6841 matches found
SMB Negotiate Dialect Corruption
This module sends a series of SMB negotiate requests with corrupted bytes This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Negotiate Dialect Corruption', 'Description' = %q This module sends...
SMB Tree Connect Request Fuzzer
This module sends a series of SMB tree connect requests using malicious strings. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Tree Connect Request Fuzzer', 'Description' = %q This module...
SMB Create Pipe Request Corruption
This module sends a series of SMB create pipe requests with corrupted bytes. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Create Pipe Request Corruption', 'Description' = %q This module...
SMB Create Pipe Request Fuzzer
This module sends a series of SMB create pipe requests using malicious strings. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Create Pipe Request Fuzzer', 'Description' = %q This module...
SMB NTLMv1 Login Request Corruption
This module sends a series of SMB login requests using the NTLMv1 protocol with corrupted bytes. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB NTLMv1 Login Request Corruption',...
SSH 1.5 Version Fuzzer
This module sends a series of SSH requests with malicious version strings. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SSH 1.5 Version Fuzzer', 'Description' = %q This module sends a series...
SSH Version Corruption
This module sends a series of SSH requests with a corrupted version string This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SSH Version Corruption', 'Description' = %q This module sends a series...
SSH Key Exchange Init Corruption
This module sends a series of SSH requests with a corrupted initial key exchange payload. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SSH Key Exchange Init Corruption', 'Description' = %q...
SSH 2.0 Version Fuzzer
This module sends a series of SSH requests with malicious version strings. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SSH 2.0 Version Fuzzer', 'Description' = %q This module sends a series...
SMB Negotiate SMB2 Dialect Corruption
This module sends a series of SMB negotiate requests that advertise a SMB2 dialect with corrupted bytes. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Negotiate SMB2 Dialect Corruption',...
TDS Protocol Login Request Corruption Fuzzer
This module sends a series of malformed TDS login requests. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TDS Protocol Login Request Corruption Fuzzer', 'Description' = %q This module sends a...
TDS Protocol Login Request Username Fuzzer
This module sends a series of malformed TDS login requests. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TDS Protocol Login Request Username Fuzzer', 'Description' = %q This module sends a...
Java JSP Command Shell, Bind TCP Inline
Listen for a connection and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 1593 include Msf::Payload::Single include Msf::Payload::JSP include...
Mambo Cache_Lite Class mosConfig_absolute_path Remote File Include
This module exploits a remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the CacheLite package in Mambo 4.6.4 and earlier. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...
BASE base_qry_common Remote File Include
This module exploits a remote file inclusion vulnerability in the baseqrycommon.php file in BASE 1.2.4 and earlier. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BASE baseqrycommon Remote Fil...
Microsoft Visual Basic VBP Buffer Overflow
This module exploits a stack buffer overflow in Microsoft Visual Basic 6.0. When a specially crafted vbp file containing a long reference line, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...
Search Engine Domain Email Address Collector
This module uses Google, Bing and Yahoo to create a list of valid email addresses for the target domain. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/http' class MetasploitModule 'Search Engine Domain...
Microsoft SQL Server Configuration Enumerator
This module will perform a series of configuration audits and security checks against a Microsoft SQL Server database. For this module to work, valid administrative user credentials must be supplied. This module requires Metasploit: https://metasploit.com/download Current source:...
Lyris ListManager MSDE Weak sa Password
This module exploits a weak password vulnerability in the Lyris ListManager MSDE install. During installation, the 'sa' account password is set to 'lminstall'. Once the install completes, it is set to 'lyris' followed by the process ID of the installer. This module brute forces all possible proce...
BlazeDVD 6.1 PLF Buffer Overflow
This module exploits a stack over flow in BlazeDVD 5.1 and 6.2. When the application is used to open a specially crafted plf file, a buffer is overwritten allowing for the execution of arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...
Talkative IRC v0.4.4.16 Response Buffer Overflow
This module exploits a stack buffer overflow in Talkative IRC v0.4.4.16. When a specially crafted response string is sent to a client, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...
VUPlayer M3U Buffer Overflow
This module exploits a stack over flow in VUPlayer 'VUPlayer M3U Buffer Overflow', 'Description' = %q This module exploits a stack over flow in VUPlayer MSFLICENSE, 'Author' = 'MC' , 'References' = 'CVE', '2006-6251' , 'OSVDB', '31710' , , 'DefaultOptions' = 'EXITFUNC' = 'process',...
VUPlayer CUE Buffer Overflow
This module exploits a stack based overflow in VUPlayer 'VUPlayer CUE Buffer Overflow', 'Description' = %q This module exploits a stack based overflow in VUPlayer MSFLICENSE, 'Author' = 'MC' , 'References' = 'OSVDB', '64581', 'BID', '33960' , , 'DefaultOptions' = 'EXITFUNC' = 'process',...
POP Peeper v3.4 DATE Buffer Overflow
This module exploits a stack buffer overflow in POP Peeper v3.4. When a specially crafted DATE string is sent to a client, an attacker may be able to execute arbitrary code. This module is based off of krakowlabs code. This module requires Metasploit: https://metasploit.com/download Current sourc...
POP Peeper v3.4 UIDL Buffer Overflow
This module exploits a stack buffer overflow in POP Peeper v3.4. When a specially crafted UIDL string is sent to a client, an attacker may be able to execute arbitrary code. This module is based off of krakowlabs code. This module requires Metasploit: https://metasploit.com/download Current sourc...
activePDF WebGrabber ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in activePDF WebGrabber 3.8. When sending an overly long string to the GetStatus method of APWebGrb.ocx 3.8.2.0 an attacker may be able to execute arbitrary code. This control is not marked safe for scripting, so choose your attack vector accordingly...
McAfee Remediation Client ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in McAfee Remediation Agent 4.5.0.41. When sending an overly long string to the DeleteSnapshot method of enginecom.dll 3.7.0.9 an attacker may be able to execute arbitrary code. This control is not marked safe for scripting, so choose your attack vecto...
Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in Electronic Arts SnoopyCtrl ActiveX Control NPSnpy.dll 1.1.0.36. When sending an overly long string to the CheckRequirements method, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download...
CA eTrust PestPatrol ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in CA eTrust PestPatrol. When sending an overly long string to the Initialize property of ppctl.dll 5.6.7.9 an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...
America Online ICQ ActiveX Control Arbitrary File Download and Execute
This module allows remote attackers to download and execute arbitrary files on a users system via the DownloadAgent function of the ICQPhone.SipxPhoneManager ActiveX control. This module requires Metasploit: https://metasploit.com/download Current source:...
AtHocGov IWSAlerts ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in AtHocGov IWSAlerts. When sending an overly long string to the CompleteInstallation method of AtHocGovTBr.dll 6.1.4.36 an attacker may be able to execute arbitrary code. This vulnerability was silently patched by the vendor. This module requires...
Symantec Alert Management System Intel Alert Originator Service Buffer Overflow
This module exploits a stack buffer overflow in Intel Alert Originator Service msgsys.exe. When an attacker sends a specially crafted alert, arbitrary code may be executed. This module requires Metasploit: https://metasploit.com/download Current source:...
Amaya Browser v11.0 'bdo' Tag Overflow
This module exploits a stack buffer overflow in the Amaya v11 Browser. By sending an overly long string to the "bdo" tag, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...
Xlink FTP Client Buffer Overflow
This module exploits a stack buffer overflow in Xlink FTP Client 32 Version 3.01 that comes bundled with Omni-NFS Enterprise 5.2. When an overly long FTP server response is received by a client, arbitrary code may be executed. This module requires Metasploit: https://metasploit.com/download Curre...
Omni-NFS Server Buffer Overflow
This module exploits a stack buffer overflow in Xlink Omni-NFS Server 5.2 When sending a specially crafted nfs packet, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...
Xlink FTP Server Buffer Overflow
This module exploits a stack buffer overflow in Xlink FTP Server that comes bundled with Omni-NFS Enterprise 5.2. When a overly long FTP request is sent to the server, arbitrary code may be executed. This module requires Metasploit: https://metasploit.com/download Current source:...
EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in the KeyWorks KeyHelp ActiveX Control KeyHelp.ocx 1.2.3120.0. This ActiveX Control comes bundled with EMC's Documentation ApplicationXtender 5.4. This module requires Metasploit: https://metasploit.com/download Current source:...
Oracle Database Enumeration
This module provides a simple way to scan an Oracle database server for configuration parameters that may be useful during a penetration test. Valid database credentials must be provided for this module to run. This module requires Metasploit: https://metasploit.com/download Current source:...
Adobe RoboHelp Server 8 Arbitrary File Upload and Execute
This module exploits an authentication bypass vulnerability which allows remote attackers to upload and execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule /Apache-Coyote/...
Java JSP Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 1501 include Msf::Payload::Single include Msf::Payload::JSP include...
Timbuktu Pro Directory Traversal/File Upload
This module exploits a directory traversal vulnerability in Motorola's Timbuktu Pro for Windows 8.6.5. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Timbuktu Pro Directory Traversal/File...
Motorola Timbuktu Service Detection
This module simply sends a packet to the Motorola Timbuktu service for detection. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Motorola Timbuktu Service Detection', 'Description' = %q This...
Reflective DLL Injection, Reverse All-Port TCP Stager
Inject a DLL via a reflective loader. Try to connect back to the attacker, on all possible ports 1-65535, slowly This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 282 include...
VNC Server (Reflective Injection), Reverse All-Port TCP Stager
Inject a VNC Dll via a reflective loader staged. Try to connect back to the attacker, on all possible ports 1-65535, slowly This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 282...
Windows Meterpreter (Reflective Injection), Reverse All-Port TCP Stager
Inject the Meterpreter server DLL via the Reflective Dll Injection payload staged. Requires Windows XP SP2 or newer. Try to connect back to the attacker, on all possible ports 1-65535, slowly This module requires Metasploit: https://metasploit.com/download Current source:...
Windows Meterpreter (skape/jt Injection), Reverse All-Port TCP Stager
Inject the meterpreter server DLL staged. Try to connect back to the attacker, on all possible ports 1-65535, slowly This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 282 include...
Windows Upload/Execute, Reverse All-Port TCP Stager
Uploads an executable and runs it staged. Try to connect back to the attacker, on all possible ports 1-65535, slowly This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 282 include...
Windows Command Shell, Reverse All-Port TCP Stager
Spawn a piped command shell staged. Try to connect back to the attacker, on all possible ports 1-65535, slowly This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 282 include...
Windows Inject DLL, Reverse All-Port TCP Stager
Inject a custom DLL into the exploited process. Try to connect back to the attacker, on all possible ports 1-65535, slowly This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 282 inclu...
NFS Mount Scanner
This module scans NFS mounts and their permissions. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFS Mount Scanner', 'Description' = %q This module scans NFS mounts and their permissions. ,...