Lucene search
K
MetasploitMost viewed

6847 matches found

Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•350 views

HTTP Fetch

Fetch and execute an ARMLE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/armle/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and s...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•350 views

HTTP Fetch, Linux Execute Command

Fetch and execute an ARMLE payload from an HTTP server. Execute an arbitrary command or just a /bin/sh shell Module Options msf use payload/cmd/linux/http/armle/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf...

6AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•350 views

TFTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an MIPSLE payload from a TFTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/tftp/mipsle/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sh...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2026/01/05 6:59 p.m.•349 views

TFTP Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an RISC-V 64-bit payload from a TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/riscv64le/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2023/02/07 7:49 p.m.•349 views

ManageEngine ServiceDesk Plus Unauthenticated SAML RCE

This exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine ServiceDesk Plus versions 14003 and below CVE-2022-47966. Due to a dependency to an outdated library Apache Santuario version 1.4.1, it is possible to execute arbitrary code by providing a crafted...

9.8CVSS9.7AI score0.99753EPSS
Exploits15
Metasploit
Metasploit
•added 2024/07/03 7:54 p.m.•348 views

Zyxel parse_config.py Command Injection

This module exploits vulnerabilities in multiple Zyxel devices including the VPN, USG and APT series. The affected firmware versions depend on the device module, see this module's documentation for more details. Note this module was unable to be tested against a real Zyxel device and was tested...

8.8CVSS8.6AI score0.1014EPSS
Exploits2
Metasploit
Metasploit
•added 2010/07/02 12:10 a.m.•348 views

Adobe PDF Embedded EXE Social Engineering

This module embeds a Metasploit payload into an existing PDF file. The resulting PDF can be sent to a target as part of a social engineering attack. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModu...

9.3CVSS7.5AI score0.73436EPSS
Exploits7
Metasploit
Metasploit
•added 2026/04/10 7:2 p.m.•347 views

AVideo Unauthenticated SQL Injection Credential Dump

AVideo use auxiliary/gather/avideocatnamesqli msf auxiliaryavideocatnamesqli show actions ...actions... msf auxiliaryavideocatnamesqli set ACTION msf auxiliaryavideocatnamesqli show options ...show and set options... msf auxiliaryavideocatnamesqli run This module requires Metasploit:...

9.8CVSS5.6AI score0.0151EPSS
Exploits1
Metasploit
Metasploit
•added 2026/01/13 6:59 p.m.•347 views

n8n Workflow Expression Remote Code Execution

This module exploits a critical remote code execution vulnerability CVE-2025-68613 in the n8n workflow automation platform. The vulnerability exists in the workflow expression evaluation system where user-supplied expressions enclosed in are evaluated in an execution context that is not...

9.9CVSS8.2AI score0.97875EPSS
Exploits29
Metasploit
Metasploit
•added 2026/01/05 6:59 p.m.•347 views

TFTP Fetch, Linux Chmod

Fetch and execute an RISC-V 64-bit payload from a TFTP server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/tftp/riscv64le/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2025/05/28 6:51 p.m.•347 views

Gladinet CentreStack/Triofox ASP.NET ViewState Deserialization

A vulnerability in Gladinet CentreStack and Triofox application using hardcoded cryptographic keys for ViewState could allow an attacker to forge ViewState data. This can lead to unauthorized actions such as remote code execution. Both applications make use of a hardcoded machineKey in the IIS...

9.8CVSS8.1AI score0.92727EPSS
Exploits6
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•347 views

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an ARMLE payload from an HTTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/http/armle/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sho...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2023/06/02 7:50 p.m.•347 views

HTTP Fetch, Windows Meterpreter Shell, Reverse TCP Inline x64

Fetch and execute an x64 payload from an HTTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/http/x64/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf...

6AI score
Exploits0
Metasploit
Metasploit
•added 2025/06/09 6:51 p.m.•346 views

OS Command Exec, Unix Command Shell, Reverse TCP (via AWK)

Execute an OS command from PHP. Creates an interactive shell via GNU AWK Module Options msf use payload/php/unix/cmd/reverseawk msf payloadreverseawk show actions ...actions... msf payloadreverseawk set ACTION msf payloadreverseawk show options ...show and set options... msf payloadreverseawk run...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2025/04/16 6:52 p.m.•346 views

BentoML RCE

A Remote Code Execution RCE vulnerability caused by insecure deserialization has been identified in v1.4.2 of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. Module Options msf use exploit/linux/http/bentomlrcecve202527520 msf exploitbentomlrcecve202527520 sho...

9.8CVSS8AI score0.44358EPSS
Exploits5
Metasploit
Metasploit
•added 2025/04/14 6:52 p.m.•346 views

Langflow AI RCE

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code. Module Options msf use exploit/multi/http/langflowunauthrcecve20253248 msf...

9.8CVSS8.6AI score0.99968EPSS
Exploits33
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•346 views

TFTP Fetch, Linux Reboot

Fetch and execute an MIPSLE payload from a TFTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/tftp/mipsle/reboot msf payloadreboot...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2024/10/31 6:53 p.m.•346 views

WordPress TI WooCommerce Wishlist SQL Injection (CVE-2024-43917)

The TI WooCommerce Wishlist plugin use auxiliary/scanner/http/wptiwoocommercewishlistsqli msf auxiliarywptiwoocommercewishlistsqli show actions ...actions... msf auxiliarywptiwoocommercewishlistsqli set ACTION msf auxiliarywptiwoocommercewishlistsqli show options ...show and set options... msf...

9.8CVSS9AI score0.21769EPSS
Exploits3
Metasploit
Metasploit
•added 2023/09/29 7:51 p.m.•346 views

Junos OS PHPRC Environment Variable Manipulation RCE

This module exploits a PHP environment variable manipulation vulnerability affecting Juniper SRX firewalls and EX switches. The affected Juniper devices run FreeBSD and every FreeBSD process can access their stdin by opening /dev/fd/0. The exploit also makes use of two useful PHP features. The...

9.8CVSS8AI score0.93546EPSS
Exploits27
Metasploit
Metasploit
•added 2021/03/23 5:42 p.m.•346 views

Microsoft Exchange ProxyLogon Collector

This module exploit a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin CVE-2021-26855. By taking advantage of this vulnerability, it is possible to dump all mailboxes emails, attachments, contacts, .... This vulnerabili...

9.8CVSS9.2AI score0.99999EPSS
Exploits63
Metasploit
Metasploit
•added 2025/05/29 6:52 p.m.•345 views

PHP Exec

Execute a PHP payload as an OS command from a Posix-compatible shell Module Options msf use payload/cmd/unix/php/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2024/11/13 6:55 p.m.•345 views

Palo Alto Expedition Remote Code Execution (CVE-2024-5910 and CVE-2024-9464)

Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the second vulnerability, CVE-2024-9464, is an authenticated OS command injection. In a default installation, commands will ge...

9.8CVSS8.8AI score0.91783EPSS
Exploits9
Metasploit
Metasploit
•added 2026/04/17 7:1 p.m.•344 views

Camaleon CMS Directory Traversal CVE-2024-46987

Exploits CVE-2024-46987, an authenticated directory traversal vulnerability in Camaleon CMS versions use auxiliary/gather/camaleondownloadprivatefile msf auxiliarycamaleondownloadprivatefile show actions ...actions... msf auxiliarycamaleondownloadprivatefile set ACTION msf...

7.7CVSS5.2AI score0.1456EPSS
Exploits11
Metasploit
Metasploit
•added 2026/04/15 7:2 p.m.•344 views

Windows Persistence Bits Job

This module establishes persistence through a BITS job that downloads and executes a payload. Background Intelligent Transfer Service BITS is a Windows service for transferring files in the background using idle network bandwidth. BITS jobs are persistent and will resume across reboots until...

5.4AI score
Exploits0
Metasploit
Metasploit
•added 2026/04/07 7:1 p.m.•344 views

Windows Service for User (S4U) Scheduled Task Persistence - Schedule Trigger

Creates a scheduled task that will run using service-for-user S4U. This allows the scheduled task to run even as an unprivileged user that is not logged into the device. This will result in lower security context, allowing access to local resources only. The module requires 'Logon as a batch job'...

5.3AI score
Exploits0
Metasploit
Metasploit
•added 2026/01/22 6:57 p.m.•344 views

Oracle E-Business Suite CVE-2025-61882 RCE

This module exploits CVE-2025-61882 in Oracle E-Business Suite by combining SSRF, Path Traversal, HTTP request smuggling and XSLT injection. The exploit hosts a malicious XSL file that the target will fetch and process, leading to RCE. This module provides an interactive shell session. Vulnerable...

9.8CVSS7.7AI score0.99722EPSS
Exploits14
Metasploit
Metasploit
•added 2024/12/30 6:55 p.m.•343 views

Obsidian Plugin Persistence

This module searches for Obsidian vaults for a user, and uploads a malicious community plugin to the vault. The vaults must be opened with community plugins enabled NOT restricted mode, but the plugin will be enabled automatically. Tested against Obsidian 1.7.7 on Kali, Ubuntu 22.04, and Windows...

6.9AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•342 views

HTTP Fetch

Fetch and execute an ARMLE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/armle/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2024/01/17 7:50 p.m.•342 views

WordPress Backup Migration Plugin PHP Filter Chain RCE

This module exploits an unauth RCE in the WordPress plugin: Backup Migration use exploit/multi/http/wpbackupmigrationphpfilter msf exploitwpbackupmigrationphpfilter show targets ...targets... msf exploitwpbackupmigrationphpfilter set TARGET msf exploitwpbackupmigrationphpfilter show options ...sh...

9.8CVSS8.4AI score0.97846EPSS
Exploits14
Metasploit
Metasploit
•added 2025/05/14 6:50 p.m.•341 views

Car Rental System 1.0 File Upload RCE (Authenticated)

This module exploits an authenticated remote code execution vulnerability in the Online Car Rental System 1.0 via the changeimage1.php endpoint. An authenticated attacker can upload malicious PHP scripts without proper validation, enabling arbitrary code execution on the server. Module Options ms...

6.5CVSS7.9AI score0.02424EPSS
Exploits3
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•341 views

HTTP Fetch, Reverse TCP Stager

Fetch and execute an ARMLE payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/linux/http/armle/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2024/12/04 6:58 p.m.•341 views

Chamilo v1.11.24 Unrestricted File Upload PHP Webshell

Chamilo LMS is a free software e-learning and content management system. In versions prior to use exploit/linux/http/chamilobiguploadwebshell msf exploitchamilobiguploadwebshell show targets ...targets... msf exploitchamilobiguploadwebshell set TARGET msf exploitchamilobiguploadwebshell show...

8.1CVSS7.2AI score0.76084EPSS
Exploits27
Metasploit
Metasploit
•added 2026/04/02 7:2 p.m.•340 views

HTTPS Fetch, Windows Meterpreter Shell, Reverse TCP Inline

Fetch and execute an x86 payload from an HTTPS server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/https/x86/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf...

5.5AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•340 views

HTTPS Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an PPC64 payload from an HTTPS server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/https/ppc64/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•340 views

HTTP Fetch

Fetch and execute an MIPSLE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/mipsle/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2023/01/27 7:49 p.m.•340 views

Kerberos TGT/TGS Ticket Requester

This module requests TGT/TGS Kerberos tickets from the KDC Module Options msf use auxiliary/admin/kerberos/getticket msf auxiliarygetticket show actions ...actions... msf auxiliarygetticket set ACTION msf auxiliarygetticket show options ...show and set options... msf auxiliarygetticket run This...

5.3AI score
Exploits0
Metasploit
Metasploit
•added 2026/02/25 7:0 p.m.•339 views

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) unauthenticated Remote Code Execution

This exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access PRA and Remote Support RS. The module targets CVE-2026-1731, a direct command injection affecting RS versions 25.3.1 and prior, and PRA versions 24.3.4 and prior. Exploitation occurs with the...

9.9CVSS8AI score0.86091EPSS
Exploits11
Metasploit
Metasploit
•added 2026/01/28 7:0 p.m.•339 views

FreePBX firmware file upload

The FreePBX versions prior to 16.0.44,16.0.92 and 17.0.6,17.0.23 are vulnerable to multiple CVEs, specifically CVE-2025-66039 and CVE-2025-61678, in the context of this module. The versions before 16.0.44 and 17.0.23 are vulnerable to CVE-2025-66039, while versions before 16.0.92 and 17.0.6 are...

9.8CVSS6.6AI score0.50159EPSS
Exploits10
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•339 views

HTTPS Fetch, Linux Command Shell, Find Port Inline

Fetch and execute an PPC64 payload from an HTTPS server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/https/ppc64/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•339 views

HTTP Fetch, Linux Command Shell, Reverse TCP Stager

Fetch and execute an MIPSBE payload from an HTTP server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/http/mipsbe/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2023/06/14 7:50 p.m.•339 views

TerraMaster TOS 4.2.29 or lower - Unauthenticated RCE chaining CVE-2022-24990 and CVE-2022-24989

This module exploits an unauthenticated remote code execution vulnerability in TerraMaster TOS 4.2.29 and lower by chaining two existing vulnerabilities, CVE-2022-24990 "Leaking sensitive information" and CVE-2022-24989, "Authenticated remote code execution". Exploiting vulnerable endpoint...

9.8CVSS9.6AI score0.8405EPSS
Exploits10
Metasploit
Metasploit
•added 2025/06/05 6:50 p.m.•338 views

ThinManager Path Traversal (CVE-2023-2915) Arbitrary File Delete

This module exploits a path traversal vulnerability CVE-2023-2915 in ThinManager use auxiliary/admin/networking/thinmanagertraversaldelete msf auxiliarythinmanagertraversaldelete show actions ...actions... msf auxiliarythinmanagertraversaldelete set ACTION msf auxiliarythinmanagertraversaldelete...

9.1CVSS7.4AI score0.78093EPSS
Exploits1
Metasploit
Metasploit
•added 2025/05/06 6:54 p.m.•338 views

Sante PACS Server Path Traversal (CVE-2025-2264)

This module exploits a path traversal vulnerability CVE-2025-2264 in Sante PACS Server use auxiliary/gather/pacsservertraversal msf auxiliarypacsservertraversal show actions ...actions... msf auxiliarypacsservertraversal set ACTION msf auxiliarypacsservertraversal show options ...show and set...

7.5CVSS7.4AI score0.38656EPSS
Exploits2
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•338 views

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an MIPSBE payload from an HTTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/http/mipsbe/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2026/01/28 6:59 p.m.•337 views

FreePBX Custom Extension SQL Injection

FreePBX versions prior to 16.0.44,16.0.92 and 17.0.23,17.0.6 are vulnerable to multiple CVEs, specifically CVE-2025-66039 and CVE-2025-61675, in the context of this module. The versions before 16.0.44 and 17.0.23 are vulnerable to CVE-2025-66039, while versions before 16.0.92 and 17.0.6 are...

9.8CVSS6.1AI score0.3896EPSS
Exploits8
Metasploit
Metasploit
•added 2026/01/08 6:56 p.m.•337 views

Prison Management System 1.0 Authenticated RCE via Unrestricted File Upload

This module exploits an unrestricted file upload vulnerability in Prison Management System 1.0. An authenticated user can upload a PHP file with arbitrary content by abusing the avatar upload functionality in the add-admin.php endpoint. The application fails to properly validate the uploaded file...

8.8CVSS5.9AI score0.03275EPSS
Exploits3
Metasploit
Metasploit
•added 2025/12/12 6:56 p.m.•337 views

N-able N-Central Authentication Bypass and XXE Scanner

This module scans for vulnerable N-able N-Central instances affected by CVE-2025-9316 Unauthenticated Session Bypass and CVE-2025-11700 XXE. The module attempts to exploit CVE-2025-9316 by sending a sessionHello SOAP request to the ServerMMS endpoint with various appliance IDs to obtain an...

8.4CVSS8.1AI score0.36673EPSS
Exploits2
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•337 views

HTTP Fetch, Linux Execute Command

Fetch and execute an MIPSLE payload from an HTTP server. A very small shellcode for executing commands. This module is sometimes helpful for testing purposes as well as on targets with extremely limited buffer space. Module Options msf use payload/cmd/linux/http/mipsle/exec msf payloadexec show...

7.4AI score
Exploits0
Metasploit
Metasploit
•added 2026/01/15 6:57 p.m.•336 views

BadSuccessor: dMSA abuse to Escalate Privileges in Windows Active Directory

This module exploits 'Bad Successor', which allows operators to elevate privileges on domain controllers running at the Windows 2025 forest functional level. Microsoft decided to introduce Delegated Managed Service Accounts in this forest level and they came ripe for exploitation. Normal users...

5.5AI score
Exploits0
Metasploit
Metasploit
•added 2025/07/17 6:55 p.m.•336 views

PandoraFMS Netflow Authenticated Remote Code Execution

This module exploits a command injection vulnerability in Netflow component of PandoraFMS. The module requires a set of user credentials to modify Netflow settings. Also, Netflow binaries have to be present on the system. Module Options msf use exploit/linux/http/pandorafmsauthnetflowrce msf...

9.8CVSS5.8AI score0.19944EPSS
Exploits3
Total number of security vulnerabilities5000