6847 matches found
HTTPS Fetch, Windows shellcode stage, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/https/x86/custom/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf...
HTTP Fetch, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/http/x86/peinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options...
HTTP Fetch, Windows x86 Reverse Named Pipe (SMB) Stager
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker via a named pipe pivot Module Options msf use payload/cmd/windows/http/x86/meterpreter/reversenamedpipe msf payloadreversenamedpipe show actions ...actions... msf payloadreversenamedpipe set ACTION msf...
Powershell Exec, Windows shellcode stage, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
Execute an x64 payload from a command via PowerShell. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/x64/custom/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc...
SAMR Computer Management
Add, lookup and delete computer / machine accounts via MS-SAMR. By default standard active directory users can add up to 10 new computers to the domain. Administrative privileges however are required to delete the created accounts. Module Options msf use auxiliary/admin/dcerpc/samrcomputer msf...
Powershell Exec, Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/shell/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf...
Powershell Exec, Windows x64 Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Execute an x64 payload from a command via PowerShell. Spawn a piped command shell Windows x64 staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/x64/shell/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf...
Powershell Exec, Reverse TCP Stager
Execute an x86 payload from a command via PowerShell. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/patchupdllinject/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...
Powershell Exec, Generic x86 Debug Trap
Execute an x86 payload from a command via PowerShell. Generate a debug trap in the target process Module Options msf use payload/cmd/windows/powershell/generic/debugtrap msf payloaddebugtrap show actions ...actions... msf payloaddebugtrap set ACTION msf payloaddebugtrap show options ...show and s...
Apache Tomcat User Enumeration
This module enumerates Apache Tomcat's usernames via malformed requests to jsecuritycheck, which can be found in the web administration package. It should work against Tomcat servers 4.1.0 - 4.1.39, 5.5.0 - 5.5.27, and 6.0.0 - 6.0.18. Newer versions no longer have the "admin" package by default...
HTTPS Fetch, Windows shellcode stage, Bind IPv6 TCP Stager (Windows x86)
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/custom/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6t...
HTTP Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/patchupmeterpreter/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options...
HTTPS Fetch, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/https/x86/meterpreter/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show...
HTTP Fetch, Reverse TCP Stager (DNS)
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/peinject/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options ...show and s...
HTTPS Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/meterpreter/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf payloadreversetcprc4dns show...
HTTPS Fetch, Bind IPv6 TCP Stager (Windows x86)
Fetch and execute an x86 payload from an HTTPS server. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/patchupmeterpreter/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6tcp show...
HTTP Fetch, Windows Command Shell, Reverse UDP Stager with UUID Support
Fetch and execute an x86 payload from an HTTP server. Spawn a piped command shell staged. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/http/x86/shell/reverseudp msf payloadreverseudp show actions ...actions... msf payloadreverseudp set ACTION msf...
HTTP Fetch, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/http/x86/patchupdllinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show...
HTTP Fetch, Windows Upload/Execute, Reverse TCP Stager
Fetch and execute an x86 payload from an HTTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/upexec/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetc...
Generic HTTP Command Execution
This module interacts with existing command execution functionality on a target system, where user-supplied input is directly passed to system execution functions via a HTTP request. This could be from an existing vulnerability, or uploaded webshells such as: It is likely that HTTP evasion option...
SMB Fetch, Windows x64 Reverse HTTP Stager (wininet)
Fetch and execute an x64 payload from an SMB server. Tunnel communication over HTTP Windows x64 wininet Module Options msf use payload/cmd/windows/smb/x64/meterpreter/reversehttps msf payloadreversehttps show actions ...actions... msf payloadreversehttps set ACTION msf payloadreversehttps show...
HTTPS Fetch
Fetch and execute an x64 payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/x64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and...
Powershell Exec, Windows shellcode stage, Bind TCP Stager with UUID Support (Windows x64)
Execute an x64 payload from a command via PowerShell. Custom shellcode stage. Listen for a connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/powershell/x64/custom/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf...
Powershell Exec, Windows x64 Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
Execute an x64 payload from a command via PowerShell. Spawn a piped command shell Windows x64 staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/x64/shell/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION...
Powershell Exec
Execute an x64 payload from a command via PowerShell Module Options msf use payload/cmd/windows/powershell/x64/powershellreversetcp msf payloadpowershellreversetcp show actions ...actions... msf payloadpowershellreversetcp set ACTION msf payloadpowershellreversetcp show options ...show and set...
Powershell Exec, Bind TCP Stager with UUID Support (Windows x86)
Execute an x86 payload from a command via PowerShell. Listen for a connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/powershell/vncinject/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf payloadbindtcpuuid show...
Powershell Exec, Windows Upload/Execute, Bind IPv6 TCP Stager (Windows x86)
Execute an x86 payload from a command via PowerShell. Uploads an executable and runs it staged. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/powershell/upexec/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION ms...
Powershell Exec, Windows MessageBox
Execute an x86 payload from a command via PowerShell. Spawns a dialog via MessageBox using a customizable title, text & icon Module Options msf use payload/cmd/windows/powershell/messagebox msf payloadmessagebox show actions ...actions... msf payloadmessagebox set ACTION msf payloadmessagebox sho...
Wordpress Plugin Catch Themes Demo Import RCE
The Wordpress Plugin Catch Themes Demo Import versions use exploit/multi/http/wpcatchthemesdemoimport msf exploitwpcatchthemesdemoimport show targets ...targets... msf exploitwpcatchthemesdemoimport set TARGET msf exploitwpcatchthemesdemoimport show options ...show and set options... msf...
Microsoft OMI Management Interface Authentication Bypass
By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September 8th 2021. Module Options msf use...
Emby Version Scanner
This module attempts to identify the version of an Emby Media Server running on a host. If you wish to see all the information available, set VERBOSE to true. Use in conjunction with embyssrfscanner to locate devices vulnerable to CVE-2020-26948. Module Options msf use...
WordPress Easy WP SMTP Password Reset
Wordpress plugin Easy WP SMTP versions use auxiliary/scanner/http/wpeasywpsmtp msf auxiliarywpeasywpsmtp show actions ...actions... msf auxiliarywpeasywpsmtp set ACTION msf auxiliarywpeasywpsmtp show options ...show and set options... msf auxiliarywpeasywpsmtp run This module requires Metasploit:...
Ruby On Rails File Content Disclosure ('doubletap')
This module uses a path traversal vulnerability in Ruby on Rails versions = "Ruby On Rails File Content Disclosure 'doubletap'", 'Description' = %q This module uses a path traversal vulnerability in Ruby on Rails versions = 'Carter Brainerd ', Metasploit module 'John Hawthorn ' PoC/discovery ,...
Oracle MySQL UDF Payload Execution
This module creates and enables a custom UDF user defined function on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL = 'Oracle MySQL UDF Payload Execution', 'Description' = %q This module creates and enables a custo...
Brute Force AM/OOK (ie: Garage Doors)
Post Module for HWBridge RFTranscievers. Brute forces AM OOK or raw binary signals. This is a port of the rfpwnon tool by Corey Harding. https://github.com/exploitagency/github-rfpwnon/blob/master/rfpwnon.py This module requires Metasploit: https://metasploit.com/download Current source:...
MS14-060 Microsoft Windows OLE Package Manager Code Execution
This module exploits a vulnerability found in Windows Object Linking and Embedding OLE allowing arbitrary code execution, publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our...
RealVNC NULL Authentication Mode Bypass
This module exploits an Authentication bypass Vulnerability in RealVNC Server version 4.1.0 and 4.1.1. It sets up a proxy listener on LPORT and proxies to the target server The AUTOVNC option requires that vncviewer be installed on the attacking machine. This module requires Metasploit:...
NTLM Relay to Self (HTTP to LDAP) - Post Exploitation
This module performs an NTLM relay-to-self privilege escalation attack. It starts an HTTP-to-LDAP relay server on the compromised host, then triggers the WebClient service via an ETW event allowing a low-privilege user to start it, and coerces the local machine account to authenticate via...
HTTPS Fetch
Fetch and execute an x86 payload from an HTTPS server. Module Options msf use payload/cmd/windows/https/x86/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec run This module requires Metasploit:...
HTTPS Fetch, Windows shellcode stage, Bind TCP Stager (No NX or Win7)
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Listen for a connection No NX Module Options msf use payload/cmd/windows/https/x86/custom/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf payloadbindnonxtcp show...
HTTPS Fetch, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/https/x86/dllinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show...
HTTP Fetch, Reverse TCP Stager (No NX or Win7)
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/http/x86/peinject/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf payloadreversenonxtcp show options...
HTTP Fetch, Reverse TCP Stager (DNS)
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/patchupmeterpreter/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options...
HTTPS Fetch, Reverse HTTP Stager Proxy
Fetch and execute an x86 payload from an HTTPS server. Tunnel communication over HTTP Module Options msf use payload/cmd/windows/https/x86/meterpreter/reversehttpproxypstore msf payloadreversehttpproxypstore show actions ...actions... msf payloadreversehttpproxypstore set ACTION msf...
HTTPS Fetch, Windows shellcode stage, Find Tag Ordinal Stager
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Use an established connection Module Options msf use payload/cmd/windows/https/x86/custom/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options ...show and...
HTTP Fetch, Find Tag Ordinal Stager
Fetch and execute an x86 payload from an HTTP server. Use an established connection Module Options msf use payload/cmd/windows/http/x86/patchupmeterpreter/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options ...show and set options...
HTTP Fetch, Windows Command Shell, Bind IPv6 TCP Stager (Windows x86)
Fetch and execute an x86 payload from an HTTP server. Spawn a piped command shell staged. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/http/x86/shell/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf...
HTTPS Fetch
Fetch and execute an x86 payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/x86/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and...
HTTPS Fetch, Windows Meterpreter Shell, Reverse HTTPS Inline (x64)
Fetch and execute an x64 payload from an HTTPS server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/https/x64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf...
Python Exec, Command Shell, Reverse SCTP (via python)
Execute a Python payload from a command. Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.6-2.7 and 3.4+. Module Options msf use payload/cmd/windows/python/shellreversesctp msf payloadshellreversesctp show actions ...actions... msf...