50738 matches found
GitLab GraphQL API User Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GitLab GraphQL API User Enumeration', 'Description' = %q This module queries the GitLab GraphQL API without authentication to acquire the list of...
VICIdial Multiple Authenticated SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VICIdial Multiple Authenticated SQLi', 'Description' = %q This module exploits several authenticated SQL Inject vulnerabilities in VICIdial...
SAP SOAP Service RFC_PING Login Brute Forcer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...
ManageEngine Support Center Plus Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Support Center Plus Directory Traversal", 'Description' = %q This module exploits a directory traversal vulnerability found in...
Novell Zenworks Mobile Device Management Admin Credentials
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell Zenworks Mobile Device Management Admin Credentials', 'Description' = %q This module attempts to pull the administrator credentials from a...
InfoVista VistaPortal Application Bruteforce Login Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'InfoVista VistaPortal Application Bruteforce Login Utility', 'Description' = % This module attempts to scan for InfoVista VistaPortal Web...
Telerik Report Server Auth Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Telerik Report Server Auth Bypass', 'Description' = %q This module exploits an authentication bypass vulnerability in Telerik Report Server...
Synology Forget Password User Enumeration Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Synology Forget Password User Enumeration Scanner', 'Description' = %q This module attempts to enumerate users on the Synology NAS by sending GET...
SAP SOAP RFC PFL_CHECK_OS_FILE_EXISTENCE File Existence Check
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...
Simple Web Server 2.3-RC1 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Simple Web Server 2.3-RC1 Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in Simple Web...
Konica Minolta FTP Utility 1.00 Directory Traversal Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Konica Minolta FTP Utility 1.00 Directory Traversal Information Disclosure', 'Description' = %q This module exploits a directory traversal...
VNC Authentication None Detection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VNC Authentication None Detection', 'Description' = 'Detect VNC servers that support the "None" authentication method.', 'References' = 'CVE',...
RIPS Scanner Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'RIPS Scanner Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability in the RIPS Scanner v0.54, allowin...
Accellion FTA Statecode Cookie Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Accellion FTA 'statecode' Cookie Arbitrary File Read", 'Description' = %q This module exploits a file disclosure vulnerability in the Accellion...
MediaWiki SVG XML Entity Expansion Remote File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MediaWiki SVG XML Entity Expansion Remote File Access', 'Description' = %q This module attempts to read a remote file from the server using a...
Httpdasm Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Httpdasm Directory Traversal', 'Description' = %q This module allows for traversing the file system of a host running httpdasm v0.92. , 'Author' ...
Cisco SSL VPN Bruteforce Login Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco SSL VPN Bruteforce Login Utility', 'Description' = % This module scans for Cisco SSL VPN web login portals and performs login brute force t...
MS17-010 SMB Remote Code Execution Detection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS17-010 SMB RCE Detection', 'Description' = %q Uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it...
Cassandra Web File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cassandra Web File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Cassandra...
SAP Management Console Brute Force
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console Brute Force', 'Description' = %q This module simply attempts to brute force the username and password for the SAP Manageme...
Dahua DVR Authentication Bypass Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule %qDahua DVR Auth Bypass Scanner, 'Description' = %qScans for Dahua-based DVRs and then grabs settings. Optionally resets a user's password and...
Cisco ASA Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability in Cisco's Adaptive Security Applianc...
Supermicro Onboard IPMI Url_redirect.cgi Authenticated Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Supermicro Onboard IPMI urlredirect.cgi Authenticated Directory Traversal', 'Description' = %q This module abuses a directory...
Easy File Sharing FTP Server 3.6 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Easy File Sharing FTP Server 3.6 Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in Easy...
Apache Reverse Proxy Bypass Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Reverse Proxy Bypass Vulnerability Scanner', 'Description' = %q Scan for poorly configured reverse proxy servers. By default, this module...
Sybase Easerver 6.3 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sybase Easerver 6.3 Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in Sybase EAserver's...
NFS Mount Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFS Mount Scanner', 'Description' = %q This module scans NFS mounts and their permissions. , 'Author' = '', 'References' = 'CVE', '1999-0170',...
Apple Remote Desktop Root
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apple Remote Desktop Root Vulnerability', 'Description' = 'Enable and set root account to a chosen password on unpatched macOS High Sierra hosts...
Fortinet SSL VPN Bruteforce Login Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortinet SSL VPN Bruteforce Login Utility', 'Description' = % This module scans for Fortinet SSL VPN web login portals and performs login brute...
IBM WebSphere MQ Channel Name Bruteforce
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM WebSphere MQ Channel Name Bruteforce', 'Description' = 'This module uses a dictionary to bruteforce MQ channel names. For all identified...
Log4Shell HTTP Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Log4Shell HTTP Scanner', 'Description' = %q Versions of Apache Log4j2 impacted by CVE-2021-44228 which allow JNDI features used in configuration,...
SAP Host Agent Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'SAP Host Agent Information Disclosure', 'Description' = %q This module attempts to retrieve Computer and OS info from Ho...
NTP Mode 7 PEER_LIST Denial Of Service Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP Mode 7 PEERLIST DoS Scanner', 'Description' = %q This module identifies NTP servers which permit "PEERLIST" queries and return responses that...
Spring Cloud Config Server Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Spring Cloud Config Server Directory Traversal', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability whi...
Multiple DVR Manufacturers Configuration Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Multiple DVR Manufacturers Configuration Disclosure', 'Description' = %q This module takes advantage of an authentication bypass vulnerability at...
Cisco ASA Clientless SSL VPN (WebVPN) Brute-force Login Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA Clientless SSL VPN WebVPN Brute-force Login Utility', 'Description' = %q This module scans for Cisco ASA Clientless SSL VPN WebVPN web...
DNS Amplification Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DNS Amplification Scanner', 'Description' = %q This module can be used to discover DNS servers which expose recursive name lookups which can be...
HP Intelligent Management IctDownloadServlet Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management IctDownloadServlet Directory Traversal', 'Description' = %q This module exploits a lack of authentication and a directo...
HTTP Open Proxy Detection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Open Proxy Detection', 'Description' = %q Checks if an HTTP proxy is open. False positive are avoided verifying the HTTP return code and...
OpenMind Message-OS Portal Login Brute Force Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenMind Message-OS Portal Login Brute Force Utility', 'Description' = % This module scans for OpenMind Message-OS provisioning web login portal,...
Supermicro Onboard IPMI CGI Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Supermicro Onboard IPMI CGI Vulnerability Scanner', 'Description' = %q This module checks for known vulnerabilities in the CGI...
Libssh Authentication Bypass Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'libssh Authentication Bypass Scanner', 'Description' = %q This module exploits an authentication bypass in libssh server code where a...
LimeSurvey Zip Path Traversals
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LimeSurvey Zip Path Traversals', 'Description' = %q This module exploits an authenticated path traversal vulnerability found in LimeSurvey versio...
Apache ActiveMQ JSP Files Source Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache ActiveMQ JSP Files Source Disclosure', 'Description' = %q This module exploits a source code disclosure in Apache ActiveMQ. The...
JBoss Status Servlet Information Gathering
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBoss Status Servlet Information Gathering', 'Description' = %q This module queries the JBoss status servlet to collect sensitive information,...
Ruby On Rails JSON Processor YAML Deserialization Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby on Rails JSON Processor YAML Deserialization Scanner', 'Description' = %q This module attempts to identify Ruby on Rails instances vulnerabl...
Ruby On Rails XML Processor YAML Deserialization Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby on Rails XML Processor YAML Deserialization Scanner', 'Description' = %q This module attempts to identify Ruby on Rails instances vulnerable...
Chef Web UI Brute Force Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/loginscanner/chefwebui' require 'metasploit/framework/credentialcollection' class MetasploitModule 'Chef Web UI Brute Force Utility',...
Apache Axis2 Brute Force Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/loginscanner/axis2' require 'metasploit/framework/credentialcollection' class MetasploitModule 'Apache Axis2 Brute Force Utility',...
Cisco IOS HTTP Unauthorized Administrative Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOS HTTP Unauthorized Administrative Access', 'Description' = %q This module exploits a vulnerability in the Cisco IOS HTTP Server. By...