Netgear R6700v3 Unauthenticated LAN Admin Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear R6700v3 Unauthenticated LAN Admin Password Reset', 'Description' = %q This module targets ZDI-20-704 aka CVE-2020-10924, a buffer overflo...

Satel Iberia SenNet Data Logger And Electricity Meters Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Satel Iberia SenNet Data Logger and Electricity Meters Command Injection Vulnerability', 'Description' = %q This module exploits an OS Command...

Gather Kademlia Server Information

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gather Kademlia Server Information', 'Description' = %q This module uses the Kademlia BOOTSTRAP and PING messages to identify and extract...

Avahi Source Port 0 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Avahi Source Port 0 DoS', 'Description' = %q Avahi-daemon versions prior to 0.6.24 can be DoS'd with an mDNS packet with a source port of 0. ,...

Gather Steam Server Information

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gather Steam Server Information', 'Description' = %q This module uses the A2SINFO request to obtain information from a Steam server. , 'Author' =...

Microsoft SQL Server SQL Injection NTLM Stealer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SQLi NTLM Stealer', 'Description' = %q This module can be used to help capture or relay the LM/NTLM credentials of the accou...

NetDecision 4.2 TFTP Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "NetDecision 4.2 TFTP Directory Traversal", 'Description' = %q This modules exploits a directory traversal vulnerability in NetDecision 4.2 TFTP...

Solaris KCMS + TTDB Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solaris KCMS + TTDB Arbitrary File Read', 'Description' = %q This module targets a directory traversal vulnerability in the kcmsserver component...

BillQuick Web Suite txtID SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BillQuick Web Suite txtID SQLi', 'Description' = %q This module exploits a SQL injection vulnerability in BillQUick Web Suite prior to version...

Samba Symlink Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Samba Symlink Directory Traversal', 'Description' = %Q This module exploits a directory traversal flaw in the Samba CIFS server. To exploit this...

Moxa UDP Device Discovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Moxa UDP Device Discovery', 'Description' = %q The Moxa protocol listens on 4800/UDP and will respond to broadcast or direct traffic. The service...

Appian Enterprise Business Suite 5.6 SP1 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Appian Enterprise Business Suite 5.6 SP1 DoS', 'Description' = %q This module exploits a denial of service flaw in the Appian Enterprise Business...

ownCloud Phpinfo Reader

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ownCloud Phpinfo Reader', 'Description' = %q Docker containers of ownCloud compiled after February 2023, which have version 0.2.0 before 0.2.1 or...

Sielco Sistemi Winlog Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sielco Sistemi Winlog Remote File Access', 'Description' = %q This module exploits a directory traversal in Sielco Sistemi Winlog. The...

ColdFusion password.properties Hash Extraction

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ColdFusion 'password.properties' Hash Extraction", 'Description' = %q This module uses a directory traversal vulnerability to extract information...

Oracle SMB Relay Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle SMB Relay Code Execution', 'Description' = %q This module will help you to get Administrator access to OS using an unprivileged Oracle...

Apple Airport Extreme Password Extraction (WDBRPC)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apple Airport Extreme Password Extraction WDBRPC', 'Description' = %q This module can be used to read the stored password of a vulnerable Apple...

Xerox WorkCentre User Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xerox WorkCentre User Enumeration SNMP', 'Description' = %q This module will do user enumeration based on the Xerox WorkCentre present on the...

VxWorks WDB Agent Remote Memory Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VxWorks WDB Agent Remote Memory Dump', 'Description' = %q This module provides the ability to dump the system memory of a VxWorks target through...

TYPO3 Sa-2009-001 Weak Encryption Key File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TYPO3 sa-2009-001 Weak Encryption Key File Disclosure', 'Description' = %q This module exploits a flaw in TYPO3 encryption ey creation process to...

Solarwinds Orion AccountManagement.asmx GetAccounts Admin Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solarwinds Orion AccountManagement.asmx GetAccounts Admin Creation', 'Description' = %q This module exploits a stacked SQL injection in order to...

Oracle Account Discovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'csv' class MetasploitModule 'Oracle Account Discovery', 'Description' = %q This module uses a list of well known default authentication credentials to discover...

TrendMicro Data Loss Prevention 5.5 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TrendMicro Data Loss Prevention 5.5 Directory Traversal', 'Description' = %q This module tests whether a directory traversal vulnerability is...

Juniper JunOS Malformed TCP Option

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Juniper JunOS Malformed TCP Option', 'Description' = %q This module exploits a denial of service vulnerability in Juniper Network's JunOS router...

AVTECH 744 DVR Account Information Retrieval

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AVTECH 744 DVR Account Information Retrieval', 'Description' = %q This module will extract the account information from the AVTECH 744 DVR device...

Canon Wireless Printer Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Canon Wireless Printer Denial Of Service', 'Description' = %q The HTTP management interface on several models of Canon Wireless printers allows f...

WordPress W3-Total-Cache 0.9.2.4 Username / Hash Extraction

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress W3-Total-Cache Plugin 0.9.2.4 or before Username and Hash Extract', 'Description' = "The W3-Total-Cache Wordpress Plugin MSFLICENSE,...

Android Browser File Theft

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android Browser File Theft', 'Description' = %q This module steals the cookie, password, and autofill databases from the Browser application on...

HTTP Client LAN IP Address Gather

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Client LAN IP Address Gather', 'Description' = %q This module retrieves a browser's network interface IP addresses using WebRTC. , 'License'...

Flash Rosetta JSONP GET/POST Response Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Flash "Rosetta" JSONP GET/POST Response Disclosure', 'Description' = %q A website that serves a JSONP endpoint that accepts a custo...

SolarWinds TFTP Server 10.4.0.10 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarWinds TFTP Server 10.4.0.10 Denial of Service' , 'Description' = %q The SolarWinds TFTP server can be shut down by sending a 'netascii' read...

FortiOS Path Traversal Credential Gatherer

frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiOS Path Traversal Credential Gatherer', 'Description' = %q Fortinet FortiOS versions 5.4.6 to 5.4.12, 5.6.3 to 5.6...

Adobe ColdFusion Unauthenticated Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Adobe ColdFusion Unauthenticated Arbitrary File Read', 'Description' = %q This module exploits a remote unauthenticated deserialization of...

Pulse Secure VPN Arbitrary File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pulse Secure VPN Arbitrary File Disclosure', 'Description' = %q This module exploits a pre-auth directory traversal in the Pulse Secure VPN serve...

Advantech WebAccess DBVisitor.dll ChartThemeConfig SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'Advantech WebAccess DBVisitor.dll ChartThemeConfig SQL Injection', 'Description' = %q This module exploits a SQL injecti...

WebEx Remote Command Execution Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebEx Remote Command Execution Utility', 'Description' = %q This module enables the execution of a single command as System by exploiting a remot...

TFTP Brute Forcer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TFTP Brute Forcer', 'Description' = 'This module uses a dictionary to brute force valid TFTP image names from a TFTP server.', 'Author' =...

Jasmin Ransomware Web Server Unauthenticated Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jasmin Ransomware Web Server Unauthenticated Directory Traversal', 'Description' = %q The Jasmin Ransomware web server contains an unauthenticate...

SAP Solution Manager Remote Unauthorized OS Commands Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Solution Manager remote unauthorized OS commands execution', 'License' = MSFLICENSE, 'Author' = 'Yvan Genuer', @1ggy The researcher who...

WebNMS Framework Server Arbitrary Text File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebNMS Framework Server Arbitrary Text File Download', 'Description' = %q This module abuses a vulnerability in WebNMS Framework Server 5.2 that...

LDAP Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LDAP Information Disclosure', 'Description' = %q This module uses an anonymous-bind LDAP connection to dump data from an LDAP server. Searching f...

Huawei Datacard Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' class MetasploitModule /./i, 'Serial Number' = /./i, 'IMEI' = /./i, 'IMSI' = /./i, 'ICCID' = /./i, 'Hardware Version' = /./i, 'Software Version' = /./i,...

Victory FTP Server 5.0 LIST Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Victory FTP Server 5.0 LIST DoS', 'Description' = %q The Victory FTP Server v5.0 can be brought down by sending a very simple LIST command ,...

Apache Range Header Denial of Service (Apache Killer)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Range Header DoS Apache Killer', 'Description' = %q The byterange filter in the Apache HTTP Server 2.0.x through 2.0.64, and 2.2.x through...

MS14-068 Microsoft Kerberos Checksum Validation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS14-068 Microsoft Kerberos Checksum Validation Vulnerability', 'Description' = %q This module exploits a vulnerability in the Microsoft Kerberos...

Netlogon Weak Cryptographic Authentication

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'windowserror' class MetasploitModule 'Netlogon Weak Cryptographic Authentication', 'Description' = %q A vulnerability exists within the Netlogon authentication...

IBM BigFix Relay Server Sites and Package Enum

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM BigFix Relay Server Sites and Package Enum', 'Description' = %q This module retrieves masthead, site, and available package information from...

CouchDB Enum Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CouchDB Enum Utility', 'Description' = %q This module enumerates databases on CouchDB using the REST API without authentication by default. ,...

NFR Agent Heap Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent Heap Overflow Vulnerability', 'Description' = %q This module exploits a heap overflow in NFRAgent.exe, a component of Novell File...

TYPO3 Winstaller Default Encryption Keys

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TYPO3 Winstaller Default Encryption Keys', 'Description' = %q This module exploits known default encryption keys found in the TYPO3 Winstaller...