Lucene search
K
MetasploitMost viewed

6849 matches found

Metasploit
Metasploit
•added 2015/11/08 5:34 a.m.•32 views

BisonWare BisonFTP Server 3.5 Directory Traversal Information Disclosure

This module exploits a directory traversal vulnerability found in BisonWare BisonFTP server version 3.5. This vulnerability allows an attacker to download arbitrary files from the server by crafting a RETR command including file system traversal strings such as '..//.' This module requires...

7.8CVSS7.4AI score0.60938EPSS
Exploits3
Metasploit
Metasploit
•added 2015/09/11 8:5 p.m.•32 views

MS15-100 Microsoft Windows Media Center MCL Vulnerability

This module exploits a vulnerability in Windows Media Center. By supplying an UNC path in the .mcl file, a remote file will be automatically downloaded, which can result in arbitrary code execution. This module requires Metasploit: https://metasploit.com/download Current source:...

9.3CVSS7.4AI score0.71044EPSS
Exploits12
Metasploit
Metasploit
•added 2015/06/18 5:36 p.m.•32 views

Adobe Flash Player ShaderJob Buffer Overflow

This module exploits a buffer overflow vulnerability related to the ShaderJob workings on Adobe Flash Player. The vulnerability happens when trying to apply a Shader setting up the same Bitmap object as src and destination of the ShaderJob. Modifying the "width" attribute of the ShaderJob after...

10CVSS6.8AI score0.87303EPSS
Exploits4
Metasploit
Metasploit
•added 2015/05/02 6:52 p.m.•32 views

BSD x64 Command Shell, Bind TCP Inline

Listen for a connection and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 88 include Msf::Payload::Single include Msf::Payload::Bsd include...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2015/04/10 6:1 p.m.•32 views

Group Policy Script Execution From Shared Resource

This is a general-purpose module for exploiting systems with Windows Group Policy configured to load VBS startup/logon scripts from remote locations. This module runs a SMB shared resource that will provide a payload through a VBS file. Startup scripts will be executed with SYSTEM privileges, whi...

6.9AI score
Exploits0
Metasploit
Metasploit
•added 2015/03/21 4:43 p.m.•32 views

Python Meterpreter, Python Reverse HTTPS Stager

Run a meterpreter server in Python compatible with 2.5-2.7 & 3.1+. Tunnel communication over HTTP using SSL This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include...

0.1AI score
Exploits0
Metasploit
Metasploit
•added 2014/12/22 4:21 p.m.•32 views

Windows Meterpreter (skape/jt Injection), Hidden Bind TCP Stager

Inject the meterpreter server DLL staged. Listen for a connection from a hidden port and spawn a command shell to the allowed host. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize =...

7.1AI score
Exploits0
Metasploit
Metasploit
•added 2014/12/09 9:15 a.m.•32 views

Tuleap PHP Unserialize Code Execution

This module exploits a PHP object injection vulnerability in Tuleap 'Tuleap PHP Unserialize Code Execution', 'Description' = %q This module exploits a PHP object injection vulnerability in Tuleap = 7.6-4 which could be abused to allow authenticated users to execute arbitrary code with the...

6CVSS7.4AI score0.14766EPSS
Exploits7
Metasploit
Metasploit
•added 2014/06/08 11:21 a.m.•32 views

Easy File Management Web Server Stack Buffer Overflow

Easy File Management Web Server v4.0 and v5.3 contains a stack buffer overflow condition that is triggered as user-supplied input is not properly validated when handling the UserID cookie. This may allow a remote attacker to execute arbitrary code. This module requires Metasploit:...

8AI score
Exploits0
Metasploit
Metasploit
•added 2014/06/07 7:56 p.m.•32 views

OpenSSL DTLS Fragment Buffer Overflow DoS

This module performs a Denial of Service Attack against Datagram TLS in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h. This occurs when a DTLS ClientHello message has multiple fragments and the fragment lengths of later fragments are larger than that of the first, a buffer...

6.8CVSS7.8AI score0.99977EPSS
Exploits4
Metasploit
Metasploit
•added 2014/03/26 6:49 p.m.•32 views

Firefox Gather Cookies from Privileged Javascript Shell

This module allows collection of cookies from a Firefox Privileged Javascript Shell. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'json' class MetasploitModule 'Firefox Gather Cookies from Privileged...

0.9AI score
Exploits0
Metasploit
Metasploit
•added 2014/03/17 7:15 a.m.•32 views

Quantum DXi V1000 SSH Private Key Exposure

Quantum ships a public/private key pair on DXi V1000 2.2.1 appliances that allows passwordless authentication to any other DXi box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root. This module requires Metasploit:...

7.7AI score
Exploits0
Metasploit
Metasploit
•added 2014/01/14 6:25 p.m.•32 views

Linux Command Shell, Reverse TCP Stager

Spawn a command shell staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 272 include Msf::Payload::Stager def initializeinfo = supermergeinfoinfo,...

7.4AI score
Exploits0
Metasploit
Metasploit
•added 2013/11/28 4:47 p.m.•32 views

ABB MicroSCADA wserver.exe Remote Code Execution

This module exploits a remote stack buffer overflow vulnerability in ABB MicroSCADA. The issue is due to the handling of unauthenticated EXECUTE operations on the wserver.exe component, which allows arbitrary commands. The component is disabled by default, but required when a project uses the SCI...

9.8CVSS7.5AI score0.70081EPSS
Exploits1
Metasploit
Metasploit
•added 2013/10/07 11:9 a.m.•32 views

Unix Command Shell, Reverse TCP (via nodejs)

Continually listen for a connection and spawn a command shell via nodejs This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 3231 include Msf::Payload::Single include...

0.3AI score
Exploits0
Metasploit
Metasploit
•added 2013/08/14 12:35 a.m.•32 views

OSX Password Prompt Spoof

Presents a password prompt dialog to a logged-in OSX user. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OSX Password Prompt Spoof', 'Description' = %q Presents a password prompt dialog to a...

Exploits0
Metasploit
Metasploit
•added 2013/05/12 1:46 p.m.•32 views

SAP Management Console OSExecute Payload Execution

This module executes an arbitrary payload through the SAP Management Console SOAP Interface. A valid username and password for the SAP Management Console must be provided. This module has been tested successfully on both Windows and Linux platforms running SAP Netweaver. In order to exploit a Lin...

7.5AI score
Exploits0
Metasploit
Metasploit
•added 2013/04/25 10:1 p.m.•32 views

Auxilliary Parser Windows Unattend Passwords

This module parses Unattend files in the target directory. See also: post/windows/gather/enumunattend This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Auxilliary Parser Windows Unattend...

Exploits0
Metasploit
Metasploit
•added 2013/04/20 6:43 a.m.•32 views

Java Applet Reflection Type Confusion Remote Code Execution

This module abuses Java Reflection to generate a Type Confusion, due to a weak access control when setting final fields on static classes, and run code outside of the Java Sandbox. The vulnerability affects Java version 7u17 and earlier. This exploit bypasses click-to-play throw a specially craft...

3.7CVSS7.1AI score0.85333EPSS
Exploits6
Metasploit
Metasploit
•added 2013/03/27 9:14 p.m.•32 views

STUNSHELL Web Shell Remote PHP Code Execution

This module exploits unauthenticated versions of the "STUNSHELL" web shell. This module works when safe mode is enabled on the web server. This shell is widely used in automated RFI payloads. This module requires Metasploit: https://metasploit.com/download Current source:...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2012/11/11 4:5 p.m.•32 views

Java Applet JAX-WS Remote Code Execution

This module abuses the JAX-WS classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in November of 2012. The vulnerability affects Java version 7u7 and earlier. This module requires Metasploit: https://metasploit.com/download Current source:...

9.8CVSS0.6AI score0.91013EPSS
Exploits18
Metasploit
Metasploit
•added 2012/11/07 3:6 p.m.•32 views

SAP SOAP RFC SXPG_COMMAND_EXECUTE

This module makes use of the SXPGCOMMANDEXECUTE Remote Function Call, through the use of the /sap/bc/soap/rfc SOAP service to execute OS commands as configured in the SM69 transaction. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5AI score
Exploits0
Metasploit
Metasploit
•added 2012/10/14 8:30 p.m.•32 views

Apache ActiveMQ Directory Traversal

This module exploits a directory traversal vulnerability in Apache ActiveMQ 5.3.1 and 5.3.2 on Windows systems. The vulnerability exists in the Jetty's ResourceHandler installed with the affected versions. This module has been tested successfully on ActiveMQ 5.3.1 and 5.3.2 over Windows 2003 SP2...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2012/10/08 5:46 p.m.•32 views

PhpTax pfilez Parameter Exec Remote Code Injection

This module exploits a vulnerability found in PhpTax, an income tax report generator. When generating a PDF, the icondrawpng function in drawimage.php does not properly handle the pfilez parameter, which will be used in an exec statement, and then results in arbitrary remote code execution under...

8.1AI score
Exploits0
Metasploit
Metasploit
•added 2012/09/22 9:49 p.m.•32 views

HTTP Client Automatic Exploiter

This module has three actions. The first and the default is 'WebServer' which uses a combination of client-side and server-side techniques to fingerprint HTTP clients and then automatically exploit them. Next is 'DefangedDetection' which does only the fingerprinting part. Lastly, 'list' simply...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2012/09/22 2:13 p.m.•32 views

OS X x64 say Shellcode

Say an arbitrary string outloud using Mac OS X text2speech This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 53 include Msf::Payload::Single def initializeinfo = supermergeinfoinfo,...

0.4AI score
Exploits0
Metasploit
Metasploit
•added 2012/09/10 10:42 p.m.•32 views

Apple iOS MobileSafari LibTIFF Buffer Overflow

This module exploits a buffer overflow in the version of libtiff shipped with firmware versions 1.00, 1.01, 1.02, and 1.1.1 of the Apple iPhone. iPhones which have not had the BSD tools installed will need to use a special payload. This module requires Metasploit: https://metasploit.com/download...

7.5CVSS0.3AI score0.53046EPSS
Exploits13
Metasploit
Metasploit
•added 2012/07/31 9:14 p.m.•32 views

MS12-037 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow

This module exploits a heap overflow vulnerability in Internet Explorer caused by an incorrect handling of the span attribute for col elements from a fixed table, when they are modified dynamically by javascript code. This module requires Metasploit: https://metasploit.com/download Current source...

9.3CVSS0.2AI score0.64962EPSS
Exploits27
Metasploit
Metasploit
•added 2012/02/21 1:40 a.m.•32 views

DB2 Authentication Brute Force Utility

This module attempts to authenticate against a DB2 instance using username and password combinations indicated by the USERFILE, PASSFILE, and USERPASSFILE options. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework requi...

7.5CVSS7.4AI score0.51933EPSS
Exploits41
Metasploit
Metasploit
•added 2012/02/16 3:25 a.m.•32 views

VMWare ESX/ESXi Fingerprint Scanner

This module accesses the web API interfaces for VMware ESX/ESXi servers and attempts to identify version information for that server. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare...

6.9AI score
Exploits0
Metasploit
Metasploit
•added 2011/11/21 6:39 p.m.•32 views

Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow

This module exploits a stack based buffer overflow found in Free MP3 CD Ripper 1.1. The overflow is triggered when an unsuspecting user opens a malicious WAV file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

9.3CVSS10AI score0.37001EPSS
Exploits3
Metasploit
Metasploit
•added 2011/10/23 5:17 p.m.•32 views

Windows Manage Hosts File Injection

This module allows the attacker to insert a new entry into the target system's hosts file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'English' class MetasploitModule 'Windows Manage Hosts File Injection'...

0.5AI score
Exploits0
Metasploit
Metasploit
•added 2011/10/22 8:3 p.m.•32 views

SAP Management Console Get Access Points

This module simply attempts to output a list of SAP access points through the SAP Management Console SOAP Interface. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console Get...

0.5AI score
Exploits0
Metasploit
Metasploit
•added 2011/08/28 10:38 p.m.•32 views

Windows Gather Forensic Imaging

This module will perform byte-for-byte imaging of remote disks and volumes This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Forensic byte-for-byte imaging of remote disks and volumes R. Wesley McGrew...

7.5AI score
Exploits0
Metasploit
Metasploit
•added 2011/08/21 4:46 a.m.•32 views

BNAT Scanner

This module is a scanner which can detect Broken NAT network address translation implementations, which could result in an inability to reach ports on remote machines. Typically, these ports will appear in nmap scans as 'filtered'/'closed'. This module requires Metasploit:...

6.9AI score
Exploits0
Metasploit
Metasploit
•added 2011/08/19 4:31 p.m.•32 views

Java Command Shell, Reverse TCP Inline

Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 7497 include Msf::Payload::Single include Msf::Payload::Java include...

7AI score
Exploits0
Metasploit
Metasploit
•added 2011/08/10 5:48 p.m.•32 views

Windows Gather CoreFTP Saved Password Extraction

This module extracts saved passwords from the CoreFTP FTP client. These passwords are stored in the registry. They are encrypted with AES-128-ECB. This module extracts and decrypts these passwords. This module requires Metasploit: https://metasploit.com/download Current source:...

0.4AI score
Exploits0
Metasploit
Metasploit
•added 2011/08/10 5:48 p.m.•32 views

Windows Gather Internet Download Manager (IDM) Password Extractor

This module recovers the saved premium download account passwords from Internet Download Manager IDM. These passwords are stored in an encoded format in the registry. This module traverses through these registry entries and decodes them. Thanks to the template code of theLightCosine's CoreFTP...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2011/06/10 3:8 a.m.•32 views

Solaris Gather Configured Services

Post module to enumerate services on a Solaris System This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solaris Gather Configured Services', 'Description' = %q Post module to enumerate services o...

7AI score
Exploits0
Metasploit
Metasploit
•added 2011/03/25 10:49 p.m.•32 views

VLC AMV Dangling Pointer Vulnerability

This module exploits VLC media player when handling a .AMV file. By flipping the 0x41st byte in the file format video width/height, VLC crashes due to an invalid pointer, which allows remote attackers to gain arbitrary code execution. The vulnerable packages include: VLC 1.1.4, VLC 1.1.5, VLC...

9.3CVSS6.7AI score0.75515EPSS
Exploits7
Metasploit
Metasploit
•added 2011/03/23 4:31 a.m.•32 views

Adobe Flash Player AVM Bytecode Verification Vulnerability

This module exploits a vulnerability in Adobe Flash Player versions 10.2.152.33 and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JITJust-In-Time code being executed. This is the same vulnerability that was used for the RSA attack ...

7.8CVSS0.66821EPSS
Exploits8
Metasploit
Metasploit
•added 2011/03/02 10:18 a.m.•32 views

SAP Management Console ABAP Syslog Disclosure

This module simply attempts to extract the ABAP syslog through the SAP Management Console SOAP Interface. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console ABAP Syslog...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2011/01/12 2:31 a.m.•32 views

Windows Gather PowerShell Environment Setting Enumeration

This module will enumerate Microsoft PowerShell settings. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather PowerShell Environment Setting Enumeration', 'Description' = %q This...

7.3AI score
Exploits0
Metasploit
Metasploit
•added 2010/12/25 6:8 a.m.•32 views

SNMP Windows Username Enumeration

This module will use LanManager/psProcessUsername OID values to enumerate local user accounts on a Windows/Solaris system via SNMP This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SNMP Windows...

Exploits0
Metasploit
Metasploit
•added 2010/11/19 6:30 p.m.•32 views

CakePHP Cache Corruption Code Execution

CakePHP is a popular PHP framework for building web applications. The Security component of CakePHP versions 1.3.5 and earlier and 1.2.8 and earlier is vulnerable to an unserialize attack which could be abused to allow unauthenticated attackers to execute arbitrary code with the permissions of th...

7.5CVSS8.4AI score0.55204EPSS
Exploits3
Metasploit
Metasploit
•added 2010/09/02 2:32 p.m.•32 views

D-Link i2eye Video Conference AutoAnswer (WDBRPC)

This module can be used to enable auto-answer mode for the D-Link i2eye video conferencing system. Once this setting has been flipped, the device will accept incoming video calls without acknowledgement. The NetMeeting software included in Windows XP can be used to connect to this device. The i2e...

7.2AI score
Exploits0
Metasploit
Metasploit
•added 2010/02/01 2:12 a.m.•32 views

HTTP WebDAV Internal IP Scanner

Detect webservers internal IPs though WebDAV This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP WebDAV Internal IP Scanner', 'Description' = 'Detect webservers internal IPs though WebDAV',...

2.6CVSS6.7AI score0.44339EPSS
Exploits3
Metasploit
Metasploit
•added 2010/01/05 8:24 a.m.•32 views

BigAnt Server 2.52 USV Buffer Overflow

This exploits a stack buffer overflow in the BigAnt Messaging Service, part of the BigAnt Server product suite. This module was tested successfully against version 2.52. NOTE: The AntServer service does not restart, you only get one shot. This module requires Metasploit:...

10CVSS7.4AI score0.6212EPSS
Exploits2
Metasploit
Metasploit
•added 2009/12/17 4:52 a.m.•32 views

Sun Java JRE AWT setDiffICM Buffer Overflow

This module exploits a flaw in the setDiffICM function in the Sun JVM. The payload is serialized and passed to the applet via PARAM tags. It must be a native payload. The effected Java versions are JDK and JRE 6 Update 16 and earlier, JDK and JRE 5.0 Update 21 and earlier, SDK and JRE 1.4.223 and...

9.3CVSS0.7AI score0.65461EPSS
Exploits9
Metasploit
Metasploit
•added 2009/12/15 8:15 p.m.•32 views

Adobe Doc.media.newPlayer Use After Free Vulnerability

This module exploits a use after free vulnerability in Adobe Reader and Adobe Acrobat Professional versions up to and including 9.2. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModul...

7.8CVSS6.9AI score0.81863EPSS
Exploits21
Total number of security vulnerabilities5000