43 matches found
ClanSphere 2011.3 Local File Inclusion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ClanSphere 2011.3 Local File Inclusion Vulnerability', 'Description' = %q This module exploits a directory traversal flaw found in Clansphere...
MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass', 'Description' = %q This module bypasses basic authentication for Internet Informatio...
Jenkins Domain Credential Recovery
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'json' class MetasploitModule 'Jenkins Domain Credential Recovery', 'Description' = %q This module will collect Jenkins domain credentials, and uses the script...
Adobe Flash Player PCRE Regex Logic Error Exploit
This Metasploit module exploits a vulnerability found in Adobe Flash Player. A compilation logic error in the PCRE engine, specifically in the handling of the \c escape sequence when followed by a multi-byte UTF8 character, allows arbitrary execution of PCRE bytecode. This module requires...
Symantec Web Gateway 5 restore.php Command Injection Exploit
This Metasploit module exploits a command injection vulnerability found in Symantec Web Gateway's setting restoration feature. The filename portion can be used to inject system commands into a syscall function, and gain control under the context of HTTP service. For Symantec Web Gateway 5.1.1, yo...
FreeBSD 9 Address Space Manipulation Privilege Escalation
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit4...
Firefox onreadystatechange Event DocumentViewerImpl Use After Free
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
7-Technologies IGSS 9 IGSSdataServer .RMS Rename Buffer Overflow
No description provided by source. $Id: igss9igssdataserverrename.rb 12886 2011-06-09 06:04:04Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing a...
Rumba FTP Client FTPSFtp.dll 4.2.0.0 - OpenSession() Buffer Overflow
No description provided by source. html head titleRumba FTP Client FTPSFtp.dll v4.2.0.0 OpenSession Buffer Overflow by sinn3r/title /head body object classid=clsid:677A6F83-52A0-4931-8E62-EC713EE9B949 id=ftpsftp/object script language=JavaScript / Rumba FTP Client FTPSFtp.dll v4.2.0.0 OpenSession...
Microsoft Internet Explorer 'CAnchorElement'释放后重用内存破坏漏洞
BUGTRAQ ID: 62376 Internet Explorer,简称MSIE,是微软公司推出的一款网页浏览器。 Microsoft Internet Explorer 8的标准模式中,如果首先创建不合逻辑的表树,即CPhraseElement在CTableRow后面,且最后的节点在子表元素,则会造成释放后重用。攻击者通过诱使用户查看特制的网页,利用此漏洞可在当前用户上下文中执行任意代码 0 Microsoft Internet Explorer 8 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS13-055)以及相应补丁:...
MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...
MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "MS13-055 Microsof...
Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
Exploit for windows platform in category local exploits require 'msf/core' require 'rex' require 'msf/core/post/common' require 'msf/core/post/windows/priv' require 'msf/core/post/windows/process' class Metasploit3 'Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation', 'Description' = %q...
FreeBSD 9 Address Space Manipulation Privilege Escalation
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit4 'FreeBSD 9 Address Space Manipulation...
FreeBSD 9 Address Space Manipulation Privilege Escalation
This Metasploit module exploits a vulnerability that can be used to modify portions of a process's address space, which may lead to privilege escalation. Systems such as FreeBSD 9.0 and 9.1 are known to be vulnerable. This file is part of the Metasploit Framework and may be subject to...
FreeBSD 9 Address Space Manipulation Privilege Escalation
This module exploits a vulnerability that can be used to modify portions of a process's address space, which may lead to privilege escalation. Systems such as FreeBSD 9.0 and 9.1 are known to be vulnerable. This module requires Metasploit: https://metasploit.com/download Current source:...
Netwin SurgeFTP - Remote Command Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Netwin SurgeFTP...
Oracle MySQL for Microsoft Windows MOF Execution Vulnerability
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass
This module bypasses basic authentication for Internet Information Services IIS. By appending the NTFS stream name to the directory name in a request, it is possible to bypass authentication. This module requires Metasploit: https://metasploit.com/download Current source:...
RabidHamster R4 Log Entry sprintf() Buffer Overflow
This module exploits a vulnerability found in RabidHamster R4's web server. By supplying a malformed HTTP request, it is possible to trigger a stack-based buffer overflow when generating a log, which may result in arbitrary code execution under the context of the user. This module requires...