50738 matches found
NFR Agent FSFUI Record Arbitrary Remote File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent FSFUI Record Arbitrary Remote File Access', 'Description' = %q NFRAgent.exe, a component of Novell File Reporter NFR, allows remote...
Cambium EPMP 1000 Get_chart Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP 1000 'getchart' Command Injection v3.1-3.5-RC7", 'Description' = % This module exploits an OS Command Injection vulnerability in...
Linknat Vos Manager Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linknat Vos Manager Traversal', 'Description' = %q This module attempts to test whether a file traversal vulnerability is present in version of...
NetDecision NOCVision Server Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetDecision NOCVision Server Directory Traversal', 'Description' = %q This module exploits a directory traversal bug in NetDecision's...
Nginx Source Code Disclosure/Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nginx Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions 0.7 a...
Sage X3 AdxAdmin Login Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/loginscanner/x3' require 'metasploit/framework/credentialcollection' class MetasploitModule 'Sage X3 AdxAdmin Login Scanner', 'Description'...
Apache Mod_userdir User Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache "moduserdir" User Enumeration', 'Description' = %qApache with the UserDir directive enabled generates different error codes when a usernam...
Dolibarr 16 Pre-auth Contact Database Dump
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dolibarr 16 pre-auth contact database dump', 'Description' = %q Dolibarr version 16 'Vladimir TOUTAIN', 'Nolan LOSSIGNOL-DRILLIEN' , 'License' =...
Chromecast Wifi Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chromecast Wifi Enumeration', 'Description' = %q This module enumerates wireless access points through Chromecast. , 'Author' = 'wvu', 'Reference...
S40 0.4.2 CMS Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'S40 0.4.2 CMS Directory Traversal Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability found in S40 CMS. T...
Apache Karaf Default Credentials Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' class MetasploitModule "Apache Karaf Default Credentials Command Execution", 'Description' = %q This module exploits a default misconfiguration flaw on...
WordPress GI-Media Library Plugin Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress GI-Media Library Plugin Directory Traversal Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability...
SAP BusinessObjects User Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP BusinessObjects User Enumeration', 'Description' = %Q This module simply attempts to enumerate SAP BusinessObjects users. The dswsbobje...
JBoss Status Servlet Information Gathering
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBoss Status Servlet Information Gathering', 'Description' = %q This module queries the JBoss status servlet to collect sensitive information,...
Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Outlook Web App OWA / Client Access Server CAS IIS HTTP Internal IP Disclosure', 'Description' = %q This module tests vulnerable IIS HTTP header...
HP Intelligent Management FaultDownloadServlet Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management FaultDownloadServlet Directory Traversal', 'Description' = %q This module exploits a lack of authentication and a...
WordPress Email Subscribers And Newsletter Hash SQL Injection Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Email Subscribers and Newsletter Hash SQLi Scanner', 'Description' = %q Email Subscribers & Newsletters plugin contains an...
HTTP Microsoft SQL Injection Table XSS Infection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Microsoft SQL Injection Table XSS Infection', 'Description' = %q This module implements the mass SQL injection attack in use lately by...
NTP Mode 7 GET_RESTRICT DRDoS Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP Mode 7 GETRESTRICT DRDoS Scanner', 'Description' = %q This module identifies NTP servers which permit "reslist" queries and obtains the list ...
Apache Axis2 Brute Force Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/loginscanner/axis2' require 'metasploit/framework/credentialcollection' class MetasploitModule 'Apache Axis2 Brute Force Utility',...
SAP Web GUI Login Brute Forcer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...
HTTP SickRage Password Leak
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP SickRage Password Leak', 'Description' = %q SickRage 'Sven Fassbender', EDB POC 'Shelby Pace' Metasploit Module , 'License' = MSFLICENSE,...
FTP Authentication Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/ftp' class MetasploitModule 'FTP Authentication Scanner', 'Description' = ...
Novell Groupwise Agents HTTP Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell Groupwise Agents HTTP Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability in Novell Groupwis...
TVT NVMS-1000 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TVT NVMS-1000 Directory Traversal', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability which exists in...
Cerberus FTP Server SFTP Username Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' class MetasploitModule 'Cerberus FTP Server SFTP Username Enumeration', 'Description' = %q This module uses a dictionary to brute force valid usernames...
Emby SSRF HTTP Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Emby SSRF HTTP Scanner', 'Description' = 'Generates a GET request to the provided web servers and executes an SSRF against the targeted EMBY...
WordPress DukaPress Plugin File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress DukaPress Plugin File Read Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability in WordPress...
ManageEngine DeviceExpert 5.6 ScheduleResultViewer FileName Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine DeviceExpert 5.6 ScheduleResultViewer FileName Traversal', 'Description' = %q This module exploits a directory traversal vulnerabili...
Cisco IOS HTTP Unauthorized Administrative Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOS HTTP Unauthorized Administrative Access', 'Description' = %q This module exploits a vulnerability in the Cisco IOS HTTP Server. By...
WordPress Subscribe Comments File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Subscribe Comments File Read Vulnerability', 'Description' = %q This module exploits an authenticated directory traversal vulnerability...
TP-Link Wireless Lite N Access Point Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TP-Link Wireless Lite N Access Point Directory Traversal Vulnerability', 'Description' = %q This module tests whether a directory traversal...
Dicoogle PACS Web Server Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dicoogle PACS Web Server Directory Traversal', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in th...
Fortinet SSH Backdoor Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortinet SSH Backdoor Scanner', 'Description' = %q This module scans for the Fortinet SSH backdoor. , 'Author' = 'operator8203 ', PoC 'wvu' Modul...
HTTP Virtual Host Brute Force Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework May I reuse some methods? require 'cgi' class MetasploitModule 'HTTP Virtual Host Brute Force Scanner', 'Description' = %q This module tries to identify unique virtual...
ManageEngine SecurityManager Plus 5.5 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine SecurityManager Plus 5.5 Directory Traversal', 'Description' = %q This module exploits a directory traversal flaw found in...
Eaton Xpert Meter SSH Private Key Exposure Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework XXX: This shouldn't be necessary but is now require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule 'Eaton Xpert Meter SSH Private Key Exposure Scanner'...
Apache Flink JobManager Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Flink JobManager Traversal', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Apache Flink...
WordPress Loginizer Log SQL Injection Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Loginizer log SQLi Scanner', 'Description' = %q Loginizer wordpress plugin contains an unauthenticated timebased SQL injection in...
Atlassian Crowd XML Entity Expansion Remote File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Crowd XML Entity Expansion Remote File Access', 'Description' = %q This module simply attempts to read a remote file from the server...
Cisco Ironport Bruteforce Login Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Ironport Bruteforce Login Utility', 'Description' = % This module scans for Cisco Ironport SMA, WSA and ESA web login portals, finds AsyncO...
Kodi 17.0 Local File Inclusion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kodi 17.0 Local File Inclusion Vulnerability', 'Description' = %q This module exploits a directory traversal flaw found in Kodi before 17.1. ,...
Microsoft Exchange Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Exchange Privilege Escalation Exploit', 'Description' = %q This module exploits a privilege escalation vulnerability found in Microsoft...
HP SiteScope SOAP Call GetSiteScopeConfiguration Configuration Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP SiteScope SOAP Call getSiteScopeConfiguration Configuration Access', 'Description' = %q This module exploits an authentication bypass...
Joomla API Improper Access Checks
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Joomla API Improper Access Checks', 'Description' = %q Joomla versions between 4.0.0 and 4.2.7, inclusive, contain an improper API access...
Titan FTP XCRC Directory Traversal Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Titan FTP XCRC Directory Traversal Information Disclosure', 'Description' = %q This module exploits a directory traversal vulnerability in the XC...
HTTP Git Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Git Scanner', 'Description' = %q This module can detect situations where there may be information disclosure vulnerabilities that occur when...
Carlo Gavazzi Energy Meters Login Brute Force, Extract Info And Dump Plant Database
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Carlo Gavazzi Energy Meters - Login Brute Force, Extract Info and Dump Plant Database', 'Description' = % This module scans for Carlo Gavazzi...
Apache HTTPD Mod_negotiation Filename Bruter
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework modnegotiation bruter http://httpd.apache.org/docs/1.3/content-negotiation.html class MetasploitModule 'Apache HTTPD modnegotiation Filename Bruter', 'Description' = %q...
Spring Cloud Config Server Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Directory Traversal in Spring Cloud Config Server', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability...