Ray Sharp DVR Password Retriever

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ray Sharp DVR Password Retriever', 'Description' = %q This module takes advantage of a protocol design issue with the Ray Sharp based DVR systems...

Microsoft Exchange ProxyLogon Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework begin auxiliary class class MetasploitModule 'Microsoft Exchange ProxyLogon Scanner', 'Description' = %q This module scan for a vulnerability on Microsoft Exchange Serve...

Multiple DVR Manufacturers Configuration Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Multiple DVR Manufacturers Configuration Disclosure', 'Description' = %q This module takes advantage of an authentication bypass vulnerability at...

ClanSphere 2011.3 Local File Inclusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ClanSphere 2011.3 Local File Inclusion Vulnerability', 'Description' = %q This module exploits a directory traversal flaw found in Clansphere...

Spring Cloud Config Server Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Directory Traversal in Spring Cloud Config Server', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability...

HTTP Open Proxy Detection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Open Proxy Detection', 'Description' = %q Checks if an HTTP proxy is open. False positive are avoided verifying the HTTP return code and...

Embedthis GoAhead Embedded Web Server Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Embedthis GoAhead Embedded Web Server Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability in the...

Apache 2.4.49/2.4.50 Traversal Remote Code Execution Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache 2.4.49/2.4.50 Traversal RCE scanner', 'Description' = %q This module scans for an unauthenticated RCE vulnerability which exists in Apache...

Microsoft IIS Shortname Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS shortname vulnerability scanner', 'Description' = %q The vulnerability is caused by a tilde character "" in a GET or OPTIONS reques...

HP Intelligent Management SOM FileDownloadServlet Arbitrary Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management SOM FileDownloadServlet Arbitrary Download', 'Description' = %q This module exploits a lack of authentication and acces...

Cambium CnPilot R200/r201 Login Scanner And Config Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium cnPilot r200/r201 Login Scanner and Config Dump', 'Description' = % This module scans for Cambium cnPilot r200/r201 management login...

Wordpress Pingback Locator

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Pingback Locator', 'Description' = %q This module will scan for wordpress sites with the Pingback API enabled. By interfacing with the...

InfoVista VistaPortal Application Bruteforce Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'InfoVista VistaPortal Application Bruteforce Login Utility', 'Description' = % This module attempts to scan for InfoVista VistaPortal Web...

Barracuda Multiple Product Locale Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Barracuda Multiple Product "locale" Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability present in...

SAP /sap/bc/soap/rfc SOAP Service RFC_SYSTEM_INFO Function Sensitive Information Gathering

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...

Wordpress Arbitrary File Deletion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Arbitrary File Deletion', 'Description' = %q An arbitrary file deletion vulnerability in the WordPress core allows any user with...

OKI Printer Default Login Credential Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework TODO: Split this module into two separate SNMP and HTTP modules. class MetasploitModule 'OKI Printer Default Login Credential Scanner', 'Description' = %q This module...

Apache ActiveMQ JSP Files Source Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache ActiveMQ JSP Files Source Disclosure', 'Description' = %q This module exploits a source code disclosure in Apache ActiveMQ. The...

WinRM Command Runner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/winrm/connection' class MetasploitModule 'WinRM Command Runner', 'Description' = %q This module runs arbitrary Windows commands using the WinRM Service ,...

Web-Dorado ECommerce WD For Joomla! Search_category_id SQL Injection Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Web-Dorado ECommerce WD for Joomla! searchcategoryid SQL Injection Scanner', 'Description' = %q This module will scan for hosts...

Apache Axis2 Brute Force Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/loginscanner/axis2' require 'metasploit/framework/credentialcollection' class MetasploitModule 'Apache Axis2 Brute Force Utility',...

WordPress Duplicator File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Duplicator File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in...

Microsoft Exchange Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Exchange Privilege Escalation Exploit', 'Description' = %q This module exploits a privilege escalation vulnerability found in Microsoft...

Wordpress Paid Membership Pro Code Unauthenticated SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Paid Membership Pro code Unauthenticated SQLi', 'Description' = %q Paid Membership Pro, a WordPress plugin, prior to 2.9.8 is affected ...

Adobe XML External Entity Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Adobe XML External Entity Injection', 'Description' = %q Multiple Adobe Products -- XML External Entity Injection. Affected Software: BlazeDS 3.2...

Grafana Plugin Path Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Grafana Plugin Path Traversal', 'Description' = %q Grafana versions 8.0.0-beta1 through 8.3.0 prior to 8.0.7, 8.1.8, 8.2.7, or 8.3.1 are vulnerab...

WordPress ChopSlider3 Id SQL Injection Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress ChopSlider3 id SQLi Scanner', 'Description' = %q The iDangero.us Chop Slider 3 WordPress plugin version 3.4 and prior contains a blind...

Oracle Demantra Database Credentials Leak

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Demantra Database Credentials Leak', 'Description' = %q This module exploits a database credentials leak found in Oracle Demantra 12.2.1 i...

NFS Mount Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFS Mount Scanner', 'Description' = %q This module scans NFS mounts and their permissions. , 'Author' = '', 'References' = 'CVE', '1999-0170',...

Elasticsearch Memory Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Elasticsearch Memory Disclosure', 'Description' = %q This module exploits a memory disclosure vulnerability in Elasticsearch 7.10.0 to 7.13.3...

Lotus Domino Brute Force Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lotus Domino Brute Force Utility', 'Description' = 'Lotus Domino Authentication Brute Force Utility', 'Author' = 'Tiago Ferreira ', 'License' =...

Apache Tomcat User Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Tomcat User Enumeration', 'Description' = %q This module enumerates Apache Tomcat's usernames via malformed requests to jsecuritycheck,...

FTP Bounce Port Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FTP Bounce Port Scanner', 'Description' = %q Enumerate TCP services via the FTP bounce PORT/LIST method. , 'Author' = 'kris katterjohn', 'License...

Apple Remote Desktop Root

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apple Remote Desktop Root Vulnerability', 'Description' = 'Enable and set root account to a chosen password on unpatched macOS High Sierra hosts...

MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner', 'Description' = %q This module is based on et's HTTP Directory Scanner module, with...

SAP SOAP RFC EPS_GET_DIRECTORY_LISTING Directories Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...

Dolibarr 16 Pre-auth Contact Database Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dolibarr 16 pre-auth contact database dump', 'Description' = %q Dolibarr version 16 'Vladimir TOUTAIN', 'Nolan LOSSIGNOL-DRILLIEN' , 'License' =...

HTTP Microsoft SQL Injection Table XSS Infection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Microsoft SQL Injection Table XSS Infection', 'Description' = %q This module implements the mass SQL injection attack in use lately by...

Novell ZENworks Asset Management 7.5 Configuration Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell ZENworks Asset Management 7.5 Configuration Access', 'Description' = %q This module exploits a hardcoded user and password for the GetConf...

SAP /sap/bc/soap/rfc SOAP Service SXPG_COMMAND_EXEC Function Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...

Yaws Web Server Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Yaws Web Server Directory Traversal", 'Description' = %q This module exploits a directory traversal bug in Yaws v1.9.1 or less. The module can on...

HP SiteScope SOAP Call GetSiteScopeConfiguration Configuration Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP SiteScope SOAP Call getSiteScopeConfiguration Configuration Access', 'Description' = %q This module exploits an authentication bypass...

WordPress Total Upkeep Unauthenticated Backup Downloader

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Total Upkeep Unauthenticated Backup Downloader', 'Description' = %q This module exploits an unauthenticated database backup vulnerabili...

Novell ZENworks Asset Management 7.5 Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell ZENworks Asset Management 7.5 Remote File Access', 'Description' = %q This module exploits a hardcoded user and password for the GetFile...

Portmapper Amplification Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Portmapper Amplification Scanner', 'Description' = %q This module can be used to discover Portmapper services which can be used in an amplificati...

Cisco SSL VPN Bruteforce Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco SSL VPN Bruteforce Login Utility', 'Description' = % This module scans for Cisco SSL VPN web login portals and performs login brute force t...

WordPress REST API Content Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress REST API Content Injection', 'Description' = %q This module exploits a content injection vulnerability in WordPress versions 4.7 and...

Microsoft IIS HTTP Internal IP Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS HTTP Internal IP Disclosure', 'Description' = %q Collect any leaked internal IPs by requesting commonly redirected locations from...

Apache Axis2 1.4.1 Local File Inclusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Axis2 v1.4.1 Local File Inclusion', 'Description' = %q This module exploits an Apache Axis2 v1.4.1 local file inclusion LFI vulnerability...

HP SiteScope SOAP Call GetFileInternal Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP SiteScope SOAP Call getFileInternal Remote File Access', 'Description' = %q This module exploits an authentication bypass vulnerability in HP...