This Metasploit module uses exploits a malicious backdoor that was added to the Unreal IRCD 3.2.8.1 download archive. This backdoor was present in the Unreal3.2.8.1.tar.gz archive between November 2009 and June 12th 2010.
52f914f7168fd04b82c913d02b7265643ee5d7402d40a96322c070c6b1569b32
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
da734592a7192747fd66c05459d27daeb3e49aea92dd5dadc3305a6b8ee081e8
This Metasploit module exploits a buffer overflow vulnerability in the LoadAniIcon() function in USER32.dll. The flaw can be triggered through Internet Explorer 6 and 7 by using the CURSOR style sheet directive to load a malicious .ANI file. The module can also exploit Mozilla Firefox by using a UNC path in a moz-icon URL and serving the .ANI file over WebDAV. The vulnerable code in USER32.dll will catch any exceptions that occur while the invalid cursor is loaded, causing the exploit to silently fail when the wrong target has been chosen. This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered, in the wild, by McAfee.
77a69a99c5c235c2339e0f087749f6b147c5953684914f6479b3edef34269f9a
This Metasploit module will execute an arbitrary payload against any system infected with the Arugizer trojan horse. This backdoor was shipped with the software package accompanying the Energizer Duo USB battery charger.
a1bf3f27171f32dee29233cb205cbdc4a03991a5c16306ba50e72d267e4f12e0
This Metasploit module exploits a memory corruption vulnerability within the Office Web Component Spreadsheet ActiveX control. This Metasploit module was based on an exploit found in the wild.
6d72596e2aa82e33821ee1c84cc5091c7a04974bce3fdbaf8797e51d53b96596
This Metasploit module exploits an out of bounds function table dereference in the SMB request validation code of the SRV2.SYS driver included with Windows Vista, Windows 7 release candidates (not RTM), and Windows 2008 Server prior to R2. Windows Vista without SP1 does not seem affected by this flaw.
de2b37c604aa41ff0e596df449f770135048223b2482bc370245289a93342173
This Metasploit module exploits a buffer overflow found in the /search/results.stm application that comes with Sambar 6. This code is a direct port of Andrew Griffiths's SMUDGE exploit, the only changes made were to the nops and payload. This exploit causes the service to die, whether you provided the correct target or not.
43d90184c1c0d9d0e9d3c5ac475582ad68fe7328316423ce9e487d6c5499f98b
This Metasploit module exploits a vulnerability in the data binding feature of Internet Explorer. In order to execute code reliably, this module uses the .NET DLL memory technique pioneered by Alexander Sotirov and Mark Dowd. This method is used to create a fake vtable at a known location with all methods pointing to our payload. Since the .text segment of the .NET DLL is non-writable, a prefixed code stub is used to copy the payload into a new memory segment and continue execution from there.
c7921d15e333daf28b7fef1fddc614a29a08d3a01e4604616b9e695146f13c61
This Metasploit module exploits a use after free vulnerability in Adobe Reader and Adobe Acrobat Professional versions up to and including 9.2.
db8a3aadb83130b870e5a70ed5ba3a3aafb3ba7ade242ba5744bcd8251b74f40
This Metasploit module exploits a use after free vulnerability in Adobe Reader and Adobe Acrobat Professional versions up to and including 9.2.
b1f8cfeb14bd0899045d104a6e8573a0f4d05407352329432a77e25d99ebb260
This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the flaw on Solaris SPARC systems that do not have the noexec stack option set. Big thanks to MC and valsmith for resolving a problem with the beta version of this module.
48fe6c9e19f75786c1b1abb6aa3114673fe6ce806ec1a7f209d21ef0aa51d85a
This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the bug on Mac OS X PowerPC systems.
0a81c70c55c5b626382aa3846753c3ac0bbcbc83db3ba6ea2a26b8367e01106c
This is an exploit for the Exchange 2000 heap overflow. Due to the nature of the vulnerability, this exploit is not very reliable. This Metasploit module has been tested against Exchange 2000 SP0 and SP3 running a Windows 2000 system patched to SP4. It normally takes between one and 100 connection attempts to successfully obtain a shell. This exploit is *very* unreliable.
26a51fce399b6448d8c4a7690d9c8391601cf7dd1c9478bdf2b4167db5d655ee
This Metasploit module exploits two arbitrary PHP code execution flaws in the phpBB forum system. The problem is that the 'highlight' parameter in the 'viewtopic.php' script is not verified properly and will allow an attacker to inject arbitrary code via preg_replace().
3a2382adc10594ee42ff1bd0b49855a630ee0af65a53e90bd2f33b29bcbe9542
The QuickTime Streaming Server contains a CGI script that is vulnerable to metacharacter injection, allow arbitrary commands to be executed as root.
87169439514fb0afb74e3cd42e5f97a61ab10eb7cfb959af7b8efa2b61313896
This Metasploit module exploits various php include vulnerabilities.
e357d04e020edf1f4d458c10f229063fd076425a03411ffdd5eba7edcc75455a
This Metasploit module exploits a metacharacter injection vulnerability in the FreeBSD and Solaris versions of the Zabbix agent. This flaw can only be exploited if the attacker can hijack the IP address of an authorized server (as defined in the configuration file).
e5f0f890d82d1ebacd0b8289ec44368a0492b00a6c37a1e9b2d6510aaa02d3da
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
a650778f7946a7f113acd716023978fd94f01325e9a4cf6342fb00ba3f6a2c0b
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
d9c8449f489efcce2ae006e4ed806ce911cb7fc671593232151ba25f8b098095
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
1c1f09545a58773c8a81cfab7351894a473484fa9530ddbc87125bf703ff941d
This Metasploit module exploits a vulnerability in the 3Com 3CDaemon FTP service. This package is being distributed from the 3Com web site and is recommended in numerous support documents. This Metasploit module uses the USER command to trigger the overflow.
815045260e465802c35cbda9285c0622bfe5f32298f8df68633b64d3f5a3b2a0
This Metasploit module exploits a buffer overflow vulnerability in the LoadAniIcon() function of USER32.dll. The flaw is triggered through Outlook Express by using the CURSOR style sheet directive to load a malicious .ANI file. This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered, in the wild, by McAfee.
ff5578fdfc8c36ccaad517474220f3b7300ff9d3ecf2bb352b81b0e1dffd7516
This Metasploit module exploits the chunked transfer integer wrap vulnerability in Apache version 1.2.x to 1.3.24. This particular module has been tested with all versions of the official Win32 build between 1.3.9 and 1.3.24. Additionally, it should work against most co-branded and bundled versions of Apache (Oracle 8i, 9i, IBM HTTPD, etc). You will need to use the Check() functionality to determine the exact target version prior to launching the exploit. The version of Apache bundled with Oracle 8.1.7 will not automatically restart, so if you use the wrong target value, the server will crash.
02caca0c3ef84c379c6053e31707b4b6389939755466b8435f5f2edee463d9f2
This Metasploit module exploits a heap overflow in the BakBone NetVault Process Manager service. This code is a direct port of the netvault.c code written by nolimit and BuzzDee.
abb3356d348f4bf759c98838cbffce838b11685877ba40eb30c6f1e41e563425
This Metasploit module exploits a vulnerability in the CA CAM service by passing a long parameter to the log_security() function. The CAM service is part of TNG Unicenter. This Metasploit module has been tested on Unicenter v3.1.
2e71c608702d8dee76a55a8cab4aa0945443a1bd14f03c3136a80c533883e398