Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•371 views

LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' require 'rex/zip' class MetasploitModule 'LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator', 'Description' = 'Generates a Maliciou...

7.5CVSS6.9AI score0.78905EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•175 views

Apache Tapestry HMAC secret key leak

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Tapestry HMAC secret key leak', 'Description' = %q This exploit finds the HMAC secret key used in Java serialization by Apache Tapestry...

10CVSS7AI score0.94089EPSS
Exploits5
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•165 views

IBM Notes Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "IBM Notes Denial Of Service", 'Description' = %q This module exploits a vulnerability in the native browser that comes with IBM Lotus Notes. If...

6.5CVSS7AI score0.29222EPSS
Exploits10
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•305 views

Cablehaunt Cable Modem WebSocket Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'eventmachine' require 'faye/websocket' class MetasploitModule '"Cablehaunt" Cable Modem WebSocket DoS', 'Description' = %q There exists a buffer overflow...

9.3CVSS7.1AI score0.22924EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•166 views

Microsoft SQL Server Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server Command Execution', 'Description' = %q This module will execute a Windows command on a MSSQL/MSDE instance via the xpcmdshel...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•150 views

Monkey HTTPD Header Parsing Denial of Service (Denial of Service)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Monkey HTTPD Header Parsing Denial of Service DoS', 'Description' = %q This module causes improper header parsing that leads to a segmentation...

6.8CVSS7AI score0.20179EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•211 views

Chromecast YouTube Remote Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chromecast YouTube Remote Control', 'Description' = %q This module acts as a simple remote control for Chromecast YouTube. Only the deprecated DI...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•232 views

MiniUPnPd 1.4 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MiniUPnPd 1.4 Denial of Service DoS Exploit', 'Description' = %q This module allows remote attackers to cause a denial of service DoS in MiniUPnP...

7.8CVSS7.2AI score0.76396EPSS
Exploits8
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•183 views

Oracle Secure Backup Exec_qr() Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup execqr Command Injection Vulnerability', 'Description' = %q This module exploits a command injection vulnerability in Oracle...

10CVSS7AI score0.3857EPSS
Exploits9
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•159 views

Oracle DB 11g R1/R2 DBMS_JVM_EXP_PERMS OS Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB 11g R1/R2 DBMSJVMEXPPERMS OS Code Execution', 'Description' = %q This module exploits a flaw 0 day in DBMSJVMEXPPERMS package that allo...

6.5CVSS6.6AI score0.1125EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•150 views

MongoDB NoSQL Collection Enumeration Via Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MongoDB NoSQL Collection Enumeration Via Injection", 'Description' = %q This module can exploit NoSQL injections on MongoDB versions less than 2....

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•380 views

Lansweeper Credential Collector

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lansweeper Credential Collector', 'Description' = %q Lansweeper stores the credentials it uses to scan the computers in its Microsoft SQL databas...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•163 views

Apache ZooKeeper Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache ZooKeeper Information Disclosure', 'Description' = %q Apache ZooKeeper server service runs on TCP 2181 and by default, it is accessible...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•247 views

Microsoft IIS FTP Server LIST Stack Exhaustion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS FTP Server LIST Stack Exhaustion', 'Description' = %q This module triggers Denial of Service condition in the Microsoft Internet...

5CVSS7.4AI score0.82265EPSS
Exploits9
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•258 views

DNS Record Scanner and Enumerator

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DNS Record Scanner and Enumerator', 'Description' = %q This module can be used to gather information about a domain from a given DNS server by...

7AI score0.68535EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•186 views

Lantronix Telnet Password Recovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lantronix Telnet Password Recovery', 'Description' = %q This module retrieves the setup record from Lantronix serial-to-ethernet devices via the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•358 views

ScadaBR Credentials Dumper

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ScadaBR Credentials Dumper', 'Description' = %q This module retrieves credentials from ScadaBR, including service credentials and unsalted SHA1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•150 views

Oracle DB SQL Injection Via SYS.DBMS_METADATA.OPEN

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSMETADATA.OPEN', 'Description' = %q This module will escalate a Oracle DB user to DBA by exploiting an sql...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•1018 views

Windows Secrets Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rubysmb/dcerpc/client' class MetasploitModule Rex::Proto::Kerberos::Crypto::Encryption::DESCBCCRC, 3 = Rex::Proto::Kerberos::Crypto::Encryption::DESCBCMD5, 17 =...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•181 views

SerComm Device Configuration Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Web Management', 'user' = /httpusername=\S+/i, 'pass' = /httppassword=\S+/i , 'HTTP Web Management Login', 'user' = /loginusername=\S+/i,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•151 views

Ulterius Server File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ulterius Server File Download Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability in Ulterius Server 'Ric...

7.5CVSS7AI score0.91496EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•171 views

Misconfigured Certificate Template Finder

class MetasploitModule 'Misconfigured Certificate Template Finder', 'Description' = %q This module allows users to query a LDAP server for vulnerable certificate templates and will print these certificates out in a table along with which attack they are vulnerable to and the SIDs that can be used...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•174 views

Cross Platform Webkit File Dropper

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cross Platform Webkit File Dropper', 'Description' = %q This module exploits a XSLT vulnerability in Webkit to drop ASCII or UTF-8 files to the...

8.8CVSS7.4AI score0.43195EPSS
Exploits11
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•147 views

FortiOS Path Traversal Credential Gatherer

frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiOS Path Traversal Credential Gatherer', 'Description' = %q Fortinet FortiOS versions 5.4.6 to 5.4.12, 5.6.3 to 5.6...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•206 views

Telnet Service Encryption Key ID Overflow Detection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Telnet Service Encryption Key ID Overflow Detection', 'Description' = 'Detect telnet services vulnerable to the encrypt option Key ID overflow...

10CVSS7.1AI score0.95104EPSS
Exploits19
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•155 views

Microsoft SQL Server SUSER_SNAME Windows Domain Account Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SUSERSNAME Windows Domain Account Enumeration', 'Description' = %q This module can be used to bruteforce RIDs associated wit...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•156 views

Microsoft Plug and Play Service Registry Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Plug and Play Service Registry Overflow', 'Description' = %q This module triggers a stack buffer overflow in the Windows Plug and Play...

6.5CVSS7.4AI score0.63062EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•202 views

VxWorks WDB Agent Remote Reboot

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VxWorks WDB Agent Remote Reboot', 'Description' = %q This module provides the ability to reboot a VxWorks target through WDBRPC , 'Author' = 'hdm...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•143 views

Microsoft SQL Server Escalate EXECUTE AS

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server Escalate EXECUTE AS', 'Description' = %q This module can be used escalate privileges if the IMPERSONATION privilege has been...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•144 views

Roundcube TimeZone Authenticated File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Roundcube TimeZone Authenticated File Disclosure', 'Description' = %q Roundcube Webmail allows unauthorized access to arbitrary files on the host...

7.8CVSS7AI score0.42831EPSS
Exploits5
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•137 views

Schneider Modicon Ladder Logic Upload/Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Ladder Logic Upload/Download', 'Description' = %q The Schneider Modicon with Unity series of PLCs use Modbus function code 90...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•155 views

pSnuffle Packet Sniffer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework dsniff was helping me very often. Too bad that it doesn't work correctly anymore. Psnuffle should bring password sniffing into Metasploit local and if we get lucky even...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•167 views

XBMC Web Server Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "XBMC Web Server Directory Traversal", 'Description' = %q This module exploits a directory traversal bug in XBMC 11, up until the 2012-11-04 night...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•248 views

Oracle DB SQL Injection Via SYS.LT.ROLLBACKWORKSPACE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.ROLLBACKWORKSPACE', 'Description' = %q This module exploits a sql injection flaw in the ROLLBACKWORKSPACE...

5.5CVSS7AI score0.17865EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•169 views

Cisco Secure ACS Unauthorized Password Change

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Secure ACS Unauthorized Password Change', 'Description' = %q This module exploits an authentication bypass issue which allows arbitrary...

5CVSS7AI score0.1464EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•234 views

HP Data Protector 6.1 EXEC_CMD Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Data Protector 6.1 EXECCMD Command Execution', 'Description' = %q This module exploits HP Data Protector's omniinet process, specifically...

10CVSS7AI score0.81081EPSS
Exploits30
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•186 views

Apple TV Video Remote Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Apple TV Video Remote Control', 'Description' = %q This module plays a video on an AppleTV device. Note that AppleTV can be somewha...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•201 views

BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure', 'Description' = %q This module exploits a...

7.5CVSS7AI score0.80095EPSS
Exploits15
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•299 views

Native DNS Spoofer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Native DNS Spoofer Example', 'Description' = %q This module provides a Rex based DNS service to resolve queries intercepted via the capture mixin...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•503 views

Wordpress BookingPress bookingpress_front_get_category_services SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress BookingPress bookingpressfrontgetcategoryservices SQLi', 'Description' = %q The BookingPress WordPress plugin before 1.0.11 fails to...

9.8CVSS7AI score0.37171EPSS
Exploits11
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•339 views

NTP.org ntpd Reserved Mode Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP.org ntpd Reserved Mode Denial of Service', 'Description' = %q This module exploits a denial of service vulnerability within the NTP network...

6.4CVSS7.1AI score0.32288EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•179 views

Apache Rave User Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Rave User Information Disclosure', 'Description' = %q This module exploits an information disclosure in Apache Rave 0.20 and prior. The...

4CVSS7AI score0.7322EPSS
Exploits10
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•458 views

LDAP Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LDAP Information Disclosure', 'Description' = %q This module uses an anonymous-bind LDAP connection to dump data from an LDAP server. Searching f...

9.8CVSS9.6AI score0.90384EPSS
Exploits20
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•187 views

JBoss Seam 2 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBoss Seam 2 Remote Command Execution', 'Description' = %q JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for R...

8.8CVSS7.4AI score0.83397EPSS
Exploits8
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•160 views

General Electric D20 Password Recovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module grabs the device configuration from a GE D20M RTU and parses the usernames and passwords from it. class MetasploitModule 'General Electric D20 Password...

7.5CVSS7.1AI score0.09493EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•143 views

Sendmail SMTP Address prescan Memory Corruption

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sendmail SMTP Address prescan Memory Corruption', 'Description' = %q This is a proof of concept denial of service module for Sendmail versions...

10CVSS7AI score0.60185EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•149 views

WebEx Remote Command Execution Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebEx Remote Command Execution Utility', 'Description' = %q This module enables the execution of a single command as System by exploiting a remot...

7.8CVSS7AI score0.1602EPSS
Exploits14
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•154 views

Oracle TNS Listener SID Brute Forcer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle TNS Listener SID Brute Forcer', 'Description' = %q This module simply attempts to discover the protected SID. , 'Author' = 'MC' , 'License...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•261 views

Oracle TNS Listener SID Bruteforce

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle TNS Listener SID Bruteforce', 'Description' = %q This module queries the TNS listener for a valid Oracle database instance name also known...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•135 views

Sophos Web Protection Appliance Patience.cgi Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Sophos Web Protection Appliance patience.cgi Directory Traversal', 'Description' = %q This module abuses a directory traversal in...

5CVSS7AI score0.7099EPSS
Exploits10
Total number of security vulnerabilities50738