3059 matches found
Commvault Communications Service (cvd) - Command Injection Exploit
Exploit for windows platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Commvault Communications Service cvd Command...
Citrix StoreFront 3.9 Unable to Refresh
Upgrading StoreFront from 3.6 to 3.9 works fine and when we open the Citrix StoreFront gives an error message:"unable to refresh" with error "A PowerShell SDK execution error occurred with exception thrown at defaultDocument"...
In-Spectre-Meltdown - Tool to identify Meltdown & Spectre Vulnerabilities in processors
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 Meltdown and CVE-2017-5715 Spectre allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways ...
“Ready Player One” – Are you Ready to Protect Your Endpoints from the Bad Guys?
At times it can feel like a game as you watch the cyber-breach scorecards. Yahoo 3 billion users, Equifax 143 million consumers, Uber 57 million users, Imgur 1.7 million users are just a sample of the companies that have released new information on large breaches in the last few months...
ADRecon - Tool Which Gathers Information About The Active Directory
ADRecon is a tool which extracts various artifacts as highlighted below out of an AD environment in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis. The report can provide a holistic picture of the current state of the target AD...
The Automated Collection and Enrichment Platform: ACE
The Automated Collection and Enrichment ACE platform is a suite of tools for threat hunters to collect data from many endpoints in a network and automatically enrich the data. The data is collected by running scripts on each computer without installing any software on the target. ACE supports...
Data Exfiltration over DNS Request Covert Channel: DNSExfiltrator
DNSExfiltrator allows for transfering exfiltrate a file over a DNS request covert channel. This is basically a data leak testing tool allowing to exfiltrate data over a covert channel. DNSExfiltrator has two sides: 1. The server side , coming as a single python script dnsexfiltrator.py , which ac...
How to deploy Veeam Service Provider Console Communication Agent in Unattended Mode
Challenge Some deployment scenarios may require that the Veeam Service Provider Console Communication Agent is deployed via Windows PowerShell in the silent mode. Solution Run Windows PowerShell as administrator and execute following command with correct values for Tenant's username in VACTENANT=...
Invoke-PSImage - Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute Invoke-PSImage takes a PowerShell script and embeds the bytes of the script into the pixels of a PNG image. It generates a oneliner for executing either from a file of from the web when the -Web flag is...
CHM Help Files Deliver Brazilian Banking Trojan
Security researchers are warning of a new spam campaign targeting Brazilian institutions that contain Compiled HTML file attachments that are used to deliver a banking Trojan. Spam messages contain a malicious CHM attachment called “comprovante.chm”, wrote Rodel Mendrez, senior security researche...
Jenkins XStream Groovy classpath Deserialization Exploit
This Metasploit module exploits CVE-2016-0792 a vulnerability in Jenkins versions older than 1.650 and Jenkins LTS versions older than 1.642.2 which is caused by unsafe deserialization in XStream with Groovy in the classpath, which allows remote arbitrary code execution. The issue affects default...
Jenkins - XStream Groovy classpath Deserialization (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins XStream Groovy classpath Deserialization Vulnerability', 'Description' = %q This module exploits CVE-2016-0792 a vulnerability in Jenkins...
Invoke-Phant0m - Windows Event Log Killer
This script walks thread stacks of Event Log Service process spesific svchost.exe and identify Event Log Threads to kill Event Log Service Threads. So the system will not be able to collect logs and at the same time the Event Log Service will appear to be running. I have made this script for two...
MS-Word Payload Delivery: Macro Creator
Invoke-MacroCreator is a powershell Cmdlet that allows for the creation of an MS-Word document embedding a VBA macro with various payload delivery and execution capabilities. Description Basically the script supports three types of payload that you MUST specify using the -t argument: 1. shellcode...
Permissions Flaw Found on Azure AD Connect
A permissions flaw in Microsoft’s Azure AD Connect software could allow a rogue admin to escalate account privileges and gain unauthorized universal access within a company’s internal network. Microsoft issued an advisory for the vulnerability on Tuesday. Affected are Office 365 customers running...
Microsoft Office DDE Payload Delivery Exploit
This Metasploit module generates an DDE command to place within a word document, that when executed, will retrieve a HTA payload via HTTP from an web server. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
Microsoft Office - Dynamic Data Exchange 'DDE' Payload Delivery (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Office DDE Payload Delivery', 'Description' = %q This module generates an DDE command to place within a word document, that when...
Microsoft Office DDE Payload Delivery
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Office DDE Payload Delivery', 'Description' = %q This module generates an DDE command to place within a word document, that when...
Microsoft Office DDE Payload Delivery
This module generates an DDE command to place within a word document, that when executed, will retrieve a HTA payload via HTTP from an web server. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...
PowerShell script to check what vdisk version is being used
Looking for assistance with powershell script to check what vdisk version on the PVS is being used by the VDI desktops Target Devices...