103 matches found
Powershell Exec, Windows Command Shell, Bind TCP Inline
Execute an x86 payload from a command via PowerShell. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/windows/powershell/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...
Powershell Exec, Windows Command Shell, Bind TCP Stager with UUID Support (Windows x86)
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Listen for a connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/powershell/shell/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTI...
Powershell Exec, Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/shell/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf...
Powershell Exec, Windows Command Shell, Windows x86 Bind Named Pipe Stager
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Listen for a pipe connection Windows x86 Module Options msf use payload/cmd/windows/powershell/shell/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf...
Powershell Exec, Windows Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Listen for a connection Module Options msf use payload/cmd/windows/powershell/shell/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show...
Powershell Exec, Windows Command Shell, Reverse TCP Inline
Execute an x86 payload from a command via PowerShell. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/windows/powershell/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sho...
Powershell Exec, Windows Command Shell, Reverse TCP Stager (IPv6)
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/powershell/shell/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf...
Powershell Exec, Windows Command Shell, Bind IPv6 TCP Stager (Windows x86)
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/powershell/shell/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf...
Powershell Exec, Windows Command Shell, Reverse TCP Stager (No NX or Win7)
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/powershell/shell/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf...
Powershell Exec, Windows Command Shell, Reverse TCP Stager
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp sho...
Powershell Exec, Windows Command Shell, Bind IPv6 TCP Stager with UUID Support (Windows x86)
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/powershell/shell/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf...
Powershell Exec, Windows Command Shell, Reverse TCP Stager with UUID Support
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/powershell/shell/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set...
Powershell Exec, Windows Command Shell, Reverse UDP Stager with UUID Support
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/powershell/shell/reverseudp msf payloadreverseudp show actions ...actions... msf payloadreverseudp set ACTION msf...
CVE-2021-26472
In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges...
CVE-2021-28927
The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platformwin32.c via the accessibilityspeakwindows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code via command injection...
Advantech iView Unauthenticated Remote Code Execution Exploit
This Metasploit module exploits an unauthenticated configuration change combined with an unauthenticated file write primitive, leading to an arbitrary file write that allows for remote code execution as the user running iView, which is typically NT AUTHORITY\SYSTEM. This issue was demonstrated in...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
SignHere Introduction CVE-2017-11882 - The unique vulnerab...
Microsoft SharePoint SSI / ViewState Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SharePoint Server-Side Include and ViewState RCE', 'Description' = %q This module exploits a server-side include SSI in SharePoint to...
Plesk / myLittleAdmin ViewState .NET Deserialization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule VIEWSTATEGENERATOR = 'CA0B0334'.freeze VIEWSTATEVALIDATIONKEY = "\x5c\x7e\xef\x66\x50\x63\x9d\x2c\xb8\xfa\xa0\xda\x36\xaf\x24\x45\x2d\xcf" ...
Apache Shiro v1.2.4 Cookie RememberME Deserial RCE
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache Shiro v1.2.4. Note that other versions of Apache Shiro may also be exploitable if the encryption key used by Shiro to encrypt rememberMe cookies is known. This module requires Metasploit:...