3143 matches found
VMware Server Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Server Directory Traversal Vulnerability', 'Description' = 'This modules exploits the VMware Server Directory Traversal vulnerability in...
ISC DHCP Zero Length ClientID Denial of Service Module
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ISC DHCP Zero Length ClientID Denial of Service Module', 'Description' = %q This module performs a Denial of Service Attack against the ISC DHCP...
Oracle DB SQL Injection Via DBMS_EXPORT_EXTENSION
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via DBMSEXPORTEXTENSION', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting a sql...
Varnish Cache CLI Login Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/varnish' require 'metasploit/framework/tcp/client' class MetasploitModule...
MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass', 'Description' = %q This module bypasses basic authentication for Internet Informatio...
Monkey HTTPD Header Parsing Denial of Service (Denial of Service)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Monkey HTTPD Header Parsing Denial of Service DoS', 'Description' = %q This module causes improper header parsing that leads to a segmentation...
Oracle Secure Backup Authentication Bypass / Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability', 'Description' = %q This module exploits an authentication bypass...
HP Data Protector 6.1 EXEC_CMD Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Data Protector 6.1 EXECCMD Command Execution', 'Description' = %q This module exploits HP Data Protector's omniinet process, specifically...
Novell EDirectory DHOST Predictable Session Cookie
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell eDirectory DHOST Predictable Session Cookie', 'Description' = %q This module is able to predict the next session cookie value issued by th...
Tomcat UTF-8 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tomcat UTF-8 Directory Traversal Vulnerability', 'Description' = %q This module tests whether a directory traversal vulnerability is present in...
Node.js HTTP Pipelining Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Node.js HTTP Pipelining Denial of Service', 'Description' = %q This module exploits a Denial of Service DoS condition in the HTTP parser of Node....
TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access', 'Description' = %q This module tests for directory traversal vulnerability in...
Microsoft Windows NAT Helper Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows NAT Helper Denial of Service', 'Description' = %q This module exploits a denial of service vulnerability within the Internet...
WinFTP 2.3.0 NLST Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WinFTP 2.3.0 NLST Denial of Service', 'Description' = %q This module is a very rough port of Julien Bedard's PoC. You need a valid login, but eve...
AlienVault Authenticated SQL Injection Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.6.1 and below is susceptible to an authenticated SQL...
Ruby WEBrick::HTTP::DefaultFileHandler Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby WEBrick::HTTP::DefaultFileHandler DoS', 'Description' = %q The WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6...
SolarWinds TFTP Server 10.4.0.10 Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarWinds TFTP Server 10.4.0.10 Denial of Service' , 'Description' = %q The SolarWinds TFTP server can be shut down by sending a 'netascii' read...
HP Intelligent Management SOM Account Creation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management SOM Account Creation', 'Description' = %q This module exploits a lack of authentication and access control in HP...
Oracle Secure Backup Exec_qr() Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup execqr Command Injection Vulnerability', 'Description' = %q This module exploits a command injection vulnerability in Oracle...
Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service', 'Description' = %q The vulnerability allows remote unauthenticated attackers to force...