96 matches found
HTTPS Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an PPC64 payload from an HTTPS server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/https/ppc64/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...
HTTPS Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an ARMLE payload from an HTTPS server. Connect to target and spawn a command shell Module Options msf use payload/cmd/linux/https/armle/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show...
HTTPS Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an AARCH64 payload from an HTTPS server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/https/aarch64/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreverset...
TFTP Fetch, Linux Command Shell, Reverse TCP Stager
Fetch and execute an MIPSBE payload from a TFTP server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/tftp/mipsbe/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show...
HTTPS Fetch, Linux Command Shell, Reverse TCP Stager
Fetch and execute an MIPSBE payload from an HTTPS server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/https/mipsbe/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show...
TFTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an MIPSBE payload from a TFTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/tftp/mipsbe/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sh...
HTTPS Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an ARMLE payload from an HTTPS server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/https/armle/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...
HTTP Fetch, Linux dup2 Command Shell, Reverse TCP Stager
Fetch and execute an AARCH64 payload from an HTTP server. dup2 socket in x12, then execve. Connect back to the attacker Module Options msf use payload/cmd/linux/http/aarch64/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp sh...
HTTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an MIPSBE payload from an HTTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/http/mipsbe/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...
HTTPS Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an MIPSBE payload from an HTTPS server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/https/mipsbe/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...
TFTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an ARMLE payload from a TFTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/tftp/armle/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp show...
NetAlertX 24.9.12 Command Injection
An attacker can update NetAlertX settings with no authentication, which results in command injection. Versions 23.01.14 through 24.9.12 are affected. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
Craft CMS Twig Template Injection RCE via FTP Templates Path
This module exploits a Twig template injection vulnerability in Craft CMS by abusing the --templatesPath argument. The vulnerability allows arbitrary template loading via FTP, leading to Remote Code Execution RCE. Module Options msf use exploit/linux/http/craftcmsftptemplate msf...
Selenium geckodriver RCE
Selenium Server Grid use exploit/linux/http/seleniumgreedfirefoxrcecve202228108 msf exploitseleniumgreedfirefoxrcecve202228108 show targets ...targets... msf exploitseleniumgreedfirefoxrcecve202228108 set TARGET msf exploitseleniumgreedfirefoxrcecve202228108 show options ...show and set options...
Selenium Chrome Remote Code Execution Exploit
Selenium Server Grid versions prior to 4.0.0-alpha-7 allows cross site request forgery because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain and this issue in turn allows for an attacker to achieve remote code execution. This modu...
Selenium chrome RCE
Selenium Server Grid before 4.0.0-alpha-7 allows CSRF because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain. Module Options msf use exploit/linux/http/seleniumgreedchromercecve202228108 msf exploitseleniumgreedchromercecve20222810...
Traccar 5.12 Remote Code Execution
class MetasploitModule 'Traccar v5 Remote Code Execution CVE-2024-31214 and CVE-2024-24809', 'Description' = %q Remote Code Execution in Traccar v5.1 - v5.12. Remote code execution can be obtained by combining two vulnerabilities: A path traversal vulnerability CVE-2024-24809 and an unrestricted...
HTTPS Fetch, Linux Command Shell, Bind TCP Stager with UUID Support (Linux x86)
Fetch and execute an x86 payload from an HTTPS server. Spawn a command shell staged. Listen for a connection with UUID Support Linux x86 Module Options msf use payload/cmd/linux/https/x86/shell/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf...
TFTP Fetch, Linux Command Shell, Bind TCP Stager (Linux x86)
Fetch and execute a x86 payload from a TFTP server. Spawn a command shell staged. Listen for a connection Linux x86 Module Options msf use payload/cmd/linux/tftp/x86/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show a...
HTTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute a x86 payload from an HTTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/http/x86/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show...