83 matches found
CVE-2026-3241
Concrete CMS versions below 9.4.8 are affected by a stored XSS in the Legacy Form block. An authenticated user with permissions to create or edit forms (e.g., a rogue administrator) can inject a persistent JavaScript payload into the options of a multiple‑choice question (Checkbox List, Radio But...
HTTP Fetch, Linux Chmod
Fetch and execute an ARMLE payload from an HTTP server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/http/armle/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set options...
TFTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an RISC-V 64-bit payload from a TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/riscv64le/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...
TFTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an RISC-V 32-bit payload from a TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/riscv32le/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...
TFTP Fetch, Linux Execute Command
Fetch and execute an RISC-V 32-bit payload from a TFTP server. Execute an arbitrary command Module Options msf use payload/cmd/linux/tftp/riscv32le/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec ru...
HTTPS Fetch, Linux Execute Command
Fetch and execute an RISC-V 64-bit payload from an HTTPS server. Execute an arbitrary command Module Options msf use payload/cmd/linux/https/riscv64le/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec...
HTTP Fetch, Linux Chmod
Fetch and execute an RISC-V 64-bit payload from an HTTP server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/http/riscv64le/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set...
TFTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an PPC payload from an TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/ppc/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show...
HTTPS Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an MIPSLE payload from an HTTPS server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/https/ppc/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...
Phantom-Evasion
This is a Python antivirus evasion tool called Phantom-Evasion. It is free software, licensed under the GNU General Public License GPL version 3. The tool is designed to evade detection by antivirus software and is intended for educational or research purposes only. The tool has several modules,...
HTTPS Fetch
Fetch and execute an x64 payload from an HTTPS server. Module Options msf use payload/cmd/windows/https/x64/downloadexec msf payloaddownloadexec show actions ...actions... msf payloaddownloadexec set ACTION msf payloaddownloadexec show options ...show and set options... msf payloaddownloadexec ru...
HTTPS Fetch
Fetch and execute an x64 payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/x64/sethostname msf payloadsethostname show actions ...actions... msf payloadsethostname set ACTION msf payloadsethostname show options ...show and set options... msf payloadsethostname run This...
PHP Exec, PHP Command Shell, Bind TCP (via perl) IPv6
Execute a PHP payload from a command. Listen for a connection and spawn a command shell via perl persistent over IPv6 Module Options msf use payload/cmd/unix/php/bindperlipv6 msf payloadbindperlipv6 show actions ...actions... msf payloadbindperlipv6 set ACTION msf payloadbindperlipv6 show options...
PHP Exec
Execute a PHP payload as an OS command from a Posix-compatible shell Module Options msf use payload/cmd/unix/php/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and...
PHP Exec, PHP Meterpreter, Bind TCP Stager with UUID Support
Execute a PHP payload as an OS command from a Posix-compatible shell. Run a meterpreter server in PHP. Listen for a connection with UUID Support Module Options msf use payload/cmd/unix/php/meterpreter/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION...
PHP Exec, PHP Execute Command
Execute a PHP payload as an OS command from a Posix-compatible shell. Execute a single system command Module Options msf use payload/cmd/unix/php/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec run...
TFTP Fetch
Fetch and execute an MIPSBE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/mipsbe/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show...
TFTP Fetch, Reverse TCP Stager
Fetch and execute an MIPSBE payload from a TFTP server. Connect back to the attacker Module Options msf use payload/cmd/linux/tftp/mipsbe/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...
TFTP Fetch, Linux Add User
Fetch and execute an ARMLE payload from a TFTP server. Create a new user with UID 0 Module Options msf use payload/cmd/linux/tftp/armle/adduser msf payloadadduser show actions ...actions... msf payloadadduser set ACTION msf payloadadduser show options ...show and set options... msf payloadadduser...
TFTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an MIPSBE payload from a TFTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/tftp/mipsbe/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sh...