Windows Interactive Powershell Session, Reverse TCP

Interacts with a powershell session on an established socket connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/powershell' module MetasploitModule CachedSize = :dynamic include Msf::Payload::Sing...

Windows Interactive Powershell Session, Bind TCP

Interacts with a powershell session on an established socket connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/powershell' module MetasploitModule CachedSize = :dynamic include Msf::Payload::Sing...

HP Operations Orchestration Powershell Operations Information Disclosure Vulnerability

HP Operations Orchestration is a suite of IT process automation solutions from Hewlett-Packard HP. The solution automates the management of IT tasks, operations and processes, as well as enhances audit compliance by generating documentation and reporting capabilities. A security vulnerability...

CVE-2015-2108

Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors...

Code injection

Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors...

CVE-2015-2108

Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors...

CVE-2015-2108

Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors...

CVE-2015-2108

HP Operations Orchestration (HP O.O.) versions 9.x and 10.x are affected by CVE-2015-2108, an information-disclosure vulnerability exploitable via PowerShell operations. The issue allows remote authenticated users to obtain sensitive information; exact vectors are not publicly detailed in the pro...

Powershell Remoting Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit3 'Powershell Remoting Remote Command Execution', 'Description' = %q Uses Powershell Remoting TCP 47001 to inject payload...

Shellcode Win x86-6 4 - Download & execute (Generator)-bug warning-the black bar safety net

Title: Obfuscated Shellcode Windows x86/x64 Download And Execute Use PowerShell - Generator length: Dynamic ! depend on url and filename Date: 2 0 January 2 0 1 5 Author: Ali Razmjoo tested On: Windows 7 x64 ultimate WinExec = 0x77b1e695 ExitProcess = 0x77ae2acf ==================================...

Adobe Flash Player ByteArray UncompressViaZlibVariant Use-After-Free-vulnerability warning-the black bar safety net

require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Powershell include Msf::Exploit::Remote::BrowserExploitServer def initializeinfo= superupdateinfoinfo, 'Name' = 'Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free', 'Description...

Win x86-64 - Download & execute Generator

Win x86-64 - Download & execute Generator. Shellcode exploit for windows platform Title: Obfuscated Shellcode Windows x86/x64 Download And Execute Use PowerShell - Generator length: Dynamic ! depend on url and filename Date: 20 January 2015 Author: Ali Razmjoo tested On: Windows 7 x64 ultimate...

Windows Gather User Credentials (phishing)

This module is able to perform a phishing attack on the target by popping up a loginprompt. When the user fills credentials in the loginprompt, the credentials will be sent to the attacker. The module is able to monitor for new processes and popup a loginprompt when a specific process is starting...

win64/7 Obfuscated Shellcode Download And Execute [Dynamic Lenth]

Title: Obfuscated Shellcode Windows x64 Download And Execute Use PowerShell - Generator length: Dynamic ! depend on url and filename Date: 20 January 2015 Author: Ali Razmjoo tested On: Windows 7 x64 ultimate WinExec = 0x769e2c91 ExitProcess = 0x769679f8 ==================================== Execu...

win32/7 Obfuscated Shellcode Download And Execute [Dynamic Lenth]

Title: Obfuscated Shellcode Windows x86 Download And Execute Use PowerShell - Generator length: Dynamic ! depend on url and filename Date: 20 January 2015 Author: Ali Razmjoo tested On: Windows 7 x64 ultimate WinExec = 0x77b1e695 ExitProcess = 0x77ae2acf ==================================== Execu...

SQL Server stored procedure Hacking（II）of the user to impersonate-vulnerability warning-the black bar safety net

Security pulse in the before provides SQL Server stored procedure Hacking series the first portion of the SQL Server stored procedure Hacking I of trusted database, now to translate the SQL Server stored procedure Hacking（II）of the user to impersonate on Application developers often use SQL Serve...

GIT 1.8.5.6/1.9.5/2.0.5/2.1.4/2.2.1 & Mercurial < 3.2.3 - Multiple Vulnerabilities (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Malicious Git and Mercurial HTTP Server For CVE-2014-9390', 'Description' = %q This module exploits CVE-2014-9390, which affect...

Powershell Remoting Remote Command Execution

This module uses Powershell Remoting TCP 47001 to inject payloads on target machines. If RHOSTS are specified, it will try to resolve the IPs to hostnames, otherwise use a HOSTFILE to supply a list of known hostnames. This module requires Metasploit: https://metasploit.com/download Current source...

Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution Exploit

This Metasploit module exploits Windows OLE Automation Array Vulnerability known as CVE-2014-6332. The vulnerability affects Internet Explorer 3.0 until version 11 within Windows95 up to Windows 10. Powershell is required on the target machine. On Internet Explorer versions using Protected Mode,...

Microsoft Internet Explorer Windows OLE Automation Array Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' class Metasploit4 HttpClients::IE, :uaminver = "3.0", :uamaxver = "10.0", :javascript = true, :osname =...