Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution Exploit

This Metasploit module exploits Windows OLE Automation Array Vulnerability known as CVE-2014-6332. The vulnerability affects Internet Explorer 3.0 until version 11 within Windows95 up to Windows 10. Powershell is required on the target machine. On Internet Explorer versions using Protected Mode,...

Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' class Metasploit4 HttpClients::IE, :uaminver = "3.0", :uamaxver = "10.0", :javascript = true, :osname =...

MS14-064 Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution

This module exploits the Windows OLE Automation array vulnerability, CVE-2014-6332. The vulnerability is known to affect Internet Explorer 3.0 until version 11 within Windows 95 up to Windows 10, and no patch for Windows XP. However, this exploit will only target Windows XP and Windows 7 box due ...

Microsoft Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / PowerShell VirtualAlloc (MS14-064)

|--------------------------------------------------------------------------| | Title: OLE Automation Array Remote Code Execution = Pre IE11 | | Original Exploit: yuange - http://www.exploit-db.com/exploits/35229/ | | Rework: GradiusX [email protected] & b33f @FuzzySec | | Shellcode: Use t...

Windows Gather Outlook Email Messages

This module allows reading and searching email messages from the local Outlook installation using PowerShell. Please note that this module is manipulating the victims keyboard/mouse. If a victim is active on the target system, he may notice the activities of this module. Tested on Windows 8.1 x64...

HP Data Protector EXEC_INTEGUTIL Remote Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::Tcp include...

Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' class Metasploit3 "Windows OLE Automation Array Remote Code Execution", 'Description' = %q This modules exploits...

Immunity Canvas: MS14_064_IE_OLEAUT32

Name| ms14064ieoleaut32 ---|--- CVE| CVE-2014-6332 Exploit Pack| CANVAS Description| MS14064 - Windows OLE Automation Array Remote Code Execution Vulnerability Notes| CVE Name: CVE-2014-6332 VENDOR: Microsoft NOTES: References:...

Microsoft Exchange - IIS HTTP Internal IP Address Disclosure (Metasploit)

Microsoft Exchange - IIS HTTP Internal IP Address Disclosure Metasploit Exploit Title: Microsoft Exchange IIS HTTP Internal IP Disclosure Vulnerability Google Dork: NA Date: 08/01/2014 Exploit Author: Nate Power Vendor Homepage: microsoft.com Software Link: NA Version: Exchange OWA 2003, Exchange...

Wing FTP Server Authenticated Command Execution

This module exploits the embedded Lua interpreter in the admin web interface for versions 3.0.0 and above. When supplying a specially crafted HTTP POST request an attacker can use os.execute to execute arbitrary system commands on the target with SYSTEM privileges. This module requires Metasploit...

Unicorn - Tool for using a PowerShell downgrade attack and inject shellcode straight into memory

Magic Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy TrustedSec and Josh Kelly at Defcon 18. Usage is simple, just run Magic...

HP Data Protector Backup Client Service Remote Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp include...

Microsoft SQL Server Payload Execution via SQL injection

No description provided by source. $Id: mssqlpayloadsqli.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

Microsoft SQL Server Payload Execution

No description provided by source. $Id: mssqlpayload.rb 11392 2010-12-21 20:36:34Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

WinRM VBS Remote Code Execution

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit...

Antak WebShell - A webshell which utilizes PowerShell

Antak is a webshell written in C.Net which utilizes powershell. Antak is a part of Nishang and updates could be found here: https://github.com/samratashok/nishang Use this shell as a normal powershell console. Each command is executed in a new process, keep this in mind while using commands like...

Tips for Advanced Scheduling

Purpose This article provides information about advanced scheduling techniques in Veeam Backup & Replication. Solution Scenario 1: Granular Scheduling This advanced scheduling technique allows for a job to be scheduled to run at different times each day. By configuring the job to run "Periodicall...

HP Data Protector Backup Client Service Remote Code Execution Exploit

Exploit for windows platform in category remote exploits require 'msf/core' class Metasploit3 'HP Data Protector Backup Client Service Remote Code Execution', 'Description' = %q This module abuses the Backup Client Service OmniInet.exe to achieve remote code execution. The vulnerability exists in...

Hyper-V Guest processing skipped (check guest OS VSS state and integration components version)

Challenge Guest VMs will fail to engage VSS when Application-Aware Processing is enabled, generating the error: Error Guest processing skipped check guest OS VSS state and integration components version System.Exception Solution Most Common Solution At the time this article was written in 2014,...

Windows Command Shell Upgrade (Powershell)

This Metasploit module executes Powershell to upgrade a Windows Shell session to a full Meterpreter session. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' class...