Windows x64 Command Shell, Windows x64 Bind Named Pipe Stager

Spawn a piped command shell Windows x64 staged. Listen for a pipe connection Windows x64 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 481 include Msf::Payload::Stager include...

Unix Command Shell, Reverse UDP (via socat)

Creates an interactive shell via socat This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 87 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def initializeinfo...

Unix Command Shell, Reverse TCP (stub)

Creates an interactive shell through an inbound connection stub only, no payload This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 0 include Msf::Payload::Single include...

Unix Command Shell, Bind TCP (stub)

Listen for a connection and spawn a command shell stub only, no payload This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 0 include Msf::Payload::Single include...

Apple iOS aarch64 Command Shell, Reverse TCP Inline

Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 152 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def...

Command Shell, Bind TCP (via python)

Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.4-2.7 and 3.4+. module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Python include Msf::Sessions::CommandShellOptions def initializeinfo =...

CVE-2017-15567

The certificate import component in IDEMIA formerly Morpho MorphoSmart 1300 Series aka MSO 1300 Series devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. NOTE: the vendor disputes this because there is no command shell in the product o...

CVE-2017-15567

CVE-2017-15567 concerns IDEMIA/MorphoSmart 1300 Series devices where the certificate import component is alleged to allow a local attacker to obtain a command shell and escalate privileges via unspecified vectors. Multiple sources (CNVD-2017-35801, NVD entry) describe a local-privilege-escalation...

CVE-2017-15567

The certificate import component in IDEMIA formerly Morpho MorphoSmart 1300 Series aka MSO 1300 Series devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. NOTE: the vendor disputes this because there is no command shell in the product o...

Polycom - Command Shell Authorization Bypass (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Polycom Command Shell Authorization Bypass', 'Alias' = 'polycomhdxauthbypass', 'Author' = 'Paul Haas ', module 'h00die ', submission/cleanup ,...

Polycom Command Shell Authorization Bypass Exploit

The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prom...

Polycom Command Shell Authorization Bypass

The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prom...

Polycom Command Shell Authorization Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Polycom Command Shell Authorization Bypass', 'Alias' = 'polycomhdxauthbypass', 'Author' = 'Paul Haas ', module 'h00die ', submission/cleanup ,...

Z/OS (MVS) Command Shell, Bind TCP

Provide JCL which creates a bind shell This implementation does not include ebcdic character translation, so a client with translation capabilities is required. MSF handles this automatically. This module requires Metasploit: https://metasploit.com/download Current source:...

svn-workbench Command Execution Vulnerability

svn-workbench is a svn version control system visualization tool . A security vulnerability exists in svn-workbench and previous versions 1.6.2. The vulnerability can be exploited to execute arbitrary code via the 'Command Shell' menu item...

Command injection

The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell...

CVE-2015-2210

The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell...

UBUNTU-CVE-2015-0853

svn-workbench 1.6.2 and earlier on a system with xeyes installed allows local users to execute arbitrary commands by using the "Command Shell" menu item while in the directory trunk/$xeyes...

CVE-2015-0853

Removed by vendor...

CVE-2015-2210

The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell...