CVE-2023-53959

FileZilla Client 3.63.1 is affected by a DLL hijacking flaw: an attacker can place a crafted TextShaping.dll in the application directory to achieve remote code execution when FileZilla is launched. The vulnerability stems from a missing/bad TextShaping.dll that can be replaced with a malicious p...

JetBrains TeamCity Unauthenticated Remote Code Execution

This module exploits an authentication bypass vulnerability in JetBrains TeamCity. An unauthenticated attacker can leverage this to access the REST API and create a new administrator access token. This token can be used to upload a plugin which contains a Metasploit payload, allowing the attacker...

Powershell Exec, Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager

Execute an x64 payload from a command via PowerShell. Spawn a piped command shell Windows x64 staged. Listen for an IPv6 connection Windows x64 Module Options msf use payload/cmd/windows/powershell/x64/shell/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set...

Powershell Exec, Windows Meterpreter Shell, Reverse TCP Inline x64

Execute an x64 payload from a command via PowerShell. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/powershell/x64/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf...

Powershell Exec, Windows x64 Reverse Named Pipe (SMB) Stager

Execute an x64 payload from a command via PowerShell. Connect back to the attacker via a named pipe pivot Module Options msf use payload/cmd/windows/powershell/x64/meterpreter/reversenamedpipe msf payloadreversenamedpipe show actions ...actions... msf payloadreversenamedpipe set ACTION msf...

Exploit for CVE-2017-8570

PoC exploit for CVE-2017-8570. The exploit toolkit, CVE-2017-8570, is a Python script designed to generate malicious PPSX files that can deliver payloads to users. It can be used in two scenarios: delivering local payloads or remote payloads. To deliver local payloads, the script generates a...

Exploit for CVE-2017-0199

CVE-2017-0199 Exploit toolkit CVE-2017-0199 - v2.0 is a handy...

Microsoft RTF Remote Code Execution

''' Exploit toolkit CVE-2017-0199 - v2.0 https://github.com/bhdresh/CVE-2017-0199 Exploit toolkit CVE-2017-0199 - v2.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter payloa...

Exploit for CVE-2017-0199

Exploit toolkit CVE-2017-0199 - v4.0 Exploit toolkit CVE-201...

Veil-Evasion RPC Command Injection Vulnerability

Veil Evasion is a payload that generates Metasploit an open source security vulnerability detection tool and bypasses common antivirus executables. A command injection vulnerability exists in Veil-Evasion RPC versions 2.5.2 through 2.24. An attacker could use this vulnerability to execute arbitra...

Acunetix OLE Automation Array Remote Code Execution Exploit

Acunetix versions 9.5 and below OLE automation array remote code execution exploit. !/usr/bin/python import BaseHTTPServer, sys, socket Acunetix OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 27 Mar 2015 Version...

Acunetix 9.5 - OLE Automation Array Remote Code Execution

!/usr/bin/python import BaseHTTPServer, sys, socket Acunetix OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 27 Mar 2015 Version: acunetix.exe Video: https://vid.me/SRCb class...

A-PDF-All-to-MP3-Converter-1.1.0

Exploit Title: A-PDF All to MP3 Converter v.1.1.0 Universal Local SEH Exploit Date: September 18, 2010 Author: modpr0be import struct junk1 = 'A' 4132 nseh = "\xeb\x06\x90\x90" seh = struct.pack'L', 0x00408B44 ppr nops2 = "\x90" 12 metasploit payload windows/exec cmd=calc | msfencode -e...

A-PDF All to MP3 Converter 1.1.0 Universal Local SEH Exploit

No description provided by source. !/usr/bin/python Exploit Title: A-PDF All to MP3 Converter v.1.1.0 Universal Local SEH Exploit Date: September 18, 2010 Author: modpr0be Software Link: http://www.a-pdf.com/all-to-mp3/download.htm Version: 1.1.0 Tested on: Windows XP SP3 Open application -- Next...

Adobe PDF Escape EXE Social Engineering (No JavaScript)

No description provided by source. $Id: adobepdfembeddedexenojs.rb 11353 2010-12-16 20:11:01Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

Linux Execute Command

A very small shellcode for executing commands. This module is sometimes helpful for testing purposes. -- coding: binary -- This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 52 includ...

A-PDF All To MP3 Coverter 1.1.0 Universal Exploit

!/usr/bin/python Exploit Title: A-PDF All to MP3 Converter v.1.1.0 Universal Local SEH Exploit Date: September 18, 2010 Author: modpr0be Software Link: http://www.a-pdf.com/all-to-mp3/download.htm Version: 1.1.0 Tested on: Windows XP SP3 Open application -- Next -- Add -- blah.wav -- calc will po...

btftp.txt

/ - Tools you will probably need: - http://www.digitalmunition.com/setbd-affix.c - KF is one bad mofo /str0ke Remote Nokia Affix btftp client exploit by kflistsatsecnetopsdotcom threat: btftp Affix version: Affix 2.1.1 Wellcome to OBEX ftp. Type ? for help. Mode: Bluetooth SDP: yes ftp open...