This Metasploit module uses valid credentials to login to the WinRM service and execute a payload. It has two available methods for payload delivery: Powershell 2.0 and VBS CmdStager. The module will check if Powershell 2.0 is available, and if so uses that method. Otherwise it falls back to the VBS Cmdstager which is less stealthy. IMPORTANT: If targeting an x64 system with the Powershell method you MUST select an x64 payload. An x86 payload will never return.
058f6afb598d02e80da84c0e4ea89c3ba856e987c8c0b5e3601f4daf16120377
This Metasploit module exploits a buffer overflow vulnerability found in the PORT command in Turbo FTP Server versions 1.30.823 and 1.30.826, which results in remote code execution under the context of SYSTEM.
abb8df5bd9e6fe13f397d60912333dbe638be84ba39c6009e9215a03bc909d53
This Metasploit module exploits a stack buffer overflow in the site chmod command in versions of Serv-U FTP Server prior to 4.2. You must have valid credentials to trigger this vulnerability. Exploitation also leaves the service in a non-functional state.
6c1771fcd160c66448baf1b278f2e301aaf7d1815e249d6528222c340620cafe
This Metasploit module exploits an Authentication Bypass Vulnerability in RealVNC Server version 4.1.0 and 4.1.1. It sets up a proxy listener on LPORT and proxies to the target server The AUTOVNC option requires that vncviewer be installed on the attacking machine. This option should be disabled for Pro.
e04dfdae1c144c55bf3ae60b0db55de39d6d8b5d1ffc4b3506d87fa3c3c8e7c6
This Metasploit module finds saved login credentials for the SmartFTP FTP client for windows.
97b107bd7fae0d3b8837548d34dcb302caadedc2441c45782f6a0584dc945b8b
The Cforms II plugin for WordPress suffers from a CAPTCHA bypass vulnerability.
9651927202406b32b942c8788261677321fc3d2a584e0a29325ea269b6706946
Ricoh Aficio Web Image Monitor version 2.03 suffers from cross site scripting and redirection vulnerabilities.
9cb8a3f297c5e5664ca6551ba861cee32ff3b727dc04c87fa31e1cc0c6f6332f