50738 matches found
Amazon Fire TV YouTube Remote Control
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Amazon Fire TV YouTube Remote Control', 'Description' = %q This module acts as a simple remote control for the Amazon Fire TV's YouTube app. Test...
Cambium CnPilot R200/r201 SNMP Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium cnPilot r200/r201 SNMP Enumeration', 'Description' = % Cambium cnPilot r200/r201 devices can be administered using SNMP. The device...
Schneider Modicon Quantum Password Recovery
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Quantum Password Recovery', 'Description' = %q The Schneider Modicon Quantum series of Ethernet cards store usernames and...
Telisca IPS Lock Cisco IP Phone Control
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Telisca IPS Lock Cisco IP Phone Control', 'Description' = %q This module allows an unauthenticated attacker to exercise the "Lock" and "Unlock"...
TYPO3 News Module SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TYPO3 News Module SQL Injection', 'Description' = %q This module exploits a SQL Injection vulnerability In TYPO3 NewsController.php in the news...
Pimcore Gather Credentials via SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pimcore Gather Credentials via SQL Injection', 'Description' = %q This module extracts the usernames and hashed passwords of all users of the...
Solarwinds Orion AccountManagement.asmx GetAccounts Admin Creation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solarwinds Orion AccountManagement.asmx GetAccounts Admin Creation', 'Description' = %q This module exploits a stacked SQL injection in order to...
Memcached Stats Amplification Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Memcached Stats Amplification Scanner', 'Description' = %q This module can be used to discover Memcached servers which expose the unrestricted UD...
Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service', 'Description' = %q This module sends a specially-crafted SSH Key Exchange causing t...
Android Open Source Platform (AOSP) Browser UXSS
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android Open Source Platform AOSP Browser UXSS', 'Description' = %q This module exploits a Universal Cross-Site Scripting UXSS vulnerability...
Cisco Data Center Network Manager Unauthenticated File Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Data Center Network Manager Unauthenticated File Download', 'Description' = %q DCNM exposes a servlet to download files on...
Ray Static Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ray static arbitrary file read', 'Description' = %q Ray before 2.8.1 is vulnerable to a local file inclusion. , 'Author' = 'byt3bl33d3r ', Python...
Allen-Bradley/Rockwell Automation EtherNet/IP CIP Commands
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Allen-Bradley/Rockwell Automation EtherNet/IP CIP Commands', 'Description' = %q The EtherNet/IP CIP protocol allows a number of unauthenticated...
Hikvision IP Camera Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unauthenticated information disclosure such as configuration, credentials and camera snapshots of a vulnerable Hikvision IP Camera', 'Description...
Netgear Unauthenticated SOAP Password Extractor
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear Unauthenticated SOAP Password Extractor', 'Description' = %q This module exploits an authentication bypass vulnerability in different...
Fortra FileCatalyst Workflow SQL Injection
require 'digest/md5' class MetasploitModule 'Fortra FileCatalyst Workflow SQL Injection CVE-2024-5276', 'Description' = %q This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow 'Tenable', Discovery and PoC 'Michael Heinzl' MSF Module , 'References' = 'CVE', '2024-5276...
NIS bootparamd Domain Name Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NIS bootparamd Domain Name Disclosure', 'Description' = %q This module discloses the NIS domain name from bootparamd. You must know a client...
Oracle DB SQL Injection Via DBMS_EXPORT_EXTENSION
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via DBMSEXPORTEXTENSION', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting a sql...
Axigen Arbitrary File Read And Delete
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Axigen Arbitrary File Read and Delete', 'Description' = %q This module exploits a directory traversal vulnerability in the WebAdmin interface of...
OpenEMR 5.0.1 Patch 6 SQL Injection
require 'csv' This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenEMR 5.0.1 Patch 6 SQLi Dump', 'Description' = ' This module exploits a SQLi vulnerability found in OpenEMR version 5.0.1 Patch ...
JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure', 'Description' = %q SIEMENS IP-Camera CVMS2025-IR + CCMS2025, JVC IP-Camera...
UoW Pop2d Remote File Retrieval
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'UoW pop2d Remote File Retrieval Vulnerability', 'Description' = %q This module exploits a vulnerability in the FOLD command of the University of...
Cisco ASA Authentication Bypass (EXTRABACON)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA Authentication Bypass EXTRABACON', 'Description' = %q This module patches the authentication functions of a Cisco ASA to allow...
Pi3Web ISAPI Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi3Web ISAPI DoS', 'Description' = %q The Pi3Web HTTP server crashes when a request is made for an invalid DLL file in /isapi for versions 2.0.13...
Dolibarr Gather Credentials via SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dolibarr Gather Credentials via SQL Injection', 'Description' = %q This module enables an authenticated user to collect the usernames and encrypt...
WordPress WPLMS Theme Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress WPLMS Theme Privilege Escalation', 'Description' = %q The WordPress WPLMS theme from version 1.5.2 to 1.8.4.1 allows an authenticated...
IBM Tivoli Storage Manager FastBack Server Opcode 0x534 Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "IBM Tivoli Storage Manager FastBack Server Opcode 0x534 Denial of Service", 'Description' = %q This module exploits a denial of service condition...
Microsoft Windows Deployment Services Unattend Retrieval
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows Deployment Services Unattend Retrieval', 'Description' = %q This module retrieves the client unattend file from Windows...
SIP Deregister Extension
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SIP Deregister Extension', 'Description' = %q This module will attempt to deregister a SIP user from the provider. It has been tested successfull...
Linksys WRT120N TmUnblock Stack Buffer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linksys WRT120N tmUnblock Stack Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in the...
Atlassian Confluence Data Center And Server Authentication Bypass Via Broken Access Control
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control', 'Description' = %q This module exploits a broken...
HP ProCurve SNAC Domain Controller Credential Dumper
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'HP ProCurve SNAC Domain Controller Credential Dumper', 'Description' = %q This module will extract Domain Controller...
Drupal OpenID External Entity Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal OpenID External Entity Injection', 'Description' = %q This module abuses an XML External Entity Injection vulnerability on the OpenID modu...
NETGEAR ProSafe Network Management System 300 Authenticated File Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NETGEAR ProSafe Network Management System 300 Authenticated File Download', 'Description' = %q Netgear's ProSafe NMS300 is a network management...
OpenSSL Heartbeat (Heartbleed) Client Memory Exposure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSSL Heartbeat Heartbleed Client Memory Exposure', 'Description' = %q This module provides a fake SSL service that is intended to leak memory...
ISC DHCP Zero Length ClientID Denial of Service Module
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ISC DHCP Zero Length ClientID Denial of Service Module', 'Description' = %q This module performs a Denial of Service Attack against the ISC DHCP...
SMBLoris NBSS Denial of Service
!/usr/bin/env ruby require 'socket' require 'metasploit' require 'bindata' class NbssHeader ' , date: '2017-06-29', references: type: 'url', ref: 'https://web.archive.org/web/20170804072329/https://smbloris.com/' , type: 'aka', ref: 'SMBLoris' , type: 'dos', options: rhost: type: 'address',...
Cisco IOX XE Unauthenticated Command Line Interface (CLI) Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOX XE unauthenticated Command Line Interface CLI execution', 'Description' = %q This module leverages CVE-2023-20198 against vulnerable...
MS06-019 Exchange MODPROP Heap Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS06-019 Exchange MODPROP Heap Overflow', 'Description' = %q This module triggers a heap overflow vulnerability in MS Exchange that occurs when...
Solaris KCMS + TTDB Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solaris KCMS + TTDB Arbitrary File Read', 'Description' = %q This module targets a directory traversal vulnerability in the kcmsserver component...
ua-parser-js npm module ReDenial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ua-parser-js npm module ReDoS', 'Description' = %q This module exploits a Regular Expression Denial of Service vulnerability in the npm module...
WordPress WP GDPR Compliance Plugin Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress WP GDPR Compliance Plugin Privilege Escalation', 'Description' = %q The Wordpress GDPR Compliance plugin 'Mikey Veenstra WordFence',...
Huawei Datacard Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' class MetasploitModule /./i, 'Serial Number' = /./i, 'IMEI' = /./i, 'IMSI' = /./i, 'ICCID' = /./i, 'Hardware Version' = /./i, 'Software Version' = /./i,...
Advantech WebAccess 8.1 Post Authentication Credential Collector
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Advantech WebAccess 8.1 Post Authentication Credential Collector", 'Description' = %q This module allows you to log into Advantech WebAccess 8.1,...
Joomla weblinks-categories Unauthenticated SQL Injection / Arbtirary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Joomla weblinks-categories Unauthenticated SQL Injection Arbitrary File Read', 'Description' = %q Joomla versions 3.2.2 and below are vulnerable ...
Konica Minolta Password Extractor
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Konica Minolta Password Extractor', 'Description' = %q This module will extract FTP and SMB account usernames and passwords from Konica Minolta...
Oracle DB Privilege Escalation Via Function-Based Index
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB Privilege Escalation via Function-Based Index', 'Description' = %q This module will escalate an Oracle DB user to DBA by creating a...
Windows IIS HTTP Protocol Stack Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows IIS HTTP Protocol Stack DOS', 'Description' = %q This module exploits CVE-2021-31166, a UAF bug in http.sys when parsing specially crafte...
Cisco IOS Telnet Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOS Telnet Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the Cisco IOS telnet service...
MS12-020 Microsoft Remote Desktop Checker
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS12-020 Microsoft Remote Desktop Checker', 'Description' = %q This module checks a range of hosts for the MS12-020 vulnerability. This does not...