This Metasploit module exploits the vulnerability in mrxdav.sys described by MS16-016. The module will spawn a process on the target system and elevate it's privileges to NT AUTHORITY\SYSTEM before executing the specified payload within the context of the elevated process.
e24a8e1576709a98239c9285822b5b942b6fa9f480df031f0d2f8071ad7bc1bcThis Metasploit module exploits a remote code execution vulnerability in the inline request processor of the Ruby on Rails ActionPack component. This vulnerability allows an attacker to process ERB to the inline JSON processor, which is then rendered, permitting full RCE within the runtime, without logging an error condition.
d2de2c6b1bb4cb5ee53de8e0c3f1d39c69fd1da76899559c6c2efabc0fe0d5bb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed