Exploit Database

The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.


Displaying module details 251 - 260 of 3570 in total

Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability) Exploit

Disclosed: August 22, 2015

This module will bypass Windows UAC by utilizing the missing .manifest on the script host cscript/wscript.exe binaries.

ManageEngine ServiceDesk Plus Arbitrary File Upload Exploit

Disclosed: August 20, 2015

This module exploits a file upload vulnerability in ManageEngine ServiceDesk Plus. The vulnerability exists in the FileUploader servlet which accepts unauthenticated file uploads. This module has been tested successfully on versions v9 b9000 - b9102 in Windows and Linux. The MSP versions do not expose the vulnerable servlet.

WordPress Symposium Plugin SQL Injection Exploit

Disclosed: August 18, 2015

This module exploits a SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress, which allows remote attackers to extract credentials via the size parameter to get_album_item.php.

CMS Bolt File Upload Vulnerability Exploit

Disclosed: August 17, 2015

Bolt CMS contains a flaw that allows an authenticated remote attacker to execute arbitrary PHP code. This module was tested on version 2.2.4.

Mac OS X "tpwn" Privilege Escalation Exploit

Disclosed: August 16, 2015

This module exploits a null pointer dereference in XNU to escalate privileges to root. Tested on 10.10.4 and 10.10.5.

Android Stagefright MP4 tx3g Integer Overflow Exploit

Disclosed: August 13, 2015

This module exploits an integer overflow vulnerability in the Stagefright Library (libstagefright.so). The vulnerability occurs when parsing specially crafted MP4 files. While a wide variety of remote attack vectors exist, this particular exploit is designed to work within an HTML5 compliant browser. Exploitati...

PCMAN FTP Server Buffer Overflow - PUT Command Exploit

Disclosed: August 07, 2015

This module exploits a buffer overflow vulnerability found in the PUT command of the PCMAN FTP v2.0.7 Server. This requires authentication but by default anonymous credentials are enabled.

AppLocker Execution Prevention Bypass Exploit

Disclosed: August 03, 2015

This module will generate a .NET service executable on the target and utilize InstallUtil to run the payload bypassing the AppLocker protection. Currently only the InstallUtil method is provided, but future methods can be added easily.

Hak5 WiFi Pineapple Preconfiguration Command Injection Exploit

Disclosed: August 01, 2015

This module exploits a command injection vulnerability on WiFi Pineapples version 2.0 <= pineapple < 2.4. We use a combination of default credentials with a weakness in the anti-csrf generation to achieve command injection on fresh pineapple devices prior to configuration. Additionally if default credentials fail, you can enabl...

Hak5 WiFi Pineapple Preconfiguration Command Injection Exploit

Disclosed: August 01, 2015

This module exploits a login/csrf check bypass vulnerability on WiFi Pineapples version 2.0 <= pineapple < 2.4. These devices may typically be identified by their SSID beacons of 'Pineapple5_....'; Provided as part of the TospoVirus workshop at DEFCON23.