Lucene search
K

1361 matches found

Rapid7 Blog
Rapid7 Blog
added 2021/05/21 7:11 p.m.142 views

Metasploit Wrap-Up

Dell DBUtil23.sys IOCTL memmove privilege escalation Our very own zeroSteiner added a new module, which exploits insufficient access control in Dell's dbutil23.sys firmware update driver included in the Dell Bios Utility that comes pre-installed with most Windows machines. The driver accepts...

9.3CVSS0.7AI score0.99295EPSS
Exploits103
Packet Storm
Packet Storm
added 2021/05/17 12:0 a.m.216 views

Microsoft Windows TokenMagic Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Privilege Escalation via TokenMagic UAC Bypass', 'Description' = %q This module leverages a UAC bypass TokenMagic in order to spawn a...

0.5AI score
Exploits0
Kitploit
Kitploit
added 2021/05/04 9:30 p.m.247 views

Pystinger - Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger implements SOCK4 proxy and port mapping through webshell. It can be directly used by metasploit-framework, viper, cobalt strike for session online. Pystinger is developed in python, and currently supports three proxy scripts: php, jspx and aspx. Usage Suppose the domain name of the serv...

7.1AI score
Exploits0References4
Kitploit
Kitploit
added 2021/04/29 9:30 p.m.239 views

MeterPwrShell - Automated Tool That Generate The Perfect Powershell Payload

Automated Tool That Generate A Powershell Oneliner That Can Create Meterpreter Shell On Metasploit,Bypass AMSI,Bypass Firewall,Bypass UAC,And Bypass Any AVs. This tool is powered by Metasploit-Framework and amsi.fail Notes NEVER UPLOAD THE PAYLOAD THAT GENERATED BY THIS PROGRAM TO ANY ONLINE...

6.7AI score
Exploits0References4
CNVD
CNVD
added 2021/04/27 12:0 a.m.7 views

Rapid7 Metasploit Framework Code Issue Vulnerability

Rapid7 Metasploit Framework is a penetration testing framework from the US company Rapid7. The Metasploit Framework suffers from a code issue vulnerability that stems from the fact that a user would inadvertently expose the deserialization of Metasploit, which is the issue exploited by this modul...

8.8CVSS6.9AI score0.0175EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/04/23 12:0 a.m.6 views

Rapid7 Metasploit Framework 代码问题漏洞

Rapid7 Metasploit Framework is a penetration testing framework from the US company Rapid7. The Metasploit Framework suffers from a code issue vulnerability that stems from the fact that a user would inadvertently expose the deserialization of Metasploit, which is the issue exploited by this modul...

8.8CVSS5.8AI score0.0175EPSS
Exploits1References4
Gitee
Gitee
added 2021/01/10 9:44 p.m.4 views

Exploit for Incorrect Authorization in Theforeman Smart_Proxy_Salt

This is the Metasploit Framework repository, a widely used penetration testing tool. It is an offensive tool for penetration testing and vulnerability assessment. The repository contains various modules for exploiting vulnerabilities in different software and systems, including Windows, Linux, an...

7.1CVSS7.2AI score0.00194EPSS
Exploits1
Gitee
Gitee
added 2020/12/22 4:47 p.m.2 views

metasploit-framework

This is a Metasploit Framework repository. The Metasploit Framework is an open-source penetration testing platform that provides a comprehensive set of tools for identifying and exploiting vulnerabilities in computer systems and applications. The framework is written in Ruby and provides a modula...

7.2AI score
Exploits0
OSV
OSV
added 2020/10/29 3:15 p.m.6 views

CVE-2020-7384

Rapid7's Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and publish a file that would execute arbitrary commands on a victim's machine...

7.8CVSS7.3AI score0.30562EPSS
Exploits8References3
Kitploit
Kitploit
added 2020/09/28 11:30 a.m.36 views

Cooolis-ms - A Server That Supports The Metasploit Framework RPC

Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate. Loader execution process: 1...

7.5AI score
Exploits0References3
GithubExploit
GithubExploit
added 2020/09/17 1:48 a.m.207 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

This is a PoC exploit for CVE-2020-0796, a buffer overflow vulne...

10CVSS9.7AI score0.9981EPSS
Exploits125
Gitee
Gitee
added 2020/09/02 5:50 p.m.2 views

metasploit-framework

This is an open-source project repository for the Metasploit Framework, a popular penetration testing tool. The repository contains various files and directories related to the project, including configuration files, test files, and documentation. The Metasploit Framework is a software platform f...

7.2AI score
Exploits0
Gitee
Gitee
added 2020/09/02 5:27 p.m.6 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Android

This repository is a proof-of-concept PoC exploit for CVE-2017-0474. The exploit targets a vulnerability in the Windows SMBv1 protocol, which allows an attacker to execute arbitrary code on a vulnerable system. The exploit is written in Python and uses the Metasploit framework to deliver the...

9.3CVSS8.2AI score0.02139EPSS
Exploits1
CNVD
CNVD
added 2020/08/25 12:0 a.m.5 views

Metasploit Framework Relative Path Traversal Vulnerability

Metasploit Framework is a modular Ruby-based penetration testing platform that enables you to write, test and execute exploit code. A relative path traversal vulnerability exists in the untar method of the "auxiliary/admin/http/telpho10credentialdump" module of the Metasploit Framework, which can...

8.1CVSS7.2AI score0.01072EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/25 12:0 a.m.4 views

Metasploit Framework Relative Path Traversal Vulnerability (CNVD-2020-49456)

Metasploit Framework is a modular Ruby-based penetration testing platform that enables you to write, test and execute exploit code. A relative path traversal vulnerability exists in the getkeychains method of the "post/osx/gather/enumosx module" module of the Metasploit Framework, which can be...

10CVSS7.2AI score0.01123EPSS
Exploits1References1
NVD
NVD
added 2020/08/24 7:15 p.m.17 views

CVE-2020-7376

The Metasploit Framework module "post/osx/gather/enumosx module" is affected by a relative path traversal vulnerability in the getkeychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host...

10CVSS7.6AI score0.01123EPSS
Exploits1References1
OSV
OSV
added 2020/08/24 7:15 p.m.8 views

CVE-2020-7377

The Metasploit Framework module "auxiliary/admin/http/telpho10credentialdump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP...

7.5CVSS7.2AI score0.01072EPSS
Exploits1References1
Prion
Prion
added 2020/08/24 7:15 p.m.17 views

Path traversal

The Metasploit Framework module "auxiliary/admin/http/telpho10credentialdump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP...

5CVSS7.6AI score0.01072EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/08/24 7:15 p.m.13 views

Path traversal

The Metasploit Framework module "post/osx/gather/enumosx module" is affected by a relative path traversal vulnerability in the getkeychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host...

10CVSS9.3AI score0.01123EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/08/24 7:10 p.m.20 views

CVE-2020-7377 Rapid7 Metasploit Framework Relative Path Traversal in telpho10_credential_dump module

The Metasploit Framework module "auxiliary/admin/http/telpho10credentialdump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP...

8.1CVSS8.1AI score0.01072EPSS
Exploits1References1
Rows per page
Query Builder