Lucene search
K
MetasploitMost viewed

6847 matches found

Metasploit
Metasploit
•added 2015/05/02 6:52 p.m.•31 views

BSD x64 Command Shell, Bind TCP Inline (IPv6)

Listen for a connection and spawn a command shell over IPv6 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 90 include Msf::Payload::Single include Msf::Payload::Bsd include...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2015/04/10 6:1 p.m.•31 views

Group Policy Script Execution From Shared Resource

This is a general-purpose module for exploiting systems with Windows Group Policy configured to load VBS startup/logon scripts from remote locations. This module runs a SMB shared resource that will provide a payload through a VBS file. Startup scripts will be executed with SYSTEM privileges, whi...

6.9AI score
Exploits0
Metasploit
Metasploit
•added 2015/01/14 9:4 p.m.•31 views

GetGo Download Manager HTTP Response Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in GetGo Download Manager version 5.3.0.2712 earlier, caused by an overly long HTTP response header. By persuading the victim to download a file from a malicious server, a remote attacker could execute arbitrary code on the system o...

10CVSS1.1AI score0.6144EPSS
Exploits12
Metasploit
Metasploit
•added 2014/11/20 9:28 p.m.•31 views

Gather Kademlia Server Information

This module uses the Kademlia BOOTSTRAP and PING messages to identify and extract information from Kademlia speaking UDP endpoints, typically belonging to eMule/eDonkey/BitTorrent servers or other P2P applications. This module requires Metasploit: https://metasploit.com/download Current source:...

0.3AI score
Exploits0
Metasploit
Metasploit
•added 2014/10/30 3:34 p.m.•31 views

Android Open Source Platform (AOSP) Browser UXSS

This module exploits a Universal Cross-Site Scripting UXSS vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on 'Android Open Source Platform AOSP Browser UXSS', 'Description' = %q This module exploits a Universal Cross-Site Scriptin...

6.1AI score
Exploits0
Metasploit
Metasploit
•added 2014/04/07 2:21 p.m.•31 views

WinRAR Filename Spoofing

This module abuses a filename spoofing vulnerability in WinRAR. The vulnerability exists when opening ZIP files. The file names showed in WinRAR when opening a ZIP file come from the central directory, but the file names used to extract and open contents come from the Local File Header. This...

7.4AI score
Exploits0
Metasploit
Metasploit
•added 2014/04/02 8:5 p.m.•31 views

EMC CTA v10.0 Unauthenticated XXE Arbitrary File Read

EMC CTA v10.0 is susceptible to an unauthenticated XXE attack that allows an attacker to read arbitrary files from the file system with the permissions of the root user. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

7.8CVSS0.8AI score0.53342EPSS
Exploits2
Metasploit
Metasploit
•added 2014/03/18 1:47 a.m.•31 views

Horde Framework Unserialize PHP Code Execution

This module exploits a php unserialize vulnerability in Horde 'Horde Framework Unserialize PHP Code Execution', 'Description' = %q This module exploits a php unserialize vulnerability in Horde 'EgiX', Exploitation technique and Vulnerability discovery originally reported by the vendor 'juan...

7.5CVSS0.6AI score0.42895EPSS
Exploits7
Metasploit
Metasploit
•added 2014/03/06 1:35 a.m.•31 views

VNC Server (Reflective Injection), Reverse HTTP Stager Proxy

Inject a VNC Dll via a reflective loader staged. Tunnel communication over HTTP This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 665 include Msf::Payload::Stager include...

0.4AI score
Exploits0
Metasploit
Metasploit
•added 2014/01/31 3:18 p.m.•31 views

SkyBlueCanvas CMS Remote Code Execution

This module exploits an arbitrary command execution vulnerability in SkyBlueCanvas CMS version 1.1 r248-03 and below. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SkyBlueCanvas CMS Remote Co...

6.8CVSS10AI score0.31415EPSS
Exploits6
Metasploit
Metasploit
•added 2014/01/14 6:25 p.m.•31 views

Linux Meterpreter, Reverse TCP Stager

Inject the mettle server payload staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 272 include Msf::Payload::Stager def initializeinfo =...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2013/08/06 3:38 a.m.•31 views

Python Meterpreter, Python Bind TCP Stager

Run a meterpreter server in Python compatible with 2.5-2.7 & 3.1+. Listen for a connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::Stager...

0.4AI score
Exploits0
Metasploit
Metasploit
•added 2013/07/17 6:45 p.m.•31 views

Apple Quicktime 7 Invalid Atom Length Buffer Overflow

This module exploits a vulnerability found in Apple Quicktime. The flaw is triggered when Quicktime fails to properly handle the data length for certain atoms such as 'rdrf' or 'dref' in the Alis record, which may result a buffer overflow by loading a specially crafted .mov file, and allows...

9.3CVSS8AI score0.32553EPSS
Exploits11
Metasploit
Metasploit
•added 2013/04/30 2:45 p.m.•31 views

Memcached Remote Denial of Service

This module sends a specially-crafted packet to cause a segmentation fault in memcached v1.4.15 or earlier versions. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Memcached Remote Denial of...

5CVSS0.9AI score0.22317EPSS
Exploits3
Metasploit
Metasploit
•added 2013/04/20 6:43 a.m.•31 views

Java Applet Reflection Type Confusion Remote Code Execution

This module abuses Java Reflection to generate a Type Confusion, due to a weak access control when setting final fields on static classes, and run code outside of the Java Sandbox. The vulnerability affects Java version 7u17 and earlier. This exploit bypasses click-to-play throw a specially craft...

3.7CVSS7.1AI score0.85333EPSS
Exploits6
Metasploit
Metasploit
•added 2013/01/31 3:9 p.m.•31 views

DataLife Engine preview.php PHP Code Injection

This module exploits a PHP code injection vulnerability DataLife Engine 9.7. The vulnerability exists in preview.php, due to an insecure usage of pregreplace with the e modifier, which allows to inject arbitrary php code, when there is a template installed which contains a catlist or not-catlist...

7.5CVSS0.3AI score0.40465EPSS
Exploits9
Metasploit
Metasploit
•added 2013/01/22 12:26 p.m.•31 views

ZoneMinder Video Server packageControl Command Execution

This module exploits a command execution vulnerability in ZoneMinder Video Server version 1.24.0 to 1.25.0 which could be abused to allow authenticated users to execute arbitrary commands under the context of the web server user. The 'packageControl' function in the 'includes/actions.php' file...

7.5CVSS7.2AI score0.47895EPSS
Exploits2
Metasploit
Metasploit
•added 2013/01/08 4:46 p.m.•31 views

Honeywell Tema Remote Installer ActiveX Remote Code Execution

This module exploits a vulnerability found in the Honeywell Tema ActiveX Remote Installer. This ActiveX control can be abused by using the DownloadFromURL function to install an arbitrary MSI from a remote location without checking source authenticity or user notification. This module has been...

10AI score
Exploits0
Metasploit
Metasploit
•added 2012/11/16 6:20 p.m.•31 views

SAP /sap/bc/soap/rfc SOAP Service TH_SAPREL Function Information Disclosure

This module attempts to identify software, OS and DB versions through the SAP function THSAPREL using the /sap/bc/soap/rfc SOAP service. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspire...

0.3AI score
Exploits0
Metasploit
Metasploit
•added 2012/10/08 5:46 p.m.•31 views

PhpTax pfilez Parameter Exec Remote Code Injection

This module exploits a vulnerability found in PhpTax, an income tax report generator. When generating a PDF, the icondrawpng function in drawimage.php does not properly handle the pfilez parameter, which will be used in an exec statement, and then results in arbitrary remote code execution under...

8.1AI score
Exploits0
Metasploit
Metasploit
•added 2012/07/23 3:26 p.m.•31 views

SAP Management Console GetProcessList

This module attempts to list SAP processes through the SAP Management Console SOAP Interface This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console GetProcessList', 'Description...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2012/07/19 1:29 p.m.•31 views

Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow

This module exploits a remote buffer overflow in the ZENworks Configuration Management. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted packet with the opcode 0x4c PROXYCMDPREBOOTTASKINFO2 to port 998/TCP. The module has been successfully tested...

10CVSS0.6AI score0.69667EPSS
Exploits13
Metasploit
Metasploit
•added 2012/04/07 5:4 p.m.•31 views

LANDesk Lenovo ThinkManagement Console Remote Command Execution

This module can be used to execute a payload on LANDesk Lenovo ThinkManagement Suite 9.0.2 and 9.0.3. The payload is uploaded as an ASP script by sending a specially crafted SOAP request to "/landesk/managementsuite/core/core.anonymous/ServerSetup.asmx" , via a "RunAMTCommand" operation with the...

7.5CVSS7.3AI score0.68399EPSS
Exploits12
Metasploit
Metasploit
•added 2012/01/30 9:1 a.m.•31 views

OS X x64 Execute Command

Execute an arbitrary command This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 31 include Msf::Payload::Single def initializeinfo = supermergeinfoinfo, 'Name' = 'OS X x64 Execute...

0.7AI score
Exploits0
Metasploit
Metasploit
•added 2011/12/01 10:1 p.m.•31 views

H.323 Version Scanner

Detect H.323 Version. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'H.323 Version Scanner', 'Description' = 'Detect H.323 Version.', 'Author' = 'hdm', 'License' = MSFLICENSE registeroptions...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2011/11/21 6:39 p.m.•31 views

Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow

This module exploits a stack based buffer overflow found in Free MP3 CD Ripper 1.1. The overflow is triggered when an unsuspecting user opens a malicious WAV file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

9.3CVSS10AI score0.37001EPSS
Exploits3
Metasploit
Metasploit
•added 2011/11/19 3:24 a.m.•31 views

Wireshark console.lua Pre-Loading Script Execution

This module exploits a vulnerability in Wireshark 1.6 or less. When opening a pcap file, Wireshark will actually check if there's a 'console.lua' file in the same directory, and then parse/execute the script if found. Versions affected by this vulnerability: 1.6.0 to 1.6.1, 1.4.0 to 1.4.8 This...

9.3CVSS7.5AI score0.35528EPSS
Exploits9
Metasploit
Metasploit
•added 2011/10/18 7:39 a.m.•31 views

Apple Safari Webkit libxslt Arbitrary File Creation

This module exploits a file creation vulnerability in the Webkit rendering engine. It is possible to redirect the output of a XSLT transformation to an arbitrary file. The content of the created file must be ASCII or UTF-8. The destination path can be relative or absolute. This module has been...

8.8CVSS7.6AI score0.43195EPSS
Exploits11
Metasploit
Metasploit
•added 2011/10/12 11:26 p.m.•31 views

Multi Gather DNS Reverse Lookup Scan

Performs DNS reverse lookup using the OS included DNS query command. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Multi Gather DNS Reverse Lookup Scan', 'Description' = %q Performs DNS rever...

7.4AI score
Exploits0
Metasploit
Metasploit
•added 2011/08/10 5:48 p.m.•31 views

Windows Gather FlashFXP Saved Password Extraction

This module extracts weakly encrypted saved FTP Passwords from FlashFXP. It finds saved FTP connections in the Sites.dat file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather...

0.4AI score
Exploits0
Metasploit
Metasploit
•added 2011/03/25 10:49 p.m.•31 views

VLC AMV Dangling Pointer Vulnerability

This module exploits VLC media player when handling a .AMV file. By flipping the 0x41st byte in the file format video width/height, VLC crashes due to an invalid pointer, which allows remote attackers to gain arbitrary code execution. The vulnerable packages include: VLC 1.1.4, VLC 1.1.5, VLC...

9.3CVSS6.7AI score0.75515EPSS
Exploits7
Metasploit
Metasploit
•added 2011/03/02 10:18 a.m.•31 views

SAP Management Console Get Logfile

This module simply attempts to download available logfiles and developer tracefiles through the SAP Management Console SOAP Interface. Please use the sapmgmtconlistlogfiles extension to view a list of available files. This module requires Metasploit: https://metasploit.com/download Current source...

6.9AI score
Exploits0
Metasploit
Metasploit
•added 2010/08/02 5:56 a.m.•31 views

VxWorks WDB Agent Remote Memory Dump

This module provides the ability to dump the system memory of a VxWorks target through WDBRPC This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VxWorks WDB Agent Remote Memory Dump', 'Description...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2010/02/23 6:3 p.m.•31 views

Avahi Source Port 0 DoS

Avahi-daemon versions prior to 0.6.24 can be DoS'd with an mDNS packet with a source port of 0. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Avahi Source Port 0 DoS', 'Description' = %q...

5CVSS6.9AI score0.59223EPSS
Exploits7
Metasploit
Metasploit
•added 2009/12/15 8:15 p.m.•31 views

Adobe Doc.media.newPlayer Use After Free Vulnerability

This module exploits a use after free vulnerability in Adobe Reader and Adobe Acrobat Professional versions up to and including 9.2. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModul...

7.8CVSS6.9AI score0.81863EPSS
Exploits21
Metasploit
Metasploit
•added 2009/12/10 8:24 a.m.•31 views

Timbuktu PlughNTCommand Named Pipe Buffer Overflow

This module exploits a stack based buffer overflow in Timbuktu Pro version 'Timbuktu PlughNTCommand Named Pipe Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow in Timbuktu Pro version = 8.6.6 in a pretty novel way. This exploit requires two connections. The...

9.3CVSS7.3AI score0.33281EPSS
Exploits8
Metasploit
Metasploit
•added 2009/11/17 10:29 p.m.•31 views

HTTPDX h_handlepeer() Function Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in HTTPDX HTTP server 1.4. The vulnerability is caused due to a boundary error within the "hhandlepeer" function in http.cpp. By sending an overly long HTTP request, an attacker can overrun a buffer and execute arbitrary code. This...

10CVSS10AI score0.63909EPSS
Exploits3
Metasploit
Metasploit
•added 2009/10/15 3:22 p.m.•31 views

Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in Electronic Arts SnoopyCtrl ActiveX Control NPSnpy.dll 1.1.0.36. When sending an overly long string to the CheckRequirements method, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download...

6.8CVSS7.9AI score0.3089EPSS
Exploits3
Metasploit
Metasploit
•added 2009/10/03 11:5 p.m.•31 views

Xlink FTP Server Buffer Overflow

This module exploits a stack buffer overflow in Xlink FTP Server that comes bundled with Omni-NFS Enterprise 5.2. When a overly long FTP request is sent to the server, arbitrary code may be executed. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5CVSS7.8AI score0.59961EPSS
Exploits7
Metasploit
Metasploit
•added 2009/10/03 11:5 p.m.•31 views

Xlink FTP Client Buffer Overflow

This module exploits a stack buffer overflow in Xlink FTP Client 32 Version 3.01 that comes bundled with Omni-NFS Enterprise 5.2. When an overly long FTP server response is received by a client, arbitrary code may be executed. This module requires Metasploit: https://metasploit.com/download Curre...

7.5CVSS7.8AI score0.59961EPSS
Exploits7
Metasploit
Metasploit
•added 2009/09/26 12:4 a.m.•31 views

Timbuktu Pro Directory Traversal/File Upload

This module exploits a directory traversal vulnerability in Motorola's Timbuktu Pro for Windows 8.6.5. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Timbuktu Pro Directory Traversal/File...

10CVSS7AI score0.69473EPSS
Exploits6
Metasploit
Metasploit
•added 2009/08/25 4:18 p.m.•31 views

ProFTP 2.9 Banner Remote Buffer Overflow

This module exploits a buffer overflow in the ProFTP 2.9 client that is triggered through an excessively long welcome message. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ProFTP 2.9 Banner...

9.3CVSS7.5AI score0.28277EPSS
Exploits3
Metasploit
Metasploit
•added 2009/05/03 1:29 p.m.•31 views

Cain and Abel RDP Buffer Overflow

This module exploits a stack-based buffer overflow in the Cain & Abel v4.9.24 and below. An attacker must send the file to victim, and the victim must open the specially crafted RDP file under Tools - Remote Desktop Password Decoder. This module requires Metasploit: https://metasploit.com/downloa...

9.3CVSS0.6AI score0.46979EPSS
Exploits3
Metasploit
Metasploit
•added 2008/05/15 12:58 a.m.•31 views

BigAnt Server 2.2 Buffer Overflow

This module exploits a stack buffer overflow in BigAnt Server 2.2. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

10CVSS8.3AI score0.73719EPSS
Exploits6
Metasploit
Metasploit
•added 2007/12/18 4:30 a.m.•31 views

Apple OS X Software Update Command Execution

This module exploits a feature in the Distribution Packages, which are used in the Apple Software Update mechanism. This feature allows for arbitrary command execution through JavaScript. This exploit provides the malicious update server. Requests must be redirected to this server by other means...

9.3CVSS7.2AI score0.22982EPSS
Exploits4
Metasploit
Metasploit
•added 2007/12/12 10:6 p.m.•31 views

MS07-065 Microsoft Message Queueing Service DNS Name Path Overflow

This module exploits a stack buffer overflow in the RPC interface to the Microsoft Message Queueing service. This exploit requires the target system to have been configured with a DNS name and for that name to be supplied in the 'DNAME' option. This name does not need to be served by a valid DNS...

9CVSS0.1AI score0.69055EPSS
Exploits13
Metasploit
Metasploit
•added 2007/11/26 10:29 p.m.•31 views

Mail.app Image Attachment Command Execution

This module exploits a command execution vulnerability in the Mail.app application shipped with Mac OS X 10.5.0. This flaw was patched in 10.4 in March of 2007, but reintroduced into the final release of 10.5. This module requires Metasploit: https://metasploit.com/download Current source:...

9.3CVSS0.3AI score0.54EPSS
Exploits5
Metasploit
Metasploit
•added 2007/10/04 3:3 a.m.•31 views

Borland InterBase open_marker_file() Buffer Overflow

This module exploits a stack buffer overflow in Borland InterBase by sending a specially crafted attach request. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Borland InterBase openmarkerfile...

9.3CVSS1AI score0.37503EPSS
Exploits7
Metasploit
Metasploit
•added 2007/09/26 1:44 p.m.•31 views

Netcat v1.10 NT Stack Buffer Overflow

This module exploits a stack buffer overflow in Netcat v1.10 NT. By sending an overly long string we are able to overwrite SEH. The vulnerability exists when netcat is used to bind -e an executable to a port in doexec.c. This module tested successfully using "c:\nc -L -p 31337 -e ftp". This modul...

7.5CVSS0.5AI score0.60412EPSS
Exploits3
Metasploit
Metasploit
•added 2007/05/01 11:22 p.m.•31 views

Trend Micro ServerProtect 5.58 Buffer Overflow

This module exploits a buffer overflow in Trend Micro ServerProtect 5.58 Build 1060. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

10CVSS1.1AI score0.73767EPSS
Exploits27
Total number of security vulnerabilities5000