914 matches found
HTTP Directory Brute Force Scanner
This module identifies the existence of interesting directories by brute forcing the name in a given directory path. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'enumerable' class MetasploitModule 'HTTP...
HP OpenView NNM 7.53, 7.51 OVAS.EXE Pre-Authentication SEH Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ This should bypass the following snort rule referenced...
PHP Include Generic Exploit
$Id: phpinclude.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
SAP DB 7.4 WebTools Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'SAP DB 7.4...
SHOUTcast DNAS/win32 1.9.4 File Request Format String Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'SHOUTcast...
Hewlett-Packard Power Manager Administration Buffer Overflow
This module exploits a stack buffer overflow in Hewlett-Packard Power Manager 4.2. Sending a specially crafted POST request with an overly long Login string, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...
Matt Wright guestbook.pl Arbitrary Command Execution
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Matt Wright...
Joomla 1.5.12 TinyBrowser File Upload Code Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Joomla 1.5.12...
TikiWiki jhot Remote Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'TikiWiki jhot...
Typo3 sa-2009-002 File Disclosure
This module exploits a file disclosure vulnerability in the jumpUrl mechanism of Typo3. This flaw can be used to read any file that the web server user account has access to. This module requires Metasploit: https://metasploit.com/download Current source:...
Dogfood CRM 2.0.10 spell.php Command Injection
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
OpenHelpDesk 1.0.100 - eval() Code Execution (Metasploit)
OpenHelpDesk 1.0.100 - eval Code Execution Metasploit $Id: phpeval.rb 5783 2008-10-23 02:43:21Z ramon $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing an...
BEA Weblogic Transfer-Encoding Buffer Overflow
This module exploits a stack based buffer overflow in the BEA Weblogic Apache plugin. This vulnerability exists in the error reporting for unknown Transfer-Encoding headers. You may have to run this twice due to timing issues with handlers. This module requires Metasploit:...
Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - 'apply.cgi' Remote Buffer Overflow (Metasploit)
require 'msf/core' class Metasploit3 'Linksys apply.cgi buffer overflow', 'Description' = %q This module exploits a stack overflow in apply.cgi on the Linksys WRT54G and WRT54GS routers. According to iDefense who discovered this vulnerability, all WRT54G versions prior to 4.20.7 and all WRT54GS...