ColdFusion 8.0.1 Arbitrary File Upload And Execute

$Id: coldfusionfckeditor.rb 10874 2010-11-02 23:51:17Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Linksys WRT54 Access Point - 'apply.cgi' Remote Buffer Overflow (Metasploit)

$Id: linksysapplycgi.rb 10457 2010-09-24 16:55:38Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

Lotus Domino Password Hash Collector

Get users passwords hashes from names.nsf page This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lotus Domino Password Hash Collector', 'Description' = 'Get users passwords hashes from names.nsf...

Microsoft IIS - WebDAV Write Access Code Execution (Metasploit)

$Id: iiswebdavuploadasp.rb 10397 2010-09-20 15:59:46Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Integard Home and Pro 2 - Remote HTTP Buffer Overflow

class Metasploit3 'Integard Home/Pro version 2.0', 'Description' = %q Exploit for Integard HTTP Server, vulnerability discovered by Lincoln , 'Author' = 'Lincoln', 'Nullthreat', 'rick2600', 'corelanc0d3r' , 'License' = MSFLICENSE, 'Version' = '$Revision: $', 'References' =...

Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability

This module exploits an authentication bypass vulnerability in login.php in order to execute arbitrary code via a command injection vulnerability in propertybox.php. This module was tested against Oracle Secure Backup version 10.3.0.1.0 Win32. This module requires Metasploit:...

The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)

$Id: guestbookssiexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

TWiki History TWikiUsers - 'rev' Command Execution (Metasploit)

$Id: twikihistory.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Command Stager Web Test

$Id: cmdweb.rb 8518 2010-02-16 16:38:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ requir...

Apache mod_rewrite - LDAP protocol Buffer Overflow (Metasploit)

$Id: apachemodrewriteldap.rb 8498 2010-02-15 00:48:03Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Alt-N WebAdmin - USER Buffer Overflow (Metasploit)

$Id: altnwebadmin.rb 8498 2010-02-15 00:48:03Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Microsoft IIS WebDAV Write Access Code Execution

$Id: iiswebdavuploadasp.rb 8413 2010-02-08 19:12:59Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Microsoft IIS WebDAV Write Access Code Execution

This module can be used to execute a payload on IIS servers that have world-writeable directories. The payload is uploaded as an ASP script via a WebDAV PUT request. The target IIS machine must meet these conditions to be considered as exploitable: It allows 'Script resource access', Read and Wri...

HTTP Directory Brute Force Scanner

This module identifies the existence of interesting directories by brute forcing the name in a given directory path. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'enumerable' class MetasploitModule 'HTTP...

HP OpenView NNM 7.53, 7.51 OVAS.EXE Pre-Authentication SEH Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ This should bypass the following snort rule referenced...

PHP Include Generic Exploit

$Id: phpinclude.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

SAP DB 7.4 WebTools Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'SAP DB 7.4...

SHOUTcast DNAS/win32 1.9.4 File Request Format String Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'SHOUTcast...

Hewlett-Packard Power Manager Administration Buffer Overflow

This module exploits a stack buffer overflow in Hewlett-Packard Power Manager 4.2. Sending a specially crafted POST request with an overly long Login string, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

Matt Wright guestbook.pl Arbitrary Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Matt Wright...