DIAEnergie 1.10 SQL Injection Exploit

This Metasploit module exploit a remote SQL injection vulnerability in the CBEC service of DIAEnergie versions 1.10 and below from Delta Electronics. The commands will get executed in the context of NT AUTHORITY\SYSTEM. class MetasploitModule 'DIAEnergie SQL Injection CVE-2024-4548', 'Description...

WordPress Backup Migration 1.3.7 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Backup Migration Plugin PHP Filter Chain RCE', 'Description' = %q This module exploits an unauth RCE in the WordPress plugin: Backup...

SolarView Compact 6.00 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarView Compact unauthenticated remote command execution vulnerability.', 'Description' = %q CONTEC's SolarView™ Series enables you to monitor...

FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation Exploit

This Metasploit module exploits a race and use-after-free vulnerability in the FreeBSD kernel IPv6 socket handling. A missing synchronization lock in the IPV62292PKTOPTIONS option handling in setsockopt permits racing ip6setpktopt access to a freed ip6pktopts struct. This exploit overwrites the...

Cayin CMS NTP Server 11.0 Remote Code Execution Exploit

This Metasploit module exploits an authenticated remote code execution vulnerability in Cayin CMS versions 11.0 and below. The code execution is executed in the systemservice.cgi file's ntpIp Parameter. The field is limited in size, so repeated requests are made to achieve a larger payload. Cayin...

SMB DOUBLEPULSAR Remote Code Execution

This module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for SMB as popularly deployed by ETERNALBLUE. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This module require...

RDP DOUBLEPULSAR Remote Code Execution

This module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for RDP. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This module requires Metasploit:...

rConfig install Command Execution

This module exploits an unauthenticated command injection vulnerability in rConfig versions 3.9.2 and prior. The install directory is not automatically removed after installation, allowing unauthenticated users to execute arbitrary commands via the ajaxServerSettingsChk.php file as the web server...

Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow

Title: Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow Date: May 23rd, 2019 Author: Uday Mittal https://github.com/yaksas443/YaksasCSC-Lab/ Vendor Homepage: http://www.labf.com Software Link: http://www.labf.com/download/axessh.exe Version v4.2 Tested on: Windows 7 SP1 EN x86...

10-Strike LANState 8.8 Local Buffer Overflow

Exploit Title: 10-Strike LANState 8.8 - Local Buffer Overflow SEH Date: 2018-07-24 Exploit Author: absolomb Vendor Homepage: https://www.10-strike.com/products.shtml Software Link: https://www.10-strike.com/lanstate/download.shtml Version 8.8 Tested on: Windows 7 SP 1 x86 Open LANState, File -...

Drupal < 7.58 - Drupalgeddon3 Authenticated Remote Code Exploit

Exploit for php platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupalgeddon3', 'Description' = %q CVE-2018-7602 / SA-CORE-2018-004 A remote code execution...

SysGauge 1.5.18 Buffer Overflow

Exploit Title: SysGauge 1.5.18 a buffer overflow in SMTP connection verification function leads to code execution Date: 2017-02-28 Exploit Author: Peter Baris Vendor Homepage: http://www.saptech-erp.com.au Software Link: http://www.sysgauge.com/setups/sysgaugesetupv1.5.18.exe Version: 1.5.18 Test...

Disk Savvy Enterprise 9.1.14 - &#039;Login&#039; Remote Buffer Overflow

!/usr/bin/python print "Disk Savvy Enterprise 9.1.14 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...

Disk Sorter Enterprise 9.1.12 - &#039;Login&#039; Remote Buffer Overflow

!/usr/bin/python print "Disk Sorter Enterprise 9.1.12 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...

TheFatRat - Easy Tool For Generate Backdoor with Msfvenom

Easy tool for generate backdoor with msfvenom part of metasploit framework and program compiles a C program with a meterpreter reversetcp payload In it that can then be executed on a windows host Program to create a C program after it is compiled that will bypass most AV. Automating metasploit...

x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version v2

x8664 Linux shellreversetcp with Password - Polymorphic Version v2. Shellcode exploit for linx86-64 platform /--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password polymorphic version v2 135...

Linux x86/x86_64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes)

/ + Author : B3mB4m Contact : email protected Project : https://github.com/b3mb4m/Shellsploit Greetz : Bomberman,T-Rex,KnocKout,ZoRLu If you want test it, you must compile it within x86 OS. Or basically you can get it with shellsploit. Default setthings for port:4444 host:192.168.1.29 00000000 31...

Linux x86/x86_64 reverse_tcp Shellcode

Linux x86/x8664 reversetcp Shellcode. Shellcode exploit for linux platform / + Author : B3mB4m Contact : [email protected] Project : https://github.com/b3mb4m/Shellsploit Greetz : Bomberman,T-Rex,KnocKout,ZoRLu If you want test it, you must compile it within x86 OS. Or basically you can get i...

Using Metasploit/NetRipper sniffing encrypted puTTY/Outlook account-vulnerability warning-the black bar safety net

! /Article/UploadPic/2015-8/2015819145144782.jpg This year,the 2 3 annual Defcon conference in the USA Las Vegas Grand opening,and NetRipper it is in the current Defcon General Assembly for the first time available. NetRipper is a tool for Windows operating system vulnerabilities using the tool,i...

OSX/Intel reverse_tcp shell x86_64 - 131 bytes

No description provided by source. ;osx x64 reverse tcp shellcode 131 bytes ;Jacob Hammack ;[email protected] ;http://www.hammackj.com ; ;props to http://www.thexploit.com/ for the blog posts on x64 osx asm ;I borrowed some of his code ; ;OSX reverse tcp shell 131 bytes ;replace FFFFFFFF...