Vulnerability & Exploit Database

Back to search

DarkComet Server Remote File Download Exploit

This module exploits an arbitrary file download vulnerability in the DarkComet C&C server versions 3.2 and up. The exploit does not need to know the password chosen for the bot/server communication.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

auxiliary/gather/darkcomet_filedownloader

Authors

  • Shawn Denbow & Jesse Hertz
  • Jos Wetzels

References

Platforms

  • windows

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use auxiliary/gather/darkcomet_filedownloader msf auxiliary(darkcomet_filedownloader) > show actions ...actions... msf auxiliary(darkcomet_filedownloader) > set ACTION <action-name> msf auxiliary(darkcomet_filedownloader) > show options ...show and set options... msf auxiliary(darkcomet_filedownloader) > run