50738 matches found
LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' require 'rex/zip' class MetasploitModule 'LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator', 'Description' = 'Generates a Maliciou...
Apache Tapestry HMAC secret key leak
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Tapestry HMAC secret key leak', 'Description' = %q This exploit finds the HMAC secret key used in Java serialization by Apache Tapestry...
IBM Notes Denial Of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "IBM Notes Denial Of Service", 'Description' = %q This module exploits a vulnerability in the native browser that comes with IBM Lotus Notes. If...
Cablehaunt Cable Modem WebSocket Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'eventmachine' require 'faye/websocket' class MetasploitModule '"Cablehaunt" Cable Modem WebSocket DoS', 'Description' = %q There exists a buffer overflow...
Microsoft SQL Server Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server Command Execution', 'Description' = %q This module will execute a Windows command on a MSSQL/MSDE instance via the xpcmdshel...
Monkey HTTPD Header Parsing Denial of Service (Denial of Service)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Monkey HTTPD Header Parsing Denial of Service DoS', 'Description' = %q This module causes improper header parsing that leads to a segmentation...
Chromecast YouTube Remote Control
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chromecast YouTube Remote Control', 'Description' = %q This module acts as a simple remote control for Chromecast YouTube. Only the deprecated DI...
MiniUPnPd 1.4 Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MiniUPnPd 1.4 Denial of Service DoS Exploit', 'Description' = %q This module allows remote attackers to cause a denial of service DoS in MiniUPnP...
Oracle Secure Backup Exec_qr() Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup execqr Command Injection Vulnerability', 'Description' = %q This module exploits a command injection vulnerability in Oracle...
Oracle DB 11g R1/R2 DBMS_JVM_EXP_PERMS OS Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB 11g R1/R2 DBMSJVMEXPPERMS OS Code Execution', 'Description' = %q This module exploits a flaw 0 day in DBMSJVMEXPPERMS package that allo...
MongoDB NoSQL Collection Enumeration Via Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MongoDB NoSQL Collection Enumeration Via Injection", 'Description' = %q This module can exploit NoSQL injections on MongoDB versions less than 2....
Lansweeper Credential Collector
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lansweeper Credential Collector', 'Description' = %q Lansweeper stores the credentials it uses to scan the computers in its Microsoft SQL databas...
Apache ZooKeeper Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache ZooKeeper Information Disclosure', 'Description' = %q Apache ZooKeeper server service runs on TCP 2181 and by default, it is accessible...
Microsoft IIS FTP Server LIST Stack Exhaustion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS FTP Server LIST Stack Exhaustion', 'Description' = %q This module triggers Denial of Service condition in the Microsoft Internet...
DNS Record Scanner and Enumerator
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DNS Record Scanner and Enumerator', 'Description' = %q This module can be used to gather information about a domain from a given DNS server by...
Lantronix Telnet Password Recovery
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lantronix Telnet Password Recovery', 'Description' = %q This module retrieves the setup record from Lantronix serial-to-ethernet devices via the...
ScadaBR Credentials Dumper
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ScadaBR Credentials Dumper', 'Description' = %q This module retrieves credentials from ScadaBR, including service credentials and unsalted SHA1...
Oracle DB SQL Injection Via SYS.DBMS_METADATA.OPEN
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSMETADATA.OPEN', 'Description' = %q This module will escalate a Oracle DB user to DBA by exploiting an sql...
Windows Secrets Dump
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rubysmb/dcerpc/client' class MetasploitModule Rex::Proto::Kerberos::Crypto::Encryption::DESCBCCRC, 3 = Rex::Proto::Kerberos::Crypto::Encryption::DESCBCMD5, 17 =...
SerComm Device Configuration Dump
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Web Management', 'user' = /httpusername=\S+/i, 'pass' = /httppassword=\S+/i , 'HTTP Web Management Login', 'user' = /loginusername=\S+/i,...
Ulterius Server File Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ulterius Server File Download Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability in Ulterius Server 'Ric...
Misconfigured Certificate Template Finder
class MetasploitModule 'Misconfigured Certificate Template Finder', 'Description' = %q This module allows users to query a LDAP server for vulnerable certificate templates and will print these certificates out in a table along with which attack they are vulnerable to and the SIDs that can be used...
Cross Platform Webkit File Dropper
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cross Platform Webkit File Dropper', 'Description' = %q This module exploits a XSLT vulnerability in Webkit to drop ASCII or UTF-8 files to the...
FortiOS Path Traversal Credential Gatherer
frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiOS Path Traversal Credential Gatherer', 'Description' = %q Fortinet FortiOS versions 5.4.6 to 5.4.12, 5.6.3 to 5.6...
Telnet Service Encryption Key ID Overflow Detection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Telnet Service Encryption Key ID Overflow Detection', 'Description' = 'Detect telnet services vulnerable to the encrypt option Key ID overflow...
Microsoft SQL Server SUSER_SNAME Windows Domain Account Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SUSERSNAME Windows Domain Account Enumeration', 'Description' = %q This module can be used to bruteforce RIDs associated wit...
Microsoft Plug and Play Service Registry Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Plug and Play Service Registry Overflow', 'Description' = %q This module triggers a stack buffer overflow in the Windows Plug and Play...
VxWorks WDB Agent Remote Reboot
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VxWorks WDB Agent Remote Reboot', 'Description' = %q This module provides the ability to reboot a VxWorks target through WDBRPC , 'Author' = 'hdm...
Microsoft SQL Server Escalate EXECUTE AS
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server Escalate EXECUTE AS', 'Description' = %q This module can be used escalate privileges if the IMPERSONATION privilege has been...
Roundcube TimeZone Authenticated File Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Roundcube TimeZone Authenticated File Disclosure', 'Description' = %q Roundcube Webmail allows unauthorized access to arbitrary files on the host...
Schneider Modicon Ladder Logic Upload/Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Ladder Logic Upload/Download', 'Description' = %q The Schneider Modicon with Unity series of PLCs use Modbus function code 90...
pSnuffle Packet Sniffer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework dsniff was helping me very often. Too bad that it doesn't work correctly anymore. Psnuffle should bring password sniffing into Metasploit local and if we get lucky even...
XBMC Web Server Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "XBMC Web Server Directory Traversal", 'Description' = %q This module exploits a directory traversal bug in XBMC 11, up until the 2012-11-04 night...
Oracle DB SQL Injection Via SYS.LT.ROLLBACKWORKSPACE
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.ROLLBACKWORKSPACE', 'Description' = %q This module exploits a sql injection flaw in the ROLLBACKWORKSPACE...
Cisco Secure ACS Unauthorized Password Change
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Secure ACS Unauthorized Password Change', 'Description' = %q This module exploits an authentication bypass issue which allows arbitrary...
HP Data Protector 6.1 EXEC_CMD Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Data Protector 6.1 EXECCMD Command Execution', 'Description' = %q This module exploits HP Data Protector's omniinet process, specifically...
Apple TV Video Remote Control
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Apple TV Video Remote Control', 'Description' = %q This module plays a video on an AppleTV device. Note that AppleTV can be somewha...
BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure', 'Description' = %q This module exploits a...
Native DNS Spoofer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Native DNS Spoofer Example', 'Description' = %q This module provides a Rex based DNS service to resolve queries intercepted via the capture mixin...
Wordpress BookingPress bookingpress_front_get_category_services SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress BookingPress bookingpressfrontgetcategoryservices SQLi', 'Description' = %q The BookingPress WordPress plugin before 1.0.11 fails to...
NTP.org ntpd Reserved Mode Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP.org ntpd Reserved Mode Denial of Service', 'Description' = %q This module exploits a denial of service vulnerability within the NTP network...
Apache Rave User Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Rave User Information Disclosure', 'Description' = %q This module exploits an information disclosure in Apache Rave 0.20 and prior. The...
LDAP Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LDAP Information Disclosure', 'Description' = %q This module uses an anonymous-bind LDAP connection to dump data from an LDAP server. Searching f...
JBoss Seam 2 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBoss Seam 2 Remote Command Execution', 'Description' = %q JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for R...
General Electric D20 Password Recovery
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module grabs the device configuration from a GE D20M RTU and parses the usernames and passwords from it. class MetasploitModule 'General Electric D20 Password...
Sendmail SMTP Address prescan Memory Corruption
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sendmail SMTP Address prescan Memory Corruption', 'Description' = %q This is a proof of concept denial of service module for Sendmail versions...
WebEx Remote Command Execution Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebEx Remote Command Execution Utility', 'Description' = %q This module enables the execution of a single command as System by exploiting a remot...
Oracle TNS Listener SID Brute Forcer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle TNS Listener SID Brute Forcer', 'Description' = %q This module simply attempts to discover the protected SID. , 'Author' = 'MC' , 'License...
Oracle TNS Listener SID Bruteforce
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle TNS Listener SID Bruteforce', 'Description' = %q This module queries the TNS listener for a valid Oracle database instance name also known...
Sophos Web Protection Appliance Patience.cgi Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Sophos Web Protection Appliance patience.cgi Directory Traversal', 'Description' = %q This module abuses a directory traversal in...