4373 matches found
HTTP Fetch
Fetch and execute an x64 payload from an HTTP server. Module Options msf use payload/cmd/linux/http/x64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and s...
HTTP Fetch, Windows Meterpreter Shell, Reverse HTTP Inline (x64)
Fetch and execute an x64 payload from an HTTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/http/x64/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf...
HTTP Fetch, Windows Meterpreter Shell, Bind Named Pipe Inline (x64)
Fetch and execute an x64 payload from an HTTP server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/http/x64/meterpreterbindnamedpipe msf payloadmeterpreterbindnamedpipe show actions ...actions... msf...
HTTP Fetch, Windows Meterpreter Shell, Reverse HTTPS Inline (x64)
Fetch and execute an x64 payload from an HTTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/http/x64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf...
CVE-2023-1938
The WP Fastest Cache WordPress plugin before 1.1.5 does not have CSRF check in an AJAX action, and does not validate user input before using it in the wpremoteget function, leading to a Blind SSRF issue...
Debian dla-3436 : libipa-hbac-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3436 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3436-2 [email protected] https://www.debian.org/lts/security/...
nodejs and nodejs-nodemon security, bug fix, and enhancement update
An update is available for nodejs, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform for building fast a...
Fetch Payloads: A Shorter Path from Command Injection to Metasploit Session
Over the last year, two-thirds of the exploit modules added to Metasploit Framework have targeted command injection vulnerabilities CWE-94: Improper Control of Generation of Code. In the process of helping new and existing open-source contributors learn how to use Metasploit’s command stager...
CVE-2023-33293
An issue was discovered in KaiOS 3.0 and 3.1. The binary /system/kaios/api-daemon exposes a local web server on .localhost with subdomains for each installed applications, e.g., myapp.localhost. An attacker can make fetch requests to api-deamon to determine if a given app is installed and read th...
Metasploit Weekly Wrap-Up
Fetch Based Payloads: Making the Path from Command Injection to Metasploit Session Shorter This week we’re releasing Metasploit fetch payloads. Fetch payloads are command-based payloads that leverage network-enabled applications on remote hosts and different protocol servers to serve, download, a...
TFTP Fetch, Windows Command Shell, Encrypted Reverse TCP Stager
Fetch and execute an x64 payload from a TFTP server. Spawn a piped command shell staged. Connect to MSF and read in stage Module Options msf use payload/cmd/windows/tftp/x64/encryptedshell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf...
TFTP Fetch, Windows x64 Reverse TCP Stager
Fetch and execute an x64 payload from a TFTP server. Connect back to the attacker Windows x64 Module Options msf use payload/cmd/windows/tftp/x64/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and...
TFTP Fetch, Windows shellcode stage, Windows x64 Bind TCP Stager
Fetch and execute an x64 payload from a TFTP server. Custom shellcode stage. Listen for a connection Windows x64 Module Options msf use payload/cmd/windows/tftp/x64/custom/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show a...
TFTP Fetch, Windows x64 Bind TCP Stager
Fetch and execute an x64 payload from a TFTP server. Listen for a connection Windows x64 Module Options msf use payload/cmd/windows/tftp/x64/meterpreter/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set options... m...
TFTP Fetch, Windows shellcode stage, Windows x64 Reverse HTTPS Stager (winhttp)
Fetch and execute an x64 payload from a TFTP server. Custom shellcode stage. Tunnel communication over HTTPS Windows x64 winhttp Module Options msf use payload/cmd/windows/tftp/x64/custom/reversewinhttps msf payloadreversewinhttps show actions ...actions... msf payloadreversewinhttps set ACTION m...
TFTP Fetch, Windows x64 Reverse HTTP Stager (wininet)
Fetch and execute an x64 payload from a TFTP server. Tunnel communication over HTTP Windows x64 wininet Module Options msf use payload/cmd/windows/tftp/x64/vncinject/reversehttps msf payloadreversehttps show actions ...actions... msf payloadreversehttps set ACTION msf payloadreversehttps show...
TFTP Fetch, Windows x64 Reverse HTTP Stager (winhttp)
Fetch and execute an x64 payload from a TFTP server. Tunnel communication over HTTP Windows x64 winhttp Module Options msf use payload/cmd/windows/tftp/x64/vncinject/reversewinhttp msf payloadreversewinhttp show actions ...actions... msf payloadreversewinhttp set ACTION msf payloadreversewinhttp...
TFTP Fetch, Windows shellcode stage, Bind TCP Stager with UUID Support (Windows x64)
Fetch and execute an x64 payload from a TFTP server. Custom shellcode stage. Listen for a connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/tftp/x64/custom/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf...
TFTP Fetch, Windows shellcode stage, Windows x64 Reverse HTTP Stager (winhttp)
Fetch and execute an x64 payload from a TFTP server. Custom shellcode stage. Tunnel communication over HTTP Windows x64 winhttp Module Options msf use payload/cmd/windows/tftp/x64/custom/reversewinhttp msf payloadreversewinhttp show actions ...actions... msf payloadreversewinhttp set ACTION msf...
TFTP Fetch, Windows x64 Bind Named Pipe Stager
Fetch and execute an x64 payload from a TFTP server. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/tftp/x64/vncinject/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show options...