Search the Community
Showing results for tags 'module'.
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initialize(info = {}) super(update_info(info, 'Name' => 'Airties login-cgi Buffer Overflow', 'Description' => %q{ This module exploits a remote buffer overflow vulnerability on several Airties routers. The vulnerability exists in the handl
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Powershell include Msf::Exploit::Remote::BrowserExploitServer def initialize(info={}) super(update_info(info, 'Name' => 'Adobe Flash Player domainMemory ByteArray Use After Free', 'Description' => %q{ This module exploits a use-after-free vulnerability in Adobe Flash Player. The vuln
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Powershell include Msf::Exploit::Remote::BrowserExploitServer def initialize(info={}) super(update_info(info, 'Name' => 'Adobe Flash Player NetConnection Type Confusion', 'Description' => %q{ This module exploits a type confusion vulnerability in the NetConnection class on Adobe Flas
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ManualRanking include Msf::Exploit::Remote::SMB::Server::Share def initialize(info={}) super(update_info(info, 'Name' => 'Group Policy Script Execution From Shared Resource', 'Description' => %q{ This is a general-purpose module for exploiting systems with Windows Group Policy configured to load VBS startup/logon scripts from remote
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Powershell include Msf::Exploit::Remote::BrowserExploitServer def initialize(info={}) super(update_info(info, 'Name' => 'Adobe Flash Player copyPixelsToByteArray Integer Overflow', 'Description' => %q{ This module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Powershell include Msf::Exploit::Remote::BrowserExploitServer def initialize(info={}) super(update_info(info, 'Name' => 'Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory', 'Description' => %q{ This module exploits an unintialized memory vulnerability in Adobe Flash Player. Th
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::HTTP::Wordpress include Msf::Exploit::FileDropper def initialize(info = {}) super(update_info(info, 'Name' => 'WordPress WPshop eCommerce Arbitrary File Upload Vulnerability', 'Description' => %q{ This module exploits an arbitrary file upload in the WordPress WPshop eCommerce plugin from version 1.3
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::HTTP::Wordpress include Msf::Exploit::FileDropper def initialize(info = {}) super(update_info(info, 'Name' => 'Wordpress InBoundio Marketing PHP Upload Vulnerability', 'Description' => %q{ This module exploits an arbitrary file upload in the WordPress InBoundio Marketing version 2.0. It allows to up
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Powershell include Msf::Exploit::Remote::BrowserExploitServer def initialize(info={}) super(update_info(info, 'Name' => 'Adobe Flash Player ByteArray With Workers Use After Free', 'Description' => %q{ This module exploits an use after free vulnerability in Adobe Flash Player. The vul
-
This Metasploit module exploits the shellshock vulnerability in apache cgi. It allows you to execute any metasploit payload you want. ## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE def initialize(info = {}) super(update_info(info, 'Name' => 'Shellshock Bashed CGI RCE', 'Description' => %q{ This module e
-
- cgi
- metasploit
-
(and 3 more)
Tagged with:
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::FILEFORMAT def initialize(info = {}) super(update_info(info, 'Name' => 'Publish-It PUI Buffer Overflow (SEH)', 'Description' => %q{ This module exploits a stack based buffer overflow in Publish-It when processing a specially crafted .PUI file. This vulnerability could be exploited by a remo
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::FILEFORMAT include Msf::Exploit::EXE attr_accessor :dll_base_name attr_accessor :exploit_dll_base_name def initialize(info = {}) super(update_info(info, 'Name' => 'Microsoft Windows Shell LNK Code Execution', 'Description' => %q{ This module exploits a vulnerability in the MS10-046 patch to abuse (ag
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::EXE include Msf::Exploit::FILEFORMAT include Msf::Exploit::Remote::SMB::Server::Share attr_accessor :exploit_dll_name def initialize(info = {}) super(update_info(info, 'Name' => 'Microsoft Windows Shell LNK Code Execution', 'Description' => %q{ This module exploits a vulnerability in the MS10-046 pat
-
Product Description The newly-upgraded Power Data Recovery 6.8 is added with support for dozens of RAW file types including *.m4v, *.3g2, *.wtv, *.wrf, *.pps, *.dps and 4096-byte-sector-based hard drive. Unlike other data recovery software, MiniTool Power Data Recovery is an all in one data recovery software for home and business users. It can recover deleted data from the Windows Recycle Bin, restore lost data, even if the partition is formatted or deleted, restore data from a corrupted hard drive, virus infection, unexpected system shutdown or software failure. It supports IDE, SATA, SCSI, U
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp include Msf::Exploit::Remote::SMB::Server::Share include Msf::Exploit::EXE def initialize(info={}) super(update_info(info, 'Name' => 'HP Data Protector 8.10 Remote Command Execution', 'Description' => %q{ This module exploits a remote command execution on HP Data Protector 8.10. Arbit
-
This is a general-purpose module for exploiting conditions where a HTTP request triggers a DLL load from an specified SMB share. This Metasploit module serves payloads as DLLs over an SMB service and allows an arbitrary HTTP URL to be called that would trigger the load of the DLL. ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ManualRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::SMB::Server::Sha
-
Advisory: Stored XSS-Vulnerabilities in MyBB v. 1.8.3 Advisory ID: SROEADV-2015-15 Author: Steffen Rösemann Affected Software: MyBB v. 1.8.3 Vendor URL: http://www.mybb.com Vendor Status: patched CVE-ID: - ========================== Vulnerability Description: ========================== MyBB v. 1.8.3 suffers from multiple stored XSS-vulnerabilities in the administrative backend. ================== Technical Details: ================== The stored XSS-vulnerabilities can be found in different modules in the following locations of a common MyBB installation: ====================== Module "con
-
Using a combination of vulnerabilities in the Google Play store and the Android stock browser, attackers can install malicious apps remotely on some Android devices. The attack is the result of a failure on the part of Google’s Play Store Web application to completely enforce the X-Frame-Options header, a common defense against clickjacking and other attacks. Researchers at Rapid7 discovered that combining that weakness with an XSS flaw in another area of the Play Store, or a universal XSS in some Android browsers can allow an attacker to install and launch apps. Developers at the Metasploit P
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::EXE include Msf::Exploit::Remote::HttpServer VERSION_REGEX = /\/v2\/(mbam|mbae)\/consumer\/version.chk/ EXE_REGEX = /\/v2\/(mbam|mbae)\/consumer\/data\/(mbam|mbae)-setup-(.*)\.exe/ NEXT_VERSION = { mbam: '2.0.3.1025', mbae: '1.04.1.1012' } def initialize(info = {}) super(update_info(info, 'Name' => 'Malwareby
- 1 reply
-
- def
- malwarebytes
-
(and 3 more)
Tagged with:
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Local Rank = GoodRanking include Msf::Post::File include Msf::Post::Windows::Priv include Msf::Exploit::Powershell def initialize(info={}) super(update_info(info, { 'Name' => 'MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape', 'Description' => %q{ This module abuses a process creation policy in Internet Explorer's sandbox, spe
-
The Regin malware platform used to steal secrets from government agencies, banks and GSM network operators caught the attention of security experts who called it one of the most advanced attack platforms that has been studied, surpassing Flame, Duqu, even Stuxnet. Researchers at Kaspersky Lab said Regin could be tuned to attack large organizations or even individuals, pointing out that noted cryptographer Jean Jacques Quisquater was one of its first public victims. Today, details about a pair of Regin modules were released by Kaspersky’s Global Research and Analysis Team, one module used for l
-
This module abuses the "install/upgrade.php" component on vBulletin 4.1+ and 4.5+ to create a new administrator account, as exploited in the wild on October 2013. This module has been tested successfully on vBulletin 4.1.5 and 4.1.0. Module Name auxiliary/admin/http/vbulletin_upgrade_admin Authors Unknown juan vazquez <juan.vazquez [at] metasploit.com> References URL: https://rstforums.com/forum/76476-dangerous-vbulletin-exploit-wild.rst URL: Dangerous vBulletin exploit in the wild URL: Potential vBulletin Exploit (vBulletin 4.1+, vBulletin 5+) - vBulletin Community F
- 1 reply
-
- administrator
- creation
-
(and 3 more)
Tagged with: