Lucene search
K
MetasploitMost viewed

6849 matches found

Metasploit
Metasploit
•added 2022/03/16 5:42 p.m.•62 views

Python Exec, Python Meterpreter Shell, Reverse HTTP Inline

Execute a Python payload as an OS command from a Posix-compatible shell. Connect back to the attacker and spawn a Meterpreter shell Module Options msf use payload/cmd/unix/python/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2021/10/28 5:51 p.m.•62 views

Kubernetes Enumeration

Enumerate a Kubernetes API to report useful resources such as available namespaces, pods, secrets, etc. Useful resources will be highlighted using the HIGHLIGHTNAMEPATTERN option. Module Options msf use auxiliary/cloud/kubernetes/enumkubernetes msf auxiliaryenumkubernetes show actions ...actions...

7AI score
Exploits0
Metasploit
Metasploit
•added 2021/04/09 5:42 p.m.•62 views

Haserl Arbitrary File Reader

This module exploits haserl prior to 0.9.36 to read arbitrary files. The most widely accepted exploitation vector is reading /etc/shadow, which will reveal root's hash for cracking. Module Options msf use post/linux/gather/haserlread msf posthaserlread show actions ...actions... msf posthaserlrea...

5.5CVSS5.4AI score0.01082EPSS
Exploits2
Metasploit
Metasploit
•added 2020/10/01 5:41 p.m.•62 views

Safari in Operator Side Effect Exploit

This module exploits an incorrect side-effect modeling of the 'in' operator. The DFG compiler assumes that the 'in' operator is side-effect free, however the element with the PDF plugin provides a callback that can trigger side-effects leading to type confusion CVE-2020-9850. The type confusion c...

9.8CVSS7.3AI score0.77246EPSS
Exploits3
Metasploit
Metasploit
•added 2020/06/21 8:36 p.m.•62 views

Cisco Gather Device General Information

This module collects a Cisco IOS or NXOS device information and configuration. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Gather Device General Information', 'Description' = %q This...

0.4AI score
Exploits0
Metasploit
Metasploit
•added 2020/04/22 4:37 a.m.•62 views

Multi Manage the screen of the target meterpreter session

This module allows you to view and control the screen of the target computer via a local browser window. The module continually screenshots the target screen and also relays all mouse and keyboard events to session. This module requires Metasploit: https://metasploit.com/download Current source:...

6.7AI score
Exploits0
Metasploit
Metasploit
•added 2019/02/03 5:38 a.m.•62 views

Evince CBT File Command Injection

This module exploits a command injection vulnerability in Evince before version 3.24.1 when opening comic book .cbt files. Some file manager software, such as Nautilus and Atril, may allow automatic exploitation without user interaction due to thumbnailer preview functionality. Note that limited...

7.8CVSS0.3AI score0.50076EPSS
Exploits9
Metasploit
Metasploit
•added 2018/11/29 1:8 a.m.•62 views

WordPress WP GDPR Compliance Plugin Privilege Escalation

The Wordpress GDPR Compliance plugin 'WordPress WP GDPR Compliance Plugin Privilege Escalation', 'Description' = %q The Wordpress GDPR Compliance plugin = v1.4.2 allows unauthenticated users to set wordpress administration options by overwriting values within the database. The vulnerability is...

9.8CVSS6.9AI score0.87294EPSS
Exploits4
Metasploit
Metasploit
•added 2017/12/18 10:32 p.m.•62 views

Cambium cnPilot r200/r201 Command Execution as 'root'

Cambium cnPilot r200/r201 device software versions 4.2.3-R4 to 4.3.3-R4, contain an undocumented, backdoor 'root' shell. This shell is accessible via a specific url, to any authenticated user. The module uses this shell to execute arbitrary system commands as 'root'. This module requires...

8.8CVSS7.7AI score0.39181EPSS
Exploits2
Metasploit
Metasploit
•added 2017/12/14 3:23 p.m.•62 views

Check For and Prep the Pyrotechnic Devices (Airbags, Battery Clamps, etc.)

Acting in the role of a Pyrotechnical Device Deployment Tool PDT, this module will first query all Pyrotechnic Control Units PCUs in the target vehicle to discover how many pyrotechnic devices are present, then attempt to validate the security access token using the default simplified algorithm. ...

4.7CVSS0.3AI score0.00994EPSS
Exploits1
Metasploit
Metasploit
•added 2017/08/21 1:25 a.m.•62 views

Unix Command Shell, Reverse TCP (via R)

Connect back and create a command shell via R This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 157 include Msf::Payload::Single include Msf::Payload::R include...

Exploits0
Metasploit
Metasploit
•added 2016/08/04 3:56 p.m.•62 views

NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load and Administrator Password Reset

The NVRmini 2 Network Video Recorded and the ReadyNAS Surveillance application are vulnerable to an administrator password reset on the exposed web management interface. Note that this only works for unauthenticated attackers in earlier versions of the Nuuo firmware before v1.7.6, otherwise you...

7.5CVSS7.3AI score0.53715EPSS
Exploits6
Metasploit
Metasploit
•added 2016/04/01 1:42 a.m.•62 views

Z/OS (MVS) Command Shell, Reverse TCP

Provide JCL which creates a reverse shell This implementation does not include ebcdic character translation, so a client with translation capabilities is required. MSF handles this automatically. This module requires Metasploit: https://metasploit.com/download Current source:...

7AI score
Exploits0
Metasploit
Metasploit
•added 2015/09/30 11:24 a.m.•62 views

Zemra Botnet CnC Web Panel Remote Code Execution

This module exploits the CnC web panel of Zemra Botnet which contains a backdoor inside its leaked source code. Zemra is a crimeware bot that can be used to conduct DDoS attacks and is detected by Symantec as Backdoor.Zemra. This module requires Metasploit: https://metasploit.com/download Current...

6.7AI score
Exploits0
Metasploit
Metasploit
•added 2015/07/15 6:4 p.m.•62 views

Windows Post Kill Antivirus and Hips

This module attempts to locate and terminate any processes that are identified as being Antivirus or Host-based IPS related. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Post Kill...

0.4AI score
Exploits0
Metasploit
Metasploit
•added 2015/05/18 4:33 a.m.•62 views

Python Meterpreter, Python Reverse TCP Stager with UUID Support

Run a meterpreter server in Python compatible with 2.5-2.7 & 3.1+. Connect back to the attacker with UUID Support This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include...

0.3AI score
Exploits0
Metasploit
Metasploit
•added 2013/12/09 6:49 p.m.•62 views

Red Hat CloudForms Management Engine 5.1 miq_policy/explorer SQL Injection

This module exploits a SQL injection vulnerability in the "explorer" action of "miqpolicy" controller of the Red Hat CloudForms Management Engine 5.1 ManageIQ Enterprise Virtualization Manager 5.0 and earlier by changing the password of the target account to the specified password. This module...

7.5CVSS8.2AI score0.15659EPSS
Exploits3
Metasploit
Metasploit
•added 2013/12/03 1:23 p.m.•62 views

Pandora FMS v3.1 Auth Bypass and Arbitrary File Upload Vulnerability

This module exploits an authentication bypass vulnerability in Pandora FMS v3.1 as disclosed by Juan Galiana Lara. It also integrates with the built-in pandora upload which allows a user to upload arbitrary files to the '/images/' directory. This module was created as an exercise in the Metasploi...

10CVSS7.4AI score0.65618EPSS
Exploits10
Metasploit
Metasploit
•added 2013/10/30 3:25 p.m.•62 views

OpenMediaVault Cron Remote Command Execution

OpenMediaVault allows an authenticated user to create cron jobs as arbitrary users on the system. An attacker can abuse this to run arbitrary commands as any user available on the system including root. This module requires Metasploit: https://metasploit.com/download Current source:...

8.8CVSS1.1AI score0.56838EPSS
Exploits8
Metasploit
Metasploit
•added 2013/09/05 7:40 p.m.•62 views

Multi Gather Firefox Signon Credential Collection

This module will collect credentials from the Firefox web browser if it is installed on the targeted machine. Additionally, cookies are downloaded. Which could potentially yield valid web sessions. Firefox stores passwords within the signons.sqlite database file. There is also a keys3.db file whi...

6.8AI score
Exploits0
Metasploit
Metasploit
•added 2013/05/12 2:27 p.m.•62 views

Windows Manage Remote Point-to-Point Tunneling Protocol

This module initiates a PPTP connection to a remote machine VPN server. Once the tunnel is created we can use it to force the victim traffic to go through the server getting a man in the middle attack. Be sure to allow forwarding and masquerading on the VPN server mitm. This module requires...

6.9AI score
Exploits0
Metasploit
Metasploit
•added 2013/01/05 2:21 p.m.•62 views

WordPress Plugin Google Document Embedder Arbitrary File Disclosure

This module exploits an arbitrary file disclosure flaw in the WordPress blogging software plugin known as Google Document Embedder. The vulnerability allows for database credential disclosure via the /libs/pdf.php script. The Google Document Embedder plug-in versions 2.4.6 and below are vulnerabl...

5CVSS7.1AI score0.50017EPSS
Exploits4
Metasploit
Metasploit
•added 2012/12/07 5:7 p.m.•62 views

Splunk Custom App Remote Code Execution

This module exploits a feature of Splunk whereby a custom application can be uploaded through the web based interface. Through the 'script' search command a user can call commands defined in their custom application which includes arbitrary perl or python code. To abuse this behavior, a valid...

10AI score
Exploits0
Metasploit
Metasploit
•added 2012/09/25 3:47 p.m.•62 views

phpMyAdmin 3.5.2.2 server_sync.php Backdoor

This module exploits an arbitrary code execution backdoor placed into phpMyAdmin v3.5.2.2 through a compromised SourceForge mirror. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'phpMyAdmin...

7.5CVSS0.7AI score0.74515EPSS
Exploits3
Metasploit
Metasploit
•added 2012/06/09 7:53 p.m.•62 views

Apache Struts Remote Command Execution

This module exploits a remote command execution vulnerability in Apache Struts versions 'Apache Struts Remote Command Execution', 'Description' = %q This module exploits a remote command execution vulnerability in Apache Struts versions 'Johannes Dahse', Vulnerability discovery and PoC 'Andreas...

9.8CVSS7.8AI score0.75071EPSS
Exploits11
Metasploit
Metasploit
•added 2012/06/05 11:11 p.m.•62 views

Multi Gather Skype User Data Enumeration

This module will enumerate Skype account settings, contact list, call history, chat logs, file transfer history, and voicemail logs, saving all the data to CSV files for analysis. This module requires Metasploit: https://metasploit.com/download Current source:...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2011/12/07 12:52 a.m.•62 views

Ability Server 2.34 STOR Command Stack Buffer Overflow

This module exploits a stack-based buffer overflow in Ability Server 2.34. Ability Server fails to check input size when parsing 'STOR' and 'APPE' commands, which leads to a stack based buffer overflow. This plugin uses the 'STOR' command. The vulnerability has been confirmed on version 2.34 and...

5CVSS7.4AI score0.67387EPSS
Exploits2
Metasploit
Metasploit
•added 2011/05/16 7:2 p.m.•62 views

7-Technologies IGSS IGSSdataServer.exe Stack Buffer Overflow

This module exploits a vulnerability in the igssdataserver.exe component of 7-Technologies IGSS up to version 9.00.00 b11063. While processing a ListAll command, the application fails to do proper bounds checking before copying data into a small buffer on the stack. This causes a buffer overflow...

10CVSS0.6AI score0.69618EPSS
Exploits10
Metasploit
Metasploit
•added 2010/12/25 6:31 a.m.•62 views

SNMP Enumeration Module

This module allows enumeration of any devices with SNMP protocol support. It supports hardware, software, and network information. The default community used is "public". This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewor...

7.5CVSS7.4AI score0.27166EPSS
Exploits3
Metasploit
Metasploit
•added 2010/02/01 3:56 a.m.•62 views

Novell iPrint Client ActiveX Control Date/Time Buffer Overflow

This module exploits a stack buffer overflow in Novell iPrint Client 5.30. When passing a specially crafted date/time string via certain parameters to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this...

9.3CVSS7.9AI score0.37524EPSS
Exploits9
Metasploit
Metasploit
•added 2009/12/13 6:56 a.m.•62 views

MS09-020 IIS6 WebDAV Unicode Authentication Bypass

This module attempts to to bypass authentication using the WebDAV IIS6 Unicode vulnerability discovered by Kingcope. The vulnerability appears to be exploitable where WebDAV is enabled on the IIS6 server, and any protected folder requires either Basic, Digest or NTLM authentication. This module...

7.5CVSS7.3AI score0.98447EPSS
Exploits5
Metasploit
Metasploit
•added 2022/03/16 5:42 p.m.•61 views

Python Exec, Python Pingback, Reverse TCP (via python)

Execute a Python payload as an OS command from a Posix-compatible shell. Connects back to the attacker, sends a UUID, then terminates Module Options msf use payload/cmd/unix/python/pingbackreversetcp msf payloadpingbackreversetcp show actions ...actions... msf payloadpingbackreversetcp set ACTION...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2021/09/28 5:42 p.m.•61 views

Tlen Credential Gatherer

This module searches for Tlen credentials on a Windows host. Tlen is a free Polish instant messaging service. Module Options msf use post/windows/gather/credentials/tlen msf posttlen show actions ...actions... msf posttlen set ACTION msf posttlen show options ...show and set options... msf posttl...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2021/02/23 5:41 p.m.•61 views

Apache Flink JAR Upload Java Code Execution

This module uses job functionality in Apache Flink dashboard web interface to upload and execute a JAR file, leading to remote execution of arbitrary Java code as the web server user. This module has been tested successfully on Apache Flink versions: 1.9.3 on Ubuntu 18.04.4; 1.11.2 on Ubuntu...

7.8AI score
Exploits0
Metasploit
Metasploit
•added 2020/05/23 8:20 a.m.•61 views

vBulletin /ajax/api/content_infraction/getIndexableContent nodeid Parameter SQL Injection

This module exploits a SQL injection vulnerability found in vBulletin 5.6.1 and earlier This module uses the getIndexableContent vulnerability to reset the administrators password, it then uses the administrators login information to achieve RCE on the target. This module has been tested...

9.8CVSS7.9AI score0.88948EPSS
Exploits13
Metasploit
Metasploit
•added 2020/02/05 4:21 p.m.•61 views

SSH Key Persistence

This module will add an SSH key to a specified user or all, to allow remote login via SSH at any time. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sshkey' class MetasploitModule 'SSH Key Persistence',...

7AI score
Exploits0
Metasploit
Metasploit
•added 2020/02/03 7:16 p.m.•61 views

Windows Gather TeamViewer Passwords

This module will find and decrypt stored TeamViewer passwords This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework @blurbdust based this code off of...

7CVSS7.1AI score0.04746EPSS
Exploits2
Metasploit
Metasploit
•added 2019/07/26 12:42 a.m.•61 views

Linux x64 Pingback, Bind TCP Inline

Accept a connection from attacker and report UUID Linux x64 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 109 include Msf::Payload::Linux::X64::Prepends include...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2019/04/18 5:15 p.m.•61 views

SystemTap MODPROBE_OPTIONS Privilege Escalation

This module attempts to gain root privileges by exploiting a vulnerability in the staprun executable included with SystemTap version 1.3. The staprun executable does not clear environment variables prior to executing modprobe, allowing an arbitrary configuration file to be specified in the...

7.2CVSS6.7AI score0.04797EPSS
Exploits10
Metasploit
Metasploit
•added 2019/01/12 9:14 a.m.•61 views

AddressSanitizer (ASan) SUID Executable Privilege Escalation

This module attempts to gain root privileges on Linux systems using setuid executables compiled with AddressSanitizer ASan. ASan configuration related environment variables are permitted when executing setuid executables built with libasan. The logpath option can be set using the ASANOPTIONS...

7.6AI score
Exploits0
Metasploit
Metasploit
•added 2017/07/31 4:26 a.m.•61 views

Windows Escalate UAC Protection Bypass (Via COM Handler Hijack)

This module will bypass Windows UAC by creating COM handler registry entries in the HKCU hive. When certain high integrity processes are loaded, these registry entries are referenced resulting in the process loading user-controlled DLLs. These DLLs contain the payloads that result in elevated...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2016/09/11 7:15 a.m.•61 views

Siemens Profinet Scanner

This module will use Layer2 packets, known as Profinet Discovery packets, to detect all Siemens and sometimes other devices on a network. It is perfectly SCADA-safe, as there will only be ONE single packet sent out. Devices will respond with their IP configuration and hostnames. Created by XiaK...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2015/05/26 5:51 a.m.•61 views

Android Settings Remove Device Locks (4.0-4.3)

This module exploits a bug in the Android 4.0 to 4.3 com.android.settings.ChooseLockGeneric class. Any unprivileged app can exploit this vulnerability to remove the lockscreen. A logic flaw / design error exists in the settings application that allows an Intent from any application to clear the...

8.8CVSS10AI score0.08896EPSS
Exploits2
Metasploit
Metasploit
•added 2015/03/12 4:46 a.m.•61 views

Microsoft Windows Shell LNK Code Execution

This module exploits a vulnerability in the MS10-046 patch to abuse again the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This creates an SMB resource to provide the payload and the trigger, and generates a LNK file which must be sent to the...

9.3CVSS7AI score0.71075EPSS
Exploits16
Metasploit
Metasploit
•added 2015/02/24 9:11 p.m.•61 views

WordPress WP EasyCart Plugin Privilege Escalation

The WordPress WP EasyCart plugin from version 1.1.30 to 3.0.20 allows authenticated users of any user level to set any system option via a lack of validation in the ecajaxupdateoption and ecajaxclearalltaxrates functions located in /inc/admin/adminajaxfunctions.php. The module first changes the...

8.8CVSS0.4AI score0.18932EPSS
Exploits4
Metasploit
Metasploit
•added 2014/08/09 4:0 a.m.•61 views

NTP Mode 7 GET_RESTRICT DRDoS Scanner

This module identifies NTP servers which permit "reslist" queries and obtains the list of restrictions placed on various network interfaces, networks or hosts. The reslist feature allows remote attackers to cause a distributed, reflected denial of service aka, "DRDoS" or traffic amplification via...

5CVSS6.9AI score0.97549EPSS
Exploits23
Metasploit
Metasploit
•added 2013/08/15 11:34 p.m.•61 views

Java storeImageArray() Invalid Array Indexing Vulnerability

This module abuses an Invalid Array Indexing Vulnerability on the static function storeImageArray function in order to cause a memory corruption and escape the Java Sandbox. The vulnerability affects Java version 7u21 and earlier. The module, which doesn't bypass click2play, has been tested...

9.8CVSS7.9AI score0.98704EPSS
Exploits10
Metasploit
Metasploit
•added 2013/03/30 12:59 a.m.•61 views

Windows Gather Deleted Files Enumeration and Recovering

This module lists and attempts to recover deleted files from NTFS file systems. Use the FILES option to guide recovery. Leave this option empty to enumerate deleted files in the DRIVE. Set FILES to an extension e.g., "pdf" to recover deleted files with that extension, or set FILES to a comma...

6.9AI score
Exploits0
Metasploit
Metasploit
•added 2013/01/02 11:54 p.m.•61 views

FTP Authentication Scanner

This module will test FTP logins on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access. This module requires Metasploit: https://metasploit.com/download...

7.5CVSS7.2AI score0.51933EPSS
Exploits41
Metasploit
Metasploit
•added 2012/11/22 10:26 a.m.•62 views

Windows AlwaysInstallElevated MSI

This module checks the AlwaysInstallElevated registry keys which dictates if .MSI files should be installed with elevated privileges NT AUTHORITY\SYSTEM. The generated .MSI file has an embedded executable which is extracted and run by the installer. After execution the .MSI file intentionally fai...

10AI score
Exploits0
Total number of security vulnerabilities5000