method after having authenticated with a Kerberos ticket. Now, if a user has a valid Kerberos ticket for a privileged account, they can run...

5CVSS8AI score0.99999EPSS
Exploits15
packetstorm
packetstorm
added 2023/09/27 12:0 a.m.464 views

Microsoft Error Reporting Local Privilege Elevation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Error Reporting Local Privilege Elevation Vulnerability', 'Description' = %q This module takes advantage of a bug in the way Windows...

7.8CVSS7.1AI score0.42602EPSS
Exploits5
packetstorm
packetstorm
added 2023/09/21 12:0 a.m.495 views

TOTOLINK Wireless Routers Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'TOTOLINK Wireless Routers unauthenticated remote command execution vulnerability.', 'Description' = %q Multiple TOTOLINK...

9.8CVSS7.1AI score0.25889EPSS
Exploits4
packetstorm
packetstorm
added 2023/09/14 12:0 a.m.486 views

Windows Common Log File System Driver (clfs.sys) Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Common Log File System Driver clfs.sys Elevation of Privilege Vulnerability', 'Description' = %q A privilege escalation vulnerability...

7.8CVSS7.1AI score0.48973EPSS
Exploits10
metasploit
metasploit
added 2023/09/06 7:51 p.m.499 views

SolarView Compact unauthenticated remote command execution vulnerability.

CONTEC's SolarView Series enables you to monitor and visualize solar power and is only available in Japan. This module exploits a command injection vulnerability on the SolarView Compact v6.00 web application via vulnerable endpoint downloader.php. After exploitation, an attacker will have full...

9.8CVSS9.6AI score0.99273EPSS
Exploits9
packetstorm
packetstorm
added 2023/09/06 12:0 a.m.352 views

SolarView Compact 6.00 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarView Compact unauthenticated remote command execution vulnerability.', 'Description' = %q CONTEC's SolarView™ Series enables you to monitor...

9.8CVSS7.1AI score0.99273EPSS
Exploits9
zdt
zdt
added 2023/08/21 12:0 a.m.727 views

Jorani Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Jorani versions prior to 1.0.2. It abuses log poisoning and redirection bypass via header spoofing and then it uses path traversal to trigger the vulnerability. It has been tested on Jorani 1.0.0. This modul...

9.8CVSS8.2AI score0.81918EPSS
Exploits5
rapid7blog
rapid7blog
added 2023/08/18 5:22 p.m.65 views

Metasploit Weekly Wrap-Up

Meterpreter Testing This week’s release adds new payload tests to our automated test suite. This is intended to help the team and community members identify issues and behavior discrepancies before changes are made. Payloads run on a variety of different platforms including Windows, Linux, and OS...

7.5CVSS9.7AI score0.98725EPSS
Exploits10
packetstorm
packetstorm
added 2023/08/17 12:0 a.m.933 views

Maltrail 0.53 Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Maltrail Unauthenticated Command Injection', 'Description' = %q Maltrail is a malicious traffic detection system, utilizing publicly available...

7.1AI score
Exploits0
zdt
zdt
added 2023/08/15 12:0 a.m.419 views

RaspAP 2.8.7 Unauthenticated Command Injection Exploit

RaspAP is feature-rich wireless router software that just works on many popular Debian-based devices, including the Raspberry Pi. A Command Injection vulnerability in RaspAP versions 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands in the context of the user running...

9.8CVSS8.3AI score0.98725EPSS
Exploits3
packetstorm
packetstorm
added 2023/08/04 12:0 a.m.312 views

Intelliants Subrion CMS 4.2.1 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Intelliants Subrion CMS 4.2.1 - Authenticated File Upload Bypass to RCE', 'Description' = %q This module exploits an authenticated file upload...

7.2CVSS7.1AI score0.64261EPSS
Exploits10
metasploit
metasploit
added 2023/08/03 7:50 p.m.568 views

Intelliants Subrion CMS 4.2.1 - Authenticated File Upload Bypass to RCE

This module exploits an authenticated file upload vulnerability in Subrion CMS versions 4.2.1 and lower. The vulnerability is caused by the .htaccess file not preventing the execution of .pht, .phar, and .xhtml files. Files with these extensions are not included in the .htaccess blacklist, hence...

7.2CVSS8AI score0.64261EPSS
Exploits10
metasploit
metasploit
added 2023/08/02 7:50 p.m.181 views

OSX Meterpreter, Reverse HTTPS Inline

Run the Meterpreter / Mettle server payload stageless Module Options msf use payload/osx/aarch64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and set...

7.1AI score
Exploits0
Rows per page
Query Builder