Lucene search
K
MetasploitMost viewed

6847 matches found

Metasploit
Metasploit
•added 2017/04/29 12:29 p.m.•35 views

MediaWiki SyntaxHighlight extension option injection vulnerability

This module exploits an option injection vulnerability in the SyntaxHighlight extension of MediaWiki. It tries to create & execute a PHP file in the document root. The USERNAME & PASSWORD options are only needed if the Wiki is configured as private. This vulnerability affects any MediaWiki...

9.8CVSS10AI score0.11653EPSS
Exploits5
Metasploit
Metasploit
•added 2016/11/22 3:6 a.m.•35 views

Varnish Cache CLI Login Utility

This module attempts to login to the Varnish Cache varnishd CLI instance using a bruteforce list of passwords. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' requir...

7.5CVSS7.2AI score0.63824EPSS
Exploits7
Metasploit
Metasploit
•added 2016/09/22 3:26 p.m.•35 views

Android Meterpreter Shell, Reverse TCP Inline

Connect back to the attacker and spawn a Meterpreter shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::TransportConfig include Msf::Payload::Sing...

0.8AI score
Exploits0
Metasploit
Metasploit
•added 2016/07/12 3:22 a.m.•35 views

OpenNMS Java Object Unserialization Remote Code Execution

This module exploits a vulnerability in the OpenNMS Java object which allows an unauthenticated attacker to run arbitrary code against the system. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

9.8CVSS7.6AI score0.86829EPSS
Exploits12
Metasploit
Metasploit
•added 2016/06/13 8:14 p.m.•35 views

Regsvr32.exe (.sct) Command Delivery Server

This module uses the Regsvr32.exe Application Whitelisting Bypass technique as a way to run a command on a target system. The major advantage of this technique is that you can execute a static command on the target system and dynamically and remotely change the command that will actually run by...

7.5AI score
Exploits0
Metasploit
Metasploit
•added 2016/01/03 4:45 a.m.•35 views

Android ADB Debug Server Remote Payload Execution

Writes and spawns a native payload on an android device that is listening for adb debug messages. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android ADB Debug Server Remote Payload...

7AI score
Exploits0
Metasploit
Metasploit
•added 2015/08/28 2:17 p.m.•35 views

BusyBox Enumerate Connections

This module will be applied on a session connected to a BusyBox shell. It will enumerate the connections established with the router or device executing BusyBox. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

0.1AI score
Exploits0
Metasploit
Metasploit
•added 2015/06/08 9:58 a.m.•35 views

VMWare Update Manager 4 Directory Traversal

This modules exploits a directory traversal vulnerability in VMWare Update Manager on port 9084. Versions affected by this vulnerability: vCenter Update Manager 4.1 prior to Update 2, vCenter Update Manager 4 Update 4. This module requires Metasploit: https://metasploit.com/download Current sourc...

5CVSS0.2AI score0.63234EPSS
Exploits7
Metasploit
Metasploit
•added 2015/05/02 6:52 p.m.•35 views

BSD x64 Command Shell, Reverse TCP Inline (IPv6)

Connect back to attacker and spawn a command shell over IPv6 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 105 include Msf::Payload::Single include Msf::Payload::Bsd include...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2015/04/29 8:40 a.m.•35 views

Windows Gather Active Directory BitLocker Recovery

This module will enumerate BitLocker recovery passwords in the default AD directory. This module does require Domain Admin or other delegated privileges. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

1AI score
Exploits0
Metasploit
Metasploit
•added 2015/04/12 5:17 p.m.•35 views

BSD x64 Execute Command

Execute an arbitrary command This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Exec ---- Executes an arbitrary command. module MetasploitModule CachedSize = 31 include Msf::Payload::Single include Msf::Payload::Bsd def...

0.5AI score
Exploits0
Metasploit
Metasploit
•added 2015/03/10 3:49 p.m.•35 views

Belkin Play N750 login.cgi Buffer Overflow

This module exploits a remote buffer overflow vulnerability on Belkin Play N750 DB Wireless Dual-Band N+ Router N750 routers. The vulnerability exists in the handling of HTTP queries with long 'jump' parameters addressed to the /login.cgi URL, allowing remote unauthenticated attackers to execute...

10CVSS7.6AI score0.67487EPSS
Exploits8
Metasploit
Metasploit
•added 2015/02/22 9:35 p.m.•35 views

Solarwinds Orion AccountManagement.asmx GetAccounts Admin Creation

This module exploits a stacked SQL injection in order to add an administrator user to the SolarWinds Orion database. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solarwinds Orion...

7.5CVSS7.9AI score0.47749EPSS
Exploits8
Metasploit
Metasploit
•added 2015/02/11 6:38 p.m.•35 views

PXE Boot Exploit Server

This module provides a PXE server, running a DHCP and TFTP server. The default configuration loads a linux kernel and initrd into memory that reads the hard drive; placing a payload to install metsvc, disable the firewall, and add a new user metasploit on any Windows partition seen, and add a uid...

7AI score
Exploits0
Metasploit
Metasploit
•added 2015/02/05 6:26 p.m.•35 views

MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection

This module exploits a universal cross-site scripting UXSS vulnerability found in Internet Explorer 10 and 11. By default, you will steal the cookie from TARGETURI which cannot have X-Frame-Options or it will fail. You can also have your own custom JavaScript by setting the CUSTOMJS option. Lastl...

4.3CVSS6.3AI score0.71698EPSS
Exploits5
Metasploit
Metasploit
•added 2015/02/03 10:13 p.m.•35 views

WordPress Pixabay Images PHP Code Upload

This module exploits multiple vulnerabilities in the WordPress plugin Pixabay Images 2.3.6. The plugin does not check the host of a provided download URL which can be used to store and execute malicious PHP code on the system. This module requires Metasploit: https://metasploit.com/download Curre...

4CVSS10AI score0.33974EPSS
Exploits2
Metasploit
Metasploit
•added 2014/12/22 4:21 p.m.•35 views

Reflective DLL Injection, Hidden Bind TCP Stager

Inject a DLL via a reflective loader. Listen for a connection from a hidden port and spawn a command shell to the allowed host. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 343...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2014/12/22 4:21 p.m.•35 views

VNC Server (Reflective Injection), Hidden Bind TCP Stager

Inject a VNC Dll via a reflective loader staged. Listen for a connection from a hidden port and spawn a command shell to the allowed host. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2014/11/10 11:3 a.m.•35 views

Tincd Post-Authentication Remote TCP Stack Buffer Overflow

This module exploits a stack buffer overflow in Tinc's tincd service. After authentication, a specially crafted tcp packet default port 655 leads to a buffer overflow and allows to execute arbitrary code. This module has been tested with tinc-1.1pre6 on Windows XP custom calc payload and Windows ...

6.5CVSS7.7AI score0.60679EPSS
Exploits4
Metasploit
Metasploit
•added 2014/10/28 4:37 a.m.•35 views

GNU Wget FTP Symlink Arbitrary Filesystem Access

This module exploits a vulnerability in Wget when used in recursive -r mode with a FTP server as a destination. A symlink is used to allow arbitrary writes to the target's filesystem. To specify content for the file, use the "file:/path" syntax for the TARGETDATA option. Tested successfully with...

9.3CVSS10AI score0.39883EPSS
Exploits4
Metasploit
Metasploit
•added 2014/09/24 5:22 a.m.•35 views

HP Network Node Manager I PMD Buffer Overflow

This module exploits a stack buffer overflow in HP Network Node Manager I NNMi. The vulnerability exists in the pmd service, due to the insecure usage of functions like strcpy and strcat while handling stackoption packets with user controlled data. In order to bypass ASLR this module uses a...

10CVSS7.4AI score0.65435EPSS
Exploits5
Metasploit
Metasploit
•added 2014/08/28 1:42 p.m.•35 views

Railo Remote File Include

This module exploits a remote file include vulnerability in Railo, tested against version 4.2.1. First, a call using a vulnerable line in thumbnail.cfm allows an attacker to download an arbitrary PNG file. By appending a .cfm, and taking advantage of a directory traversal, an attacker can append...

8.8CVSS7.2AI score0.52563EPSS
Exploits6
Metasploit
Metasploit
•added 2014/05/13 7:17 p.m.•35 views

Advantech WebAccess DBVisitor.dll ChartThemeConfig SQL Injection

This module exploits a SQL injection vulnerability found in Advantech WebAccess 7.1. The vulnerability exists in the DBVisitor.dll component, and can be abused through malicious requests to the ChartThemeConfig web service. This module can be used to extract the site and project usernames and...

7.5CVSS0.4AI score0.1903EPSS
Exploits4
Metasploit
Metasploit
•added 2014/02/20 3:19 p.m.•35 views

Windows Command Shell, Hidden Bind TCP Inline

Listen for a connection from certain IP and spawn a command shell. The shellcode will reply with a RST packet if the connections is not coming from the IP defined in AHOST. This way the port will appear as "closed" helping us to hide the shellcode. This module requires Metasploit:...

7AI score
Exploits0
Metasploit
Metasploit
•added 2014/01/18 4:7 p.m.•35 views

Adobe Flash Player Regular Expression Heap Overflow

This module exploits a vulnerability found in the ActiveX component of Adobe Flash Player before 11.5.502.149. By supplying a specially crafted swf file with special regex value, it is possible to trigger a memory corruption, which results in remote code execution under the context of the user, a...

9.3CVSS7.2AI score0.77597EPSS
Exploits10
Metasploit
Metasploit
•added 2014/01/09 3:17 p.m.•35 views

SerComm Device Configuration Dump

This module will dump the configuration of several SerComm devices. These devices typically include routers from NetGear and Linksys. This module was tested successfully against the NetGear DG834 series ADSL modem router. This module requires Metasploit: https://metasploit.com/download Current...

7.4AI score
Exploits0
Metasploit
Metasploit
•added 2013/11/13 7:41 p.m.•35 views

OSX Screen Capture

This module takes screenshots of target desktop and automatically downloads them. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OSX Screen Capture', 'Description' = %q This module takes...

0.2AI score
Exploits0
Metasploit
Metasploit
•added 2013/11/12 11:47 a.m.•35 views

OSX VPN Manager

This module lists VPN connections and tries to connect to them using stored credentials. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OSX VPN Manager', 'Description' = %q This module lists V...

6.9AI score
Exploits0
Metasploit
Metasploit
•added 2013/08/21 5:47 p.m.•35 views

Oracle Endeca Server Remote Command Execution

This module exploits a command injection vulnerability on the Oracle Endeca Server 7.4.0. The vulnerability exists on the createDataStore method from the controlSoapBinding web service. The vulnerable method only exists on the 7.4.0 branch and isn't available on the 7.5.5.1 branch. In addition, t...

5.5CVSS7.4AI score0.5984EPSS
Exploits8
Metasploit
Metasploit
•added 2013/08/21 10:45 a.m.•35 views

WordPress Brute Force and User Enumeration Utility

WordPress Authentication Brute Force and User Enumeration Utility This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Brute Force and User Enumeration Utility', 'Description' = 'WordPress...

5CVSS7.1AI score0.85EPSS
Exploits14
Metasploit
Metasploit
•added 2013/07/26 2:18 a.m.•35 views

MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation

Due to a problem with isolating window broadcast messages in the Windows kernel, an attacker can broadcast commands from a lower Integrity Level process to a higher Integrity Level process, thereby effecting a privilege escalation. This issue affects Windows Vista, 7, 8, Server 2008, Server 2008...

7.2CVSS0.1AI score0.17089EPSS
Exploits10
Metasploit
Metasploit
•added 2013/03/19 8:43 a.m.•35 views

Nagios Remote Plugin Executor Arbitrary Command Execution

The Nagios Remote Plugin Executor NRPE is installed to allow a central Nagios server to actively poll information from the hosts it monitors. NRPE has a configuration option dontblamenrpe which enables command-line arguments to be provided remote plugins. When this option is enabled, even when NR...

7.5CVSS0.1AI score0.65724EPSS
Exploits9
Metasploit
Metasploit
•added 2012/11/20 3:1 p.m.•35 views

SAP /sap/bc/soap/rfc SOAP Service SXPG_CALL_SYSTEM Function Command Execution

This module makes use of the SXPGCALLSYSTEM Remote Function Call, through the use of the /sap/bc/soap/rfc SOAP service to execute OS commands as configured in the SM69 transaction. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5AI score
Exploits0
Metasploit
Metasploit
•added 2012/10/07 10:5 a.m.•35 views

Avaya WinPMD UniteHostRouter Buffer Overflow

This module exploits a stack buffer overflow in Avaya WinPMD. The vulnerability exists in the UniteHostRouter service, due to the insecure usage of memcpy when parsing specially crafted "To:" headers. The module has been tested successfully on Avaya WinPMD 3.8.2 over Windows XP SP3 and Windows 20...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2012/05/21 9:32 p.m.•35 views

FlexNet License Server Manager lmgrd Buffer Overflow

This module exploits a vulnerability in the FlexNet License Server Manager. The vulnerability is due to the insecure usage of memcpy in the lmgrd service when handling network packets, which results in a stack buffer overflow. In order to improve reliability, this module will make lots of...

0.8AI score
Exploits0
Metasploit
Metasploit
•added 2012/03/29 9:24 p.m.•35 views

OS X Gather Colloquy Enumeration

This module will collect Colloquy's info plist file and chat logs from the victim's machine. There are three actions you may choose: INFO, CHATS, and ALL. Please note that the CHAT action may take a long time depending on the victim machine, therefore we suggest to set the regex 'PATTERN' option ...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2012/01/18 3:16 a.m.•35 views

Windows x64 LoadLibrary Path

Load an arbitrary x64 library path This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 285 include Msf::Payload::Windows include Msf::Payload::Single def initializeinfo =...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2011/10/24 11:22 p.m.•35 views

phpLDAPadmin query_engine Remote PHP Code Injection

This module exploits a vulnerability in the lib/functions.php for phpLDAPadmin versions 1.2.1.1 and earlier that allows attackers input parsed directly to the createfunction php function. A patch was issued that uses a whitelist regex expression to check the user supplied input before being parse...

7.5CVSS6.9AI score0.51891EPSS
Exploits3
Metasploit
Metasploit
•added 2011/10/11 12:38 a.m.•35 views

Windows Gather Meebo Password Extractor

This module extracts login account password stored by Meebo Notifier, a desktop version of Meebo's Online Messenger. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather Meebo Passwor...

7AI score
Exploits0
Metasploit
Metasploit
•added 2011/10/03 9:5 p.m.•35 views

Windows Gather Enumerate Domain

This module identifies the primary Active Directory domain name and domain controller. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather Enumerate Domain', 'Description' = %q This...

0.5AI score
Exploits0
Metasploit
Metasploit
•added 2011/08/21 5:58 a.m.•35 views

Windows Gather Directory Permissions Enumeration

This module enumerates directories and lists the permissions set on found directories. Please note: if the PATH option isn't specified, then the module will start enumerate whatever is in the target machine's %PATH% variable. This module requires Metasploit: https://metasploit.com/download Curren...

Exploits0
Metasploit
Metasploit
•added 2011/08/18 4:10 a.m.•35 views

SMB Scanner Check File/Directory Utility

This module is useful when checking an entire network of SMB hosts for the presence of a known file or directory. An example would be to scan all systems for the presence of antivirus or known malware outbreak. Typically you must set RPATH, SMBUser, SMBDomain and SMBPass to operate correctly. Thi...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2011/03/26 3:35 a.m.•35 views

Windows Manage Inject in Memory Multiple Payloads

This module will inject in to several processes a given payload and connecting to a given list of IP Addresses. The module works with a given lists of IP Addresses and process PIDs if no PID is given it will start a the given process in the advanced options and inject the selected payload in to t...

6.9AI score
Exploits0
Metasploit
Metasploit
•added 2011/03/02 10:18 a.m.•35 views

SAP Management Console Version Detection

This module simply attempts to identify the version of SAP through the SAP Management Console SOAP Interface. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console Version...

7AI score
Exploits0
Metasploit
Metasploit
•added 2011/03/02 10:18 a.m.•35 views

SAP Management Console Extract Users

This module simply attempts to extract SAP users from the ABAP Syslog through the SAP Management Console SOAP Interface. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2011/01/06 5:34 p.m.•35 views

Windows Speech API - Say "You Got Pwned!"

Causes the target to say "You Got Pwned" via the Windows Speech API This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework =begin https://www.exploit-db.com/sploits/w32-speaking-shellcode.zip Copyright c 2009-2010 Berend-Jan...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2010/11/24 1:44 p.m.•35 views

DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow

This module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 Build 6.1.8.10. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

10CVSS1.6AI score0.63573EPSS
Exploits12
Metasploit
Metasploit
•added 2010/11/11 4:35 p.m.•35 views

BACnet OPC Client Buffer Overflow

This module exploits a stack buffer overflow in SCADA Engine BACnet OPC Client v1.0.24. When the BACnet OPC Client parses a specially crafted csv file, arbitrary code may be executed. This module requires Metasploit: https://metasploit.com/download Current source:...

9.3CVSS1AI score0.41619EPSS
Exploits2
Metasploit
Metasploit
•added 2010/08/20 7:1 a.m.•35 views

Java Meterpreter, Java Bind TCP Stager

Run a meterpreter server in Java. Listen for a connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 5256 include Msf::Payload::Stager include Msf::Payload::Java include...

7AI score
Exploits0
Metasploit
Metasploit
•added 2010/08/02 5:56 a.m.•35 views

VxWorks WDB Agent Boot Parameter Scanner

Scan for exposed VxWorks wdbrpc daemons and dump the boot parameters from memory This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VxWorks WDB Agent Boot Parameter Scanner', 'Description' = 'Scan...

7.1AI score
Exploits0
Total number of security vulnerabilities5000