22 matches found
Sparty - MS Sharepoint and Frontpage Auditing Tool
Sparty is an open source tool written in python to audit web applications using sharepoint and frontpage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of sharepoint and frontpage based web applications. Due to the...
HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow
No description provided by source. $Id: hpnnmgetnnmdatahostname.rb 12131 2011-03-25 00:46:59Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and ter...
HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow
No description provided by source. $Id: hpnnmovwebsnmpsrvmain.rb 12097 2011-03-23 15:45:48Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Kolibri <= 2.0 - HTTP Server HEAD Buffer Overflow
No description provided by source. $Id: kolibrihttp.rb 10887 2011-08-03 12:19:19Z mrme $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
SAP Management Console OSExecute Payload Execution
No description provided by source. $Id: sapmgmtconosexecpayload.rb 14048 2011-10-24 16:42:07Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
HP System Management Anonymous Access Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Simple Web Server Connection Header Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
BadBlue 2.72b PassThru Buffer Overflow
No description provided by source. $Id: badbluepassthru.rb 9744 2010-07-08 23:34:50Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
Novell ZENworks Configuration Management Remote Execution
No description provided by source. $Id: zenworksuploadservlet.rb 11099 2010-11-22 17:53:49Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Apache Tomcat Manager - Application Upload Authenticated Code Execution
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking HttpFingerprint = :pattern = /Apache.Coyote|Tomcat/...
Apache Tomcat Manager Code Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 /Apache.Coyote|Tomcat/ CSRFVAR = 'CSRFNONCE=' include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE def initializeinfo =...
HP SiteScope issueSiebelCmd Remote Code Execution
This module exploits a code execution flaw in HP SiteScope. The vulnerability exists in the APISiteScopeImpl web service, specifically in the issueSiebelCmd method, which allows the user to execute arbitrary commands without authentication. This module has been tested successfully on HP SiteScope...
Tomcat Application Manager Login Utility
This module simply attempts to login to a Tomcat Application Manager instance using a specific user/pass. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require...
HP SiteScope (Windows) - Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 /Apache-Coyote/ include...
HP System Management Anonymous Access Code Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 /HP System Management Homepage/ includ...
Novell ZENworks Asset Management Remote Execution
This module exploits a path traversal flaw in Novell ZENworks Asset Management 7.5. By exploiting the CatchFileServlet, an attacker can upload a malicious file outside of the MalibuUploadDirectory and then make a secondary request that allows for arbitrary code execution. This module requires...
Simple Web Server Connection Header Buffer Overflow
This module exploits a vulnerability in Simple Web Server 2.2 rc2. A remote user can send a long string data in the Connection Header to causes an overflow on the stack when function vsprintf is used, and gain arbitrary code execution. The module has been tested successfully on Windows 7 SP1 and...
IPSwitch WhatsUp Gold 8.03 - Remote Buffer Overflow (Metasploit)
$Id: ipswitchwugmaincfgret.rb 9820 2010-07-14 13:59:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
BadBlue 2.5 - 'ext.dll' Remote Buffer Overflow (Metasploit)
$Id: badblueextoverflow.rb 9719 2010-07-07 17:38:59Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
HTTP Version Detection
Display version information about each system. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Version Detection', 'Description' = 'Display version information about each system.', 'Author...