exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

Files from Ramella Sebastien

First Active2019-07-15
Last Active2021-12-09
Microsoft Office Word MSHTML Remote Code Execution
Posted Dec 9, 2021
Authored by LockedByte, Ramella Sebastien, thesunRider, klezVirus | Site metasploit.com

This Metasploit module creates a malicious docx file that when opened in Word on a vulnerable Windows system will lead to code execution. This vulnerability exists because an attacker can craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine.

tags | exploit, code execution, activex
systems | windows
advisories | CVE-2021-40444
SHA-256 | fcc3f4d138a7fb7352da3e6cb2038a1b4776153656e84bcdef4857dab28eac23
Apache 2.4.49 / 2.4.50 Traversal / Remote Code Execution
Posted Oct 25, 2021
Authored by Dhiraj Mishra, Ramella Sebastien, Ash Daulton | Site metasploit.com

This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands. This vulnerability has been reintroduced in the Apache 2.4.50 fix (CVE-2021-42013).

tags | exploit, remote, arbitrary, cgi, root, code execution
advisories | CVE-2021-41773, CVE-2021-42013
SHA-256 | a75779abdd3a9f2a319a34c0efbba4f95b420f39624081c3a13752641b7c8d6d
Microsoft Exchange ProxyShell Remote Code Execution
Posted Aug 20, 2021
Authored by Spencer McIntyre, Orange Tsai, wvu, Ramella Sebastien, Jang, PeterJson, brandonshi123 | Site metasploit.com

This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker to bypass the authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote code execution. By taking advantage of this vulnerability, you can execute arbitrary commands on the remote Microsoft Exchange Server. This vulnerability affects Exchange 2013 CU23 versions before 15.0.1497.15, Exchange 2016 CU19 versions before 15.1.2176.12, Exchange 2016 CU20 versions before 15.1.2242.5, Exchange 2019 CU8 versions before 15.2.792.13, and Exchange 2019 CU9 versions before 15.2.858.9.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2021-31207, CVE-2021-34473, CVE-2021-34523
SHA-256 | b555cd3b9862ec567195ff3003e6dc453483630a7c663ee17d582778c11dbf59
Microsoft Exchange ProxyLogon Collector
Posted May 21, 2021
Authored by Ramella Sebastien | Site metasploit.com

This Metasploit module scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin by chaining this bug with another post-auth arbitrary-file-write vulnerability to get code execution. As a result, an unauthenticated attacker can execute arbitrary commands on Microsoft Exchange Server. This vulnerability affects Exchange 2013 versions below 15.00.1497.012, Exchange 2016 CU18 below 15.01.2106.013, Exchange 2016 CU19 below 15.01.2176.009, Exchange 2019 CU7 below 15.02.0721.013, and Exchange 2019 CU8 below 15.02.0792.010 . All components are vulnerable by default.

tags | exploit, arbitrary, code execution, info disclosure
advisories | CVE-2021-26855, CVE-2021-27065
SHA-256 | 585a4badc4bc32954c170e5f8283ee5e2c9ceb31c4f0aab20e24dc5c6ff31912
Citrix ADC NetScaler Local File Inclusion
Posted Nov 13, 2020
Authored by Donny Maasland, Ramella Sebastien | Site metasploit.com

This Metasploit module exploits a local file inclusion vulnerability in Citrix ADC Netscaler.

tags | exploit, local, file inclusion
advisories | CVE-2020-8193, CVE-2020-8195, CVE-2020-8196
SHA-256 | 70dc89253162a6b119c3d606f6c3f8993ac2cf75090d967905fead6d2ddd4d90
Centreon 19.10.5 Pollers Remote Command Execution
Posted Feb 4, 2020
Authored by Ramella Sebastien, Fabien Aunay, Omri Baso | Site metasploit.com

This Metasploit module exploits a Centreon version 19.10.5 Pollers remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 3823f489d80ba96f9daa51e9c9ad49970827297fc04995a65e690613f8eb0684
Citrix ADC (NetScaler) Directory Traversal / Remote Code Execution
Posted Jan 14, 2020
Authored by Ramella Sebastien, Project Zero India | Site metasploit.com

This Metasploit module exploits a directory traversal in Citrix Application Delivery Controller (ADC), aka NetScaler, and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0, to execute an arbitrary command payload.

tags | exploit, arbitrary
advisories | CVE-2019-19781
SHA-256 | 0f0c8e65ca7fee56037d7ddffc1e77aeffb0987b8111f2b772dbffe0b1b1fb89
Citrix Application Delivery Controller / Gateway 10.5 Remote Code Execution
Posted Jan 13, 2020
Authored by Ramella Sebastien | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in Citrix Application Delivery Controller and Gateway version 10.5.

tags | exploit, remote, code execution
advisories | CVE-2019-19781
SHA-256 | bec68a9167966887bfc41632126f3582e09608bebf23999be1ca53bae2414759
Microsoft Windows RDP BlueKeep Denial Of Service
Posted Jul 15, 2019
Authored by Ramella Sebastien

Microsoft Windows Remote Desktop BlueKeep denial of service exploit.

tags | exploit, remote, denial of service
systems | windows
advisories | CVE-2019-0708
SHA-256 | fd14625fe2ae16af44ddb6f7a27ab38b1fdc86ac051a831939a1eb569a859ea5
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close