LINQPad Deserialization

This module exploits a bug in LIQPad up to version 5.48.00. The bug is only exploitable in paid version of software. The core of a bug is cache file containing deserialized data, which attacker can overwrite with malicious payload. The data gets deserialized every time the app restarts. Module...

EUVD-2019-13323

Malware in sbrugna...

CVE-2025-1292

CVE-2025-1292 describes an out-of-bounds write in the TPM2 Reference Library used by Google ChromeOS 122.0.6261.132 on Cr50 boards. The root cause is an NV_Read path leveraged during the Challenge-Response process, allowing an attacker with root access to gain persistence and bypass operating-sys...

Yum Package Manager Persistence Exploit

This Metasploit module will run a payload when the package manager is used. No handler is run automatically so you must configure an appropriate exploit/multi/handler to connect. Module modifies a yum plugin to launch a binary of choice. grep -F 'enabled=1' /etc/yum/pluginconf.d/ will show what...

Windows Multiple - Registry Only Persistence Exploit

Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' require 'msf/core/post/file' class Metasploit4 'Windows...