This Metasploit module can be used to discover DNS servers which expose recursive name lookups which can be used in an amplification attack against a third party.
17285bd944013475bf3599fa51a46a69e0a163f4332206b55107e864ee5d81c7This Metasploit module can be used to discover Portmapper services which can be used in an amplification DDoS attack against a third party.
bdabe3d28c58a0c5c0c4aadf615e446e320968fc421469ed98cd0602c6823fa5This Metasploit module simply attempts to bruteforce SAP BusinessObjects users by using CmcApp.
c7f2ccace6acca766972107fabec89a53c6bf09187f4ebd994b454f51654f936This Metasploit module tests whether a directory traversal vulnerability is present in versions of Cisco Network Access Manager 4.8.x You may wish to change FILE (e.g. passwd or hosts), MAXDIRS and RPORT depending on your environment.
5fe706c1e67a96195ca161533eed94ca089cf271b6402aefbee092000bf0ee4eThis Metasploit module attempts to brute-force a valid session token for the Syncovery File Sync and Backup Software Web-GUI by generating all possible tokens, for every second between DateTime.now and the given X day(s). By default today and yesterday (DAYS = 1) will be checked. If a valid session token is found, the module stops. The vulnerability exists, because in Syncovery session tokens are basically just base64(m/d/Y H:M:S) at the time of the login instead of a random token. If a user does not log out (Syncovery v8.x has no logout) session tokens will remain valid until reboot.
35774315caca7f89f98bfc845f009123bd6450981504bf93e08596306cfc0432This Metasploit module scans for Fortinet SSL VPN web login portals and performs login brute force to identify valid credentials.
9cff45fa6448a61d09c7bfca78543e51d98a8a25cd5a142166e055d3f899034fThis Metasploit module tests whether a directory traversal vulnerability is present in versions of TP-Link Access Point 3.12.16 Build 120228 Rel.37317n.
148ef1ffb97bb161777ed0d5206cdd5f46a22d9503b4d75f10173f1718d678e0This Metasploit module attempts to bruteforce the chinese caidao asp/php/aspx backdoor.
60088f8d003987fa40a7002f9f668383b9ab73531f528efc470f1246253bee90This Metasploit module gathers data from a Cisco device (router or switch) with the device manager web interface exposed. The HttpUsername and HttpPassword options can be used to specify authentication.
e515364a8b6d5188cc5064ca26061b454b46d79e2464b43c67ca62a9ea442319This Metasploit module exploits a directory traversal vulnerability which is present in Netgear SPH200D Skype telephone.
296b090de1a0b1c6c8f8e31f9ee0fbe9702722c43d2b8624d6001f8e19d9d16eEktron CMS400.NET is a web content management system based on .NET. This Metasploit module tests for installations that are utilizing default passwords set by the vendor. Additionally, it has the ability to brute force user accounts. Note that Ektron CMS400.NET, by default, enforces account lockouts for regular user account after a number of failed attempts.
e867081ce25f1500fcd90fd14704c451906cad6adeb1d11209918e5c4af73432This Metasploit module exploits blind XPATH 1.0 injections over HTTP GET requests.
651687bcd595b9f22e68c3c981e70f5fc4f0a88508ab6655dda370543c5b0161This Metasploit module checks if authentication is required on a Jupyter Lab or Notebook server. If it is, this module will bruteforce the password. Jupyter only requires a password to authenticate, usernames are not used. This Metasploit module is compatible with versions 4.3.0 (released 2016-12-08) and newer.
62eed4501dbdb5ebfaf3860a4748411c38cdd1cc4461cb86d4953081f1d57408This Metasploit module is based on ets HTTP Directory Scanner module, with one exception. Where authentication is required, it attempts to bypass authentication using the WebDAV IIS6 Unicode vulnerability discovered by Kingcope. The vulnerability appears to be exploitable where WebDAV is enabled on the IIS6 server, and any protected folder requires either Basic, Digest or NTLM authentication.
d48b3dd3c4c04a7b1bb169b3d1c6ad69659f24ec5a66227267626146fd55a9d3This Metasploit module attempts to bruteforce Typo3 logins.
e4411e063179526682951f0fc4db97882f2b3cad62d35ee43118a84671750880Multiple Adobe Products -- XML External Entity Injection. Affected Software: BlazeDS 3.2 and earlier versions, LiveCycle 9.0, 8.2.1, and 8.0.1, LiveCycle Data Services 3.0, 2.6.1, and 2.5.1, Flex Data Services 2.0.1, ColdFusion 9.0, 8.0.1, 8.0, and 7.0.2.
4524d9e4bc45f6daebac3d75aa85dc0f58771f37df264ba4104bf40beda45102This Metasploit module attempts to bruteforce SAP BusinessObjects users. The dswsbobje interface is only used to verify valid credentials for CmcApp. Therefore, any valid credentials that have been identified can be leveraged by logging into CmcApp.
5372edf67d1cb80a59332f2c751921d87682174c674cfe0c077795a451f61dceThis Metasploit module attempts to authenticate to a Dolibarr ERP/CRMs admin web interface, and should only work against version 3.1.1 or older, because these versions do not have any default protections against brute forcing.
d41bf234f652b296f874c2bf38bd949fde590e4df8c3dfc9b189088e55d21615This Metasploit module implements the mass SQL injection attack in use lately by concatenation of HTML string that forces a persistent XSS attack to redirect user browser to an attacker controller website.
66c7ad1c79601a84be4b088966757410f9c1cc2c6e3b7253cd22e3e84d90ed85This Metasploit module exploits a file disclosure vulnerability in the Accellion File Transfer appliance. This vulnerability is triggered when a user-provided statecode cookie parameter is appended to a file path that is processed as a HTML template. By prepending this cookie with directory traversal sequence and appending a NULL byte, any file readable by the web user can be exposed. The web user has read access to a number of sensitive files, including the system configuration and files uploaded to the appliance by users. This issue was confirmed on version FTA_9_11_200, but may apply to previous versions as well. This issue was fixed in software update FTA_9_11_210.
54b5d23c43a234a88b3e5e9d8345ae34b6dec9bf36741d5a1bc88d1cdf6813e5This Metasploit module performs a brute force attack in order to discover existing files on a server which uses mod_negotiation. If the filename is found, the IP address and the files found will be displayed.
638a8b6d72b49f87c0a2ab72893a63716f90074a32831600fada47f9fc05f255Scan for poorly configured reverse proxy servers. By default, this module attempts to force the server to make a request with an invalid domain name. Then, if the bypass is successful, the server will look it up and of course fail, then responding with a status code 502. A baseline status code is always established and if that baseline matches your test status code, the injection attempt does not occur. "set VERBOSE true" if you are paranoid and want to catch potential false negatives. Works best against Apache and mod_rewrite.
1a2aeb41e4bc8514346a4bbe493318a1c73ff9327c6e82b06a7a3c3f9105f36bThis Metasploit module simply attempts to enumerate SAP BusinessObjects users. The dswsbobje interface is only used to verify valid users for CmcApp. Therefore, any valid users that have been identified can be leveraged by logging into CmcApp.
e1bf994ca850f6a313db09140c97bef59a3a83e425503e455ae6e327c1516ddfThis Metasploit module exploits a directory traversal vulnerability present in the _list_file_get() function of Majordomo2 (help function). By default, this module will attempt to download the Majordomo config.pl file.
c4bb2d4ebd4a9e75580f9a5cc2da62b253b9f33f3649f38afc2598aee8c2d9c1This Metasploit module tries to identify unique virtual hosts hosted by the target web server.
08261c4bf0143e0854d3c619351a9f5b6242b7465c1d0622634759ab8be05d9f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed