Exploit Database

The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.

Displaying module details 241 - 250 of 3743 in total

Panda Security PSEvents Privilege Escalation Exploit

Disclosed: June 27, 2016

PSEvents.exe within several Panda Security products runs hourly with SYSTEM privileges. When run, it checks a user writable folder for certain DLL files, and if any are found they are automatically run. Vulnerable Products: Panda Global Protection 2016 (<=16.1.2) Panda Antivirus Pro 2016 (<=16.1.2) ...

Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution Exploit

Disclosed: June 27, 2016

This module exploits three separate vulnerabilities found in the Riverbed SteelCentral NetProfiler/NetExpress virtual appliances to obtain remote command execution as the root user. A SQL injection in the login form can be exploited to add a malicious user into the application's database. An attacker can then exploit a co...

phpMyAdmin Authenticated Remote Code Execution Exploit

Disclosed: June 23, 2016

phpMyAdmin 4.0.x before, 4.4.x before, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace impleme...

SugarCRM REST Unserialize PHP Code Execution Exploit

Disclosed: June 23, 2016

This module exploits a PHP Object Injection vulnerability in SugarCRM CE <= 6.5.23 which could be abused to allow unauthenticated users to execute arbitrary PHP code with the permissions of the webserver. The dangerous unserialize() call exists in the '/service/core/REST/SugarRestSerialize.php' script. The exploit abuses ...

JSON Swagger CodeGen Parameter Injector Exploit

Disclosed: June 23, 2016

This module generates an Open API Specification 2.0 (Swagger) compliant json document that includes payload insertion points in parameters. In order for the payload to be executed, an attacker must convince someone to generate code from a specially modified swagger.json file within a vulnerable swagger-codgen app...

NetBIOS Response "BadTunnel" Brute Force Spoof (NAT Tunnel) Exploit

Disclosed: June 14, 2016

This module listens for a NetBIOS name request and then continuously spams NetBIOS responses to a target for given hostname, causing the target to cache a malicious address for this name. On high-speed networks, the PPSRATE value should be increased to speed up this attack. As an example, a value of around 30,000 ...

ClamAV Remote Command Transmitter Exploit

Disclosed: June 08, 2016

In certain configurations, ClamAV will bind to all addresses and listen for commands. This module sends properly-formatted commands to the ClamAV daemon if it is in such a configuration.

Tiki-Wiki CMS Calendar Command Execution Exploit

Disclosed: June 06, 2016

Tiki-Wiki CMS's calendar module contains a remote code execution vulnerability within the viewmode GET parameter. The calendar module is NOT enabled by default. If enabled, the default permissions are set to NOT allow anonymous users to access. Vulnerable versions: <=14.1, <=12.4 LTS, <=9.10 LT...

Poison Ivy 2.1.x C2 Buffer Overflow Exploit

Disclosed: June 03, 2016

This module exploits a stack buffer overflow in the Poison Ivy 2.1.x C&C server. The exploit does not need to know the password chosen for the bot/server communication.

Linux Kernel 4.6.3 Netfilter Privilege Escalation Exploit

Disclosed: June 03, 2016

This module attempts to exploit a netfilter bug on Linux Kernels before 4.6.3, and currently only works against Ubuntu 16.04 (not 16.04.1) with kernel 4.4.0-21-generic. Several conditions have to be met for successful exploitation: Ubuntu: 1. ip_tables.ko (ubuntu), iptable_raw (fedora) has to be ...