Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Pandora v3.1 Auth Bypass and Arbitrary File Upload Vulnerability", 'Description' = %q This module exploits an authentication bypass...

Pandora 3.1 Auth Bypass / Arbitrary File Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Pandora v3.1 Auth Bypass and Arbitrary File Upload Vulnerability", 'Description' = %q This module exploits an authentication bypass...

Mac OS X VMWare Fusion Root Privilege Escalation Exploit

This abuses the bug in bash environment variables CVE-2014-6271 to get a suid binary inside of VMWare Fusion to launch our payload as root. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex...

Pandora FMS v3.1 Auth Bypass and Arbitrary File Upload Vulnerability

This module exploits an authentication bypass vulnerability in Pandora FMS v3.1 as disclosed by Juan Galiana Lara. It also integrates with the built-in pandora upload which allows a user to upload arbitrary files to the '/images/' directory. This module was created as an exercise in the Metasploi...

Windows Enumerate LSA Secrets

This module will attempt to enumerate the LSA Secrets keys within the registry. The registry value used is: HKEYLOCALMACHINE\Security\Policy\Secrets\. Thanks goes to Maurizio Agazzini and Mubix for decrypt code from cachedump. This module requires Metasploit: https://metasploit.com/download...