This Metasploit module quickly fires up a web server that serves the payload in powershell. The provided command will start powershell and then download and execute the payload. The IEX command can also be extracted to execute directly from powershell. The main purpose of this module is to quickly establish a session on a target machine when the attacker has to manually type in the command himself, e.g. RDP Session, Local Access or maybe Remote Command Exec. This attack vector does not write to disk so is unlikely to trigger AV solutions and will allow to attempt local privilege escalations supplied by meterpreter etc. You could also try your luck with social engineering. Ensure the payload architecture matches the target computer or use SYSWOW64 powershell.exe to execute x86 payloads on x64 machines.
3df7ddc32fd686c31c096c385be3456948866192543e5796efa9d470ac552386This Metasploit module exploits an authenticated command injection vulnerability in the Mutiny appliance. Versions prior to 4.5-1.12 are vulnerable. In order to exploit the vulnerability the mutiny user must have access to the admin interface. The injected commands are executed with root privileges. This Metasploit module has been tested successfully on Mutiny 4.2-1.05.
1fad7a31c0a752bd14f7e1935025f6ba0a7fc35ef4c925b7202c07a9fca02a4a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed