6841 matches found
HTTPS Fetch
Fetch and execute a PPC64LE payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/ppc64le/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and...
HTTPS Fetch
Fetch and execute a PPC64LE payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/ppc64le/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options...
HTTPS Fetch
Fetch and execute an MIPSLE payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/ppc/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and...
HTTP Fetch
Fetch and execute an PPC payload from an HTTP server. Module Options msf use payload/cmd/linux/http/ppc/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...
TFTP Fetch
Fetch and execute an MIPSBE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/mipsbe/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...
TFTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an MIPSBE payload from a TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/mipsbe/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...
TFTP Fetch, Linux Command Shell, Find Port Inline
Fetch and execute an PPC64 payload from a TFTP server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/tftp/ppc64/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...show...
HTTP Fetch
Fetch and execute an MIPSBE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/mipsbe/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...
TFTP Fetch
Fetch and execute an ARMLE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/armle/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and se...
HTTP Fetch
Fetch and execute an MIPSBE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/mipsbe/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and...
HTTP Fetch
Fetch and execute an ARMLE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/armle/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...
HTTP Fetch, Linux Execute Command
Fetch and execute an MIPSLE payload from an HTTP server. A very small shellcode for executing commands. This module is sometimes helpful for testing purposes as well as on targets with extremely limited buffer space. Module Options msf use payload/cmd/linux/http/mipsle/exec msf payloadexec show...
HTTPS Fetch, Reverse TCP Stager
Fetch and execute an MIPSBE payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/linux/https/mipsbe/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...
HTTPS Fetch
Fetch and execute an AARCH64 payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/aarch64/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and...
TFTP Fetch
Fetch and execute an MIPSLE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/mipsle/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...
TFTP Fetch, Linux Execute Command
Fetch and execute an MIPSLE payload from a TFTP server. A very small shellcode for executing commands. This module is sometimes helpful for testing purposes as well as on targets with extremely limited buffer space. Module Options msf use payload/cmd/linux/tftp/mipsle/exec msf payloadexec show...
HTTP Fetch, Bind TCP Stager
Fetch and execute an ARMLE payload from an HTTP server. Listen for a connection Module Options msf use payload/cmd/linux/http/armle/meterpreter/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set options... msf...
TFTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an MIPSLE payload from a TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/mipsle/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...
HTTP Fetch
Fetch and execute an AARCH64 payload from an HTTP server. Module Options msf use payload/cmd/linux/http/aarch64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...sh...
HTTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an MIPSBE payload from an HTTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/http/mipsbe/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...
TFTP Fetch
Fetch and execute an PPC payload from an TFTP server. Module Options msf use payload/cmd/linux/tftp/ppc/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and set...
HTTP Fetch
Fetch and execute an PPC payload from an HTTP server. Module Options msf use payload/cmd/linux/http/ppc/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and s...
HTTPS Fetch, Linux Add User
Fetch and execute an ARMLE payload from an HTTPS server. Create a new user with UID 0 Module Options msf use payload/cmd/linux/https/armle/adduser msf payloadadduser show actions ...actions... msf payloadadduser set ACTION msf payloadadduser show options ...show and set options... msf...
TFTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an ARMLE payload from a TFTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/tftp/armle/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp show...
HTTPS Fetch
Fetch and execute an MIPSBE payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/mipsbe/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and s...
TFTP Fetch
Fetch and execute an ARMBE payload from a TFTP server. Module Options msf use payload/cmd/linux/tftp/armbe/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...
TFTP Fetch, Reverse TCP Stager
Fetch and execute an AARCH64 payload from a TFTP server. Connect back to the attacker Module Options msf use payload/cmd/linux/tftp/aarch64/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...
HTTP Fetch, Linux Command Shell, Reverse TCP Stager
Fetch and execute an MIPSLE payload from an HTTP server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/http/mipsle/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show...
HTTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an ARMLE payload from an HTTP server. Connect to target and spawn a command shell Module Options msf use payload/cmd/linux/http/armle/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show a...
HTTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an ARMLE payload from an HTTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/http/armle/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sho...
HTTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an PPC64 payload from an HTTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/http/ppc64/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...
HTTPS Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an PPC64 payload from an HTTPS server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/https/ppc64/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...
HTTP Fetch, Linux Add User
Fetch and execute an ARMLE payload from an HTTP server. Create a new user with UID 0 Module Options msf use payload/cmd/linux/http/armle/adduser msf payloadadduser show actions ...actions... msf payloadadduser set ACTION msf payloadadduser show options ...show and set options... msf payloadadduse...
HTTP Fetch
Fetch and execute an ARMBE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/armbe/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show and s...
HTTPS Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an MIPSBE payload from an HTTPS server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/https/mipsbe/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...
HTTPS Fetch
Fetch and execute an ARMLE payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/armle/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show...
TFTP Fetch, Linux dup2 Command Shell, Bind TCP Stager
Fetch and execute an ARMLE payload from a TFTP server. dup2 socket in r12, then execve. Listen for a connection Module Options msf use payload/cmd/linux/tftp/armle/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and...
HTTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an MIPSBE payload from an HTTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/http/mipsbe/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...
HTTPS Fetch, Linux Reboot
Fetch and execute an MIPSLE payload from an HTTPS server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/https/mipsle/reboot msf payloadreboo...
HTTP Fetch
Fetch and execute a PPC64LE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/ppc64le/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf payloadmeterpreterreversehttp show options ...show an...
HTTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an MIPSLE payload from an HTTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/http/mipsle/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp...
HTTP Fetch, Linux dup2 Command Shell, Reverse TCP Stager
Fetch and execute an AARCH64 payload from an HTTP server. dup2 socket in x12, then execve. Connect back to the attacker Module Options msf use payload/cmd/linux/http/aarch64/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp sh...
InvokeAI RCE
InvokeAI has a critical vulnerability leading to remote code execution in the /api/v2/models/install API through unsafe model deserialization. The API allows users to specify a model URL, which is downloaded and loaded server-side using torch.load without proper validation. This functionality...
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) unauthenticated Remote Code Execution
This exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access PRA and Remote Support RS, with the privileges of the site user of the targeted BeyondTrust product site. This exploit targets PRA and RS versions 24.3.1 and below. Module Options msf use...
mySCADA myPRO Manager Unauthenticated Command Injection (CVE-2024-47407)
Unauthenticated Command Injection in MyPRO Manager use exploit/windows/scada/mypromgrcmd msf exploitmypromgrcmd show targets ...targets... msf exploitmypromgrcmd set TARGET msf exploitmypromgrcmd show options ...show and set options... msf exploitmypromgrcmd exploit class MetasploitModule 'mySCAD...
Unauthenticated RCE in NetAlertX
An attacker can update NetAlertX settings with no authentication, which results in RCE. Module Options msf use exploit/linux/http/netalertxrcecve202446506 msf exploitnetalertxrcecve202446506 show targets ...targets... msf exploitnetalertxrcecve202446506 set TARGET msf...
Ivanti Connect Secure HTTP Scanner
This module will perform authentication scanning against Ivanti Connect Secure Module Options msf use auxiliary/scanner/ivanti/loginscanner msf auxiliaryloginscanner show actions ...actions... msf auxiliaryloginscanner set ACTION msf auxiliaryloginscanner show options ...show and set options... m...
Argus Surveillance DVR 4.0.0.0 - Directory Traversal
This module leverages an unauthenticated arbitrary file read for the Argus Surveillance 4.0.0.0 system which never saw an update since. As this is a Windows related application we recommend looking for common Windows file locations, especially C:\ProgramData\PYSoftware\Argus Surveillance...
Craft CMS Twig Template Injection RCE via FTP Templates Path
This module exploits a Twig template injection vulnerability in Craft CMS by abusing the --templatesPath argument. The vulnerability allows arbitrary template loading via FTP, leading to Remote Code Execution RCE. Module Options msf use exploit/linux/http/craftcmsftptemplate msf...
LibreNMS Authenticated RCE (CVE-2024-51092)
An authenticated attacker can create dangerous directory names on the system and alter sensitive configuration parameters through the web portal. Those two defects combined then allows to inject arbitrary OS commands inside shellexec calls, thus achieving arbitrary code execution. Module Options...