Exploit Database

The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.


Displaying module details 161 - 170 of 3570 in total

NetBIOS Response "BadTunnel" Brute Force Spoof (NAT Tunnel) Exploit

Disclosed: June 14, 2016

This module listens for a NetBIOS name request and then continuously spams NetBIOS responses to a target for given hostname, causing the target to cache a malicious address for this name. On high-speed networks, the PPSRATE value should be increased to speed up this attack. As an example, a value of around 30,000 ...

ClamAV Remote Command Transmitter Exploit

Disclosed: June 08, 2016

In certain configurations, ClamAV will bind to all addresses and listen for commands. This module sends properly-formatted commands to the ClamAV daemon if it is in such a configuration.

Tiki-Wiki CMS Calendar Command Execution Exploit

Disclosed: June 06, 2016

Tiki-Wiki CMS's calendar module contains a remote code execution vulnerability within the viewmode GET parameter. The calendar module is NOT enabled by default. If enabled, the default permissions are set to NOT allow anonymous users to access. Vulnerable versions: <=14.1, <=12.4 LTS, <=9.10 LT...

Linux Kernel 4.6.3 Netfilter Privilege Escalation Exploit

Disclosed: June 03, 2016

This module attempts to exploit a netfilter bug on Linux Kernels before 4.6.3, and currently only works against Ubuntu 16.04 (not 16.04.1) with kernel 4.4.0-21-generic. Several conditions have to be met for successful exploitation: Ubuntu: 1. ip_tables.ko (ubuntu), iptable_raw (fedora) has to be ...

Poison Ivy 2.1.x C2 Buffer Overflow Exploit

Disclosed: June 03, 2016

This module exploits a stack buffer overflow in the Poison Ivy 2.1.x C&C server. The exploit does not need to know the password chosen for the bot/server communication.

Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution Exploit

Disclosed: June 01, 2016

This module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled.

ActiveMQ web shell upload Exploit

Disclosed: June 01, 2016

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request.

WordPress WP Mobile Detector 3.5 Shell Upload Exploit

Disclosed: May 31, 2016

WP Mobile Detector Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the /wp-content/plugins/wp-mobile-detector/resize.php script does contains a remote file include for files not cached by the system already. By uploading a .php file...

Magento 2.0.6 Unserialize Remote Code Execution Exploit

Disclosed: May 17, 2016

This module exploits a PHP object injection vulnerability in Magento 2.0.6 or prior.

Internet Explorer 11 VBScript Engine Memory Corruption Exploit

Disclosed: May 10, 2016

This module exploits the memory corruption vulnerability (CVE-2016-0189) present in the VBScript engine of Internet Explorer 11.