Lucene search
K
MetasploitMost viewed

6847 matches found

Metasploit
Metasploit
•added 2023/01/19 7:51 p.m.•278 views

Wordpress Paid Membership Pro code Unauthenticated SQLi

Paid Membership Pro, a WordPress plugin, prior to 2.9.8 is affected by an unauthenticated SQL injection via the code parameter. Remote attackers can exploit this vulnerability to dump usernames and password hashes from the wpusers table of the affected WordPress installation. These password hashe...

9.8CVSS9.8AI score0.9246EPSS
Exploits6
Metasploit
Metasploit
•added 2026/04/30 6:57 p.m.•277 views

Microsoft Windows HTTP to LDAP Relay

This module supports running an HTTP server which validates credentials, and then attempts to execute a relay attack against an LDAP server on the configured RHOSTS hosts. It is not possible to relay NTLMv2 to LDAP due to the Message Integrity Check MIC. As a result, this will only work with...

5.6AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•277 views

HTTP Fetch

Fetch and execute an AARCH64 payload from an HTTP server. Module Options msf use payload/cmd/linux/http/aarch64/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show a...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2024/07/09 7:55 p.m.•277 views

Ivanti EPM RecordGoodApp SQLi RCE

Ivanti Endpoint Manager EPM 2022 SU5 and prior are vulnerable to unauthenticated SQL injection which can be leveraged to achieve unauthenticated remote code execution. Module Options msf use exploit/windows/http/ivantiepmrecordgoodappsqlirce msf exploitivantiepmrecordgoodappsqlirce show targets...

9.6CVSS10AI score0.99951EPSS
Exploits5
Metasploit
Metasploit
•added 2023/08/17 7:51 p.m.•277 views

Greenshot .NET Deserialization Fileformat Exploit

There exists a .NET deserialization vulnerability in Greenshot version 1.3.274 and below. The deserialization allows the execution of commands when a user opens a Greenshot file. The commands execute under the same permissions as the Greenshot service. Typically, is the logged in user. Module...

7.8CVSS8AI score0.07685EPSS
Exploits7
Metasploit
Metasploit
•added 2023/05/18 7:52 p.m.•277 views

HTTP Fetch, Reverse TCP Stager with UUID Support (Windows x64)

Fetch and execute an x64 payload from an HTTP server. Connect back to the attacker with UUID Support Windows x64 Module Options msf use payload/cmd/windows/http/x64/meterpreter/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf...

6AI score
Exploits0
Metasploit
Metasploit
•added 2023/05/18 7:52 p.m.•277 views

HTTP Fetch, Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager with UUID Support

Fetch and execute an x64 payload from an HTTP server. Spawn a piped command shell Windows x64 staged. Listen for an IPv6 connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/http/x64/shell/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf...

5.9AI score
Exploits0
Metasploit
Metasploit
•added 2023/05/18 7:52 p.m.•277 views

HTTP Fetch, Windows x64 Bind Named Pipe Stager

Fetch and execute an x64 payload from an HTTP server. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/http/x64/vncinject/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show options...

5.9AI score
Exploits0
Metasploit
Metasploit
•added 2023/05/18 7:52 p.m.•277 views

HTTP Fetch, Linux x64 Pingback, Bind TCP Inline

Fetch and execute an x64 payload from an HTTP server. Accept a connection from attacker and report UUID Linux x64 Module Options msf use payload/cmd/linux/http/x64/pingbackbindtcp msf payloadpingbackbindtcp show actions ...actions... msf payloadpingbackbindtcp set ACTION msf payloadpingbackbindtc...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2023/02/01 7:50 p.m.•277 views

io_uring Same Type Object Reuse Priv Esc

This module exploits a bug in iouring leading to an additional putcred that can be exploited to hijack credentials of other processes. We spawn SUID programs to get the free'd cred object reallocated by a privileged process and abuse them to create a SUID root binary ourselves that'll pop a shell...

8.8CVSS7.8AI score0.03718EPSS
Exploits4
Metasploit
Metasploit
•added 2017/09/08 12:30 a.m.•277 views

Apache Struts 2 REST Plugin XStream RCE

Apache Struts versions 2.1.2 - 2.3.33 and Struts 2.5 - Struts 2.5.12, using the REST plugin, are vulnerable to a Java deserialization attack in the XStream library. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework clas...

8.1CVSS0.4AI score0.99461EPSS
Exploits23
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•276 views

HTTP Fetch, Linux Command Shell, Reverse TCP Stager

Fetch and execute an MIPSLE payload from an HTTP server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/http/mipsle/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•276 views

HTTPS Fetch, Bind TCP Stager

Fetch and execute an ARMLE payload from an HTTPS server. Listen for a connection Module Options msf use payload/cmd/linux/https/armle/meterpreter/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set options... msf...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•276 views

TFTP Fetch

Fetch and execute a PPC64LE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/ppc64le/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2024/05/31 7:54 p.m.•276 views

OS X x64 Shell Bind TCP

Bind an arbitrary command to an arbitrary port Module Options msf use payload/osx/aarch64/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show and set options... msf payloadshellbindtcp run This module...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2023/05/18 7:52 p.m.•276 views

HTTP Fetch, Linux Command Shell, Find Port Inline

Fetch and execute an x64 payload from an HTTP server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/http/x64/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...show an...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•275 views

HTTP Fetch

Fetch and execute an MIPSBE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/mipsbe/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•275 views

TFTP Fetch

Fetch and execute an PPC payload from an TFTP server. Module Options msf use payload/cmd/linux/tftp/ppc/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2023/12/20 7:49 p.m.•275 views

Vinchin Backup and Recovery Command Injection

This module exploits a command injection vulnerability in Vinchin Backup & Recovery v5.0., v6.0., v6.7., and v7.0.. Due to insufficient input validation in the checkIpExists API endpoint, an attacker can execute arbitrary commands as the web server user. Module Options msf use...

8.9AI score
Exploits0
Metasploit
Metasploit
•added 2012/07/10 5:33 p.m.•275 views

JBoss JMX Console Deployer Upload and Execute

This module can be used to execute a payload on JBoss servers that have an exposed "jmx-console" application. The payload is put on the server by using the jboss.system:MainDeployer functionality. To accomplish this, a temporary HTTP server is created to serve a WAR archive containing our payload...

5.3CVSS5.8AI score0.81832EPSS
Exploits32
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•274 views

HTTP Fetch

Fetch and execute an MIPSBE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/mipsbe/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2025/02/20 6:55 p.m.•274 views

HTTPS Fetch, Linux dup2 Command Shell, Bind TCP Stager

Fetch and execute an ARMLE payload from an HTTPS server. dup2 socket in r12, then execve. Listen for a connection Module Options msf use payload/cmd/linux/https/armle/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2024/11/29 6:54 p.m.•274 views

Wordpress POST SMTP Account Takeover

The POST SMTP WordPress plugin prior to 2.8.7 is affected by a privilege escalation where an unauthenticated user is able to reset the password of an arbitrary user. This is done by requesting a password reset, then viewing the latest email logs to find the associated password reset email. Module...

9.8CVSS9.3AI score0.90339EPSS
Exploits6
Metasploit
Metasploit
•added 2023/06/15 7:50 p.m.•274 views

HTTP Fetch, Generic x86 Debug Trap

Fetch and execute a x86 payload from an HTTP server. Generate a debug trap in the target process Module Options msf use payload/cmd/linux/http/x86/generic/debugtrap msf payloaddebugtrap show actions ...actions... msf payloaddebugtrap set ACTION msf payloaddebugtrap show options ...show and set...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2023/03/29 7:50 p.m.•274 views

AMQP 0-9-1 Version Scanner

Detect AMQP version information. Module Options msf use auxiliary/scanner/amqp/amqpversion msf auxiliaryamqpversion show actions ...actions... msf auxiliaryamqpversion set ACTION msf auxiliaryamqpversion show options ...show and set options... msf auxiliaryamqpversion run This module requires...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2022/01/17 5:42 p.m.•274 views

SonicWall SMA 100 Series Authenticated Command Injection

This module exploits an authenticated command injection vulnerability in the SonicWall SMA 100 series web interface. Exploitation results in command execution as root. The affected versions are: - 10.2.1.2-24sv and below - 10.2.0.8-37sv and below - 9.0.0.11-31sv and below Module Options msf use...

9.8CVSS9.9AI score0.99912EPSS
Exploits8
Metasploit
Metasploit
•added 2026/04/02 7:2 p.m.•273 views

HTTPS Fetch, Windows Command Shell, Reverse Ordinal TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/shell/reverseordtcp msf payloadreverseordtcp show actions ...actions... msf payloadreverseordtcp set ACTION msf...

5.5AI score
Exploits0
Metasploit
Metasploit
•added 2025/05/06 6:54 p.m.•273 views

SMB to HTTP relay version of Get NAA Creds

This module creates an SMB server and then relays the credentials passed to it to SCCM's HTTP server aka Management Point to gain an authenticated connection. Once authenticated it then attempts to retrieve the Network Access Accounts, if configured, from the SCCM server. This requires a computer...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2024/08/19 6:51 p.m.•273 views

Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)

This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow use auxiliary/admin/http/fortrafilecatalystworkflowsqli msf auxiliaryfortrafilecatalystworkflowsqli show actions ...actions... msf auxiliaryfortrafilecatalystworkflowsqli set ACTION msf...

9.8CVSS9.6AI score0.90067EPSS
Exploits5
Metasploit
Metasploit
•added 2022/02/05 5:43 p.m.•273 views

PetitPotam

Coerce an authentication attempt over SMB to other machines via MS-EFSRPC methods. Module Options msf use auxiliary/scanner/dcerpc/petitpotam msf auxiliarypetitpotam show actions ...actions... msf auxiliarypetitpotam set ACTION msf auxiliarypetitpotam show options ...show and set options... msf...

7.5CVSS7.6AI score0.66023EPSS
Exploits4
Metasploit
Metasploit
•added 2020/05/19 10:39 p.m.•273 views

Synology DiskStation Manager smart.cgi Remote Command Execution

This module exploits a vulnerability found in Synology DiskStation Manager DSM versions \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x.freeze def initializeinfo = super updateinfo info, 'Name' = 'Synology DiskStation Manager smart.cgi Remote Command Execution', 'Description' = %q...

8.8CVSS7.7AI score0.72453EPSS
Exploits5
Metasploit
Metasploit
•added 2024/03/26 7:51 p.m.•272 views

Artica Proxy Unauthenticated PHP Deserialization Vulnerability

A Command Injection vulnerability in Artica Proxy appliance version 4.50 and 4.40 allows remote attackers to run arbitrary commands via unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and...

9.8CVSS8.5AI score0.8126EPSS
Exploits9
Metasploit
Metasploit
•added 2023/05/18 7:52 p.m.•272 views

HTTPS Fetch, Windows shellcode stage, Windows x64 Reverse HTTPS Stager (winhttp)

Fetch and execute an x64 payload from an HTTPS server. Custom shellcode stage. Tunnel communication over HTTPS Windows x64 winhttp Module Options msf use payload/cmd/windows/https/x64/custom/reversewinhttps msf payloadreversewinhttps show actions ...actions... msf payloadreversewinhttps set ACTIO...

5.9AI score
Exploits0
Metasploit
Metasploit
•added 2022/05/11 5:43 p.m.•272 views

Powershell Exec, Reverse Ordinal TCP Stager (No NX or Win7)

Execute an x86 payload from a command via PowerShell. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/vncinject/reverseordtcp msf payloadreverseordtcp show actions ...actions... msf payloadreverseordtcp set ACTION msf payloadreverseordtcp show options ...show an...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2022/05/03 5:42 p.m.•272 views

VMware Workspace ONE Access CVE-2022-22954

This module exploits CVE-2022-22954, an unauthenticated server-side template injection SSTI in VMware Workspace ONE Access, to execute shell commands as the "horizon" user. Module Options msf use exploit/linux/http/vmwareworkspaceoneaccesscve202222954 msf exploitvmwareworkspaceoneaccesscve2022229...

10CVSS10AI score0.99997EPSS
Exploits24
Metasploit
Metasploit
•added 2013/07/15 2:43 p.m.•272 views

SPIP connect Parameter PHP Injection

This module exploits a PHP code injection in SPIP. The vulnerability exists in the connect parameter and allows an unauthenticated user to execute arbitrary commands with web user privileges. Branches 2.0, 2.1 and 3 are concerned. Vulnerable versions are 'SPIP connect Parameter PHP Injection',...

8.5AI score
Exploits0
Metasploit
Metasploit
•added 2023/05/18 7:52 p.m.•271 views

HTTP Fetch, Windows x64 Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x64 payload from an HTTP server. Spawn a piped command shell Windows x64 staged. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x64/shell/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf...

6AI score
Exploits0
Metasploit
Metasploit
•added 2021/12/20 5:42 p.m.•271 views

Wordpress Popular Posts Authenticated RCE

This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address 192/172/127/10. The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit...

8.8CVSS7.3AI score0.79823EPSS
Exploits5
Metasploit
Metasploit
•added 2026/01/05 6:59 p.m.•270 views

TFTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an RISC-V 64-bit payload from a TFTP server. Connect back to attacker and spawn a command shell. Module Options msf use payload/cmd/linux/tftp/riscv64le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2026/01/05 6:59 p.m.•270 views

HTTP Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an RISC-V 32-bit payload from an HTTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/http/riscv32le/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...

5.8AI score
Exploits0
Metasploit
Metasploit
•added 2023/05/18 7:52 p.m.•270 views

HTTPS Fetch, Windows shellcode stage, Reverse TCP Stager with UUID Support (Windows x64)

Fetch and execute an x64 payload from an HTTPS server. Custom shellcode stage. Connect back to the attacker with UUID Support Windows x64 Module Options msf use payload/cmd/windows/https/x64/custom/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set...

5.9AI score
Exploits0
Metasploit
Metasploit
•added 2023/05/18 7:52 p.m.•270 views

HTTP Fetch, Windows x64 IPv6 Bind TCP Stager

Fetch and execute an x64 payload from an HTTP server. Listen for an IPv6 connection Windows x64 Module Options msf use payload/cmd/windows/http/x64/vncinject/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6tcp show options ...show...

5.9AI score
Exploits0
Metasploit
Metasploit
•added 2016/10/05 3:21 a.m.•270 views

Overlayfs Privilege Escalation

This module attempts to exploit two different CVEs related to overlayfs. CVE-2015-1328: Ubuntu specific - 3.13.0-24 14.04 default 'Overlayfs Privilege Escalation', 'Description' = %q This module attempts to exploit two different CVEs related to overlayfs. CVE-2015-1328: Ubuntu specific - 3.13.0-2...

7.8CVSS6.6AI score0.37679EPSS
Exploits29
Metasploit
Metasploit
•added 2026/04/02 7:2 p.m.•269 views

HTTPS Fetch, Windows Reverse HTTP Stager (winhttp)

Fetch and execute an x86 payload from an HTTPS server. Tunnel communication over HTTP Windows winhttp Module Options msf use payload/cmd/windows/https/x86/vncinject/reversewinhttp msf payloadreversewinhttp show actions ...actions... msf payloadreversewinhttp set ACTION msf payloadreversewinhttp...

5.5AI score
Exploits0
Metasploit
Metasploit
•added 2026/04/02 7:2 p.m.•269 views

HTTPS Fetch, Reverse All-Port TCP Stager

Fetch and execute an x86 payload from an HTTPS server. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/https/x86/vncinject/reversetcpallports msf payloadreversetcpallports show actions ...actions... msf payloadreversetcpallport...

5.5AI score
Exploits0
Metasploit
Metasploit
•added 2024/08/28 6:53 p.m.•269 views

Gather electerm Passwords

This module will determine if electerm is installed on the target system and, if it is, it will try to dump all saved session information from the target. The passwords for these saved sessions will then be decrypted where possible. Module Options msf use post/multi/gather/electerm msf postelecte...

6.9AI score
Exploits0
Metasploit
Metasploit
•added 2023/06/02 7:50 p.m.•269 views

HTTP Fetch, Windows Meterpreter Shell, Reverse HTTP Inline (x64)

Fetch and execute an x64 payload from an HTTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/http/x64/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf...

6AI score
Exploits0
Metasploit
Metasploit
•added 2023/05/18 7:52 p.m.•269 views

HTTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x64 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x64/vncinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options...

6AI score
Exploits0
Metasploit
Metasploit
•added 2023/03/29 7:50 p.m.•269 views

Optergy Proton and Enterprise BMS Command Injection using a backdoor

This module exploits an undocumented backdoor vulnerability in the Optergy Proton and Enterprise Building Management System BMS applications. Versions 2.0.3a and below are vulnerable. Attackers can exploit this issue by directly navigating to an undocumented backdoor script called Console.jsp in...

10CVSS8.6AI score0.93384EPSS
Exploits7
Metasploit
Metasploit
•added 2021/07/21 5:42 p.m.•269 views

Sage X3 AdxAdmin Login Scanner

This module allows an attacker to perform a password guessing attack against the Sage X3 AdxAdmin service, which in turn can be used to authenticate to a local Windows account. This module implements the X3Crypt function to 'encrypt' any passwords to be used during the authentication process, giv...

5.3CVSS7.7AI score0.35792EPSS
Exploits6
Total number of security vulnerabilities5000