metasploit-mcp

metasploit-mcp Metasploit Framework MCP server for exploit ex...

TFTP Fetch

Fetch and execute an ARMBE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/armbe/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show an...

HTTPS Fetch

Fetch and execute an MIPSLE payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/ppc/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and...

HTTP Fetch, Linux Command Shell, Find Port Inline

Fetch and execute an PPC64 payload from an HTTP server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/http/ppc64/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...sho...

TFTP Fetch, Linux Command Shell, Reverse TCP Stager

Fetch and execute an MIPSBE payload from a TFTP server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/tftp/mipsbe/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show...

Exploit for Off-by-one Error in Sudo_Project Sudo

Baron Samedit PoC Description This is a Proof-of-Concept...

Exploit for OS Command Injection in Netgate Pfblockerng

CVE-2022-31814 Updated Exploit - pfBlockerNG = 2.1.426 U...

Exploit for Authentication Bypass by Spoofing in Telerik Report_Server_2024

CVE-2024-4358 / CVE-2024-1800 Telerik Report Server deserializ...

Exploit for Improper Ownership Management in Debian Debian_Linux

Install compilation environment bash sudo apt install -y gcc...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

Pwnkit Exploit Instructions I did not write this. This is on...

Quick Quiz 2.4 File Upload - Remote Code Execution Vulnerability

Title: Quick-Quiz-2.4 File Upload - RCE Author: nu11secur1ty Vendor: https://mediacity.co.in/mediacity/ Software: https://codecanyon.net/item/quick-quiz-laravel-quiz-and-exam-system/21117633?srank=14 Reference: https://portswigger.net/web-security/file-upload,...

Click Stocks 1.3 - File Upload Remote Code Execution Vulnerability

Title: Click Stocks-1.3 - File Upload - RCE Author: nu11secur1ty Vendor: https://codecanyon.net/user/media-city Software: https://codecanyon.net/item/click-stocks-free-stock-photos-laravel-script/23356416 Reference: https://portswigger.net/web-security/file-upload,...

Exploit for Path Traversal in Grafana

PoC para CVE-2021-43798 Grafana es una plataforma de código a...

Exploit for Unrestricted Upload of File with Dangerous Type in Pwndoc_Project Pwndoc

Pwndoc local file inclusi...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 CVE-2021-4034: Add Root User – Pkexec Local Pri...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Apache-Log4j-POC CVE-2021-44228 Proof of Concept of apache log...

Type confusion

An access of uninitialized pointer vulnerability in CX-Supervisor Versions 3.42 and prior could lead to type confusion when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application...

tty from web shell

эмулятор nc -l -s ADDR -p PORT ввод/вывод которого управляется через файлы in/out написан для получения tty из под веб-шелла tty from web shell с ним из веб шела можно юзать su, запускать эксплоиты и получать рута пример работы: Код: ./ttyServer.pl Server is ready at 127.0.0.1:43157 ./ttyClient.p...

Mp3-Nator 2.0 - 'ListData.dat' Universal Buffer Overflow (SEH)

!/usr/bin/perl + Bug : Mp3-Nator 2.0 ListData.dat Universal Buffer Overflow Exploit SEH + Author : ThE g0bL!N Greetz to all my friends Download:http://files.brothersoft.com/mp3audio/players/mp3nator.zip Tested on: Windows XP Pro SP2 Fr Ismail: Hadi Wallah Ghir 3la Rabbi : usage: After Clicking On...

Citadel/UX <= 6.27 Remote Root Format String Exploit

Exploit for linux platform in category remote exploits ==================================================== Citadel/UX options options: -h host or IP -t type of target system -l targets list -g syslog GOT address -r RET address email protected:/audit$ ./citadelfsexp -h localhost -t0 Citadel/UX...