4 matches found
HTTP Fetch, Windows Meterpreter Shell, Bind TCP Inline
Fetch and execute an x86 payload from an HTTP server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/http/x86/meterpreterbindtcp msf payloadmeterpreterbindtcp show actions ...actions... msf payloadmeterpreterbindtcp se...
HTTP Fetch, Windows Command Shell, Bind IPv6 TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an HTTP server. Spawn a piped command shell staged. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/http/x86/shell/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf...
CVE-2025-9889 ContentMX Content Publisher <= 1.0.6 - Cross-Site Request Forgery
The ContentMX Content Publisher plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.6. This is due to missing or incorrect nonce validation on the cmxactivateconnection function. This makes it possible for unauthenticated attackers to bind...
OS Command Exec, Unix Command Shell, Bind TCP (via R)
Execute an OS command from PHP. Continually listen for a connection and spawn a command shell via R Module Options msf use payload/php/unix/cmd/bindr msf payloadbindr show actions ...actions... msf payloadbindr set ACTION msf payloadbindr show options ...show and set options... msf payloadbindr r...