This Metasploit module will test FTP logins on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access.
65e04ec1ca6df75366ef90e58cffc41dcbaf3395a13653f08ad81ab38759c904This Metasploit module attempts to authenticate to a locked Koyo DirectLogic PLC. The PLC uses a restrictive passcode, which can be A0000000 through A9999999. The "A" prefix can also be changed by the administrator to any other character, which can be set through the PREFIX option of this module. This Metasploit module is based on the original koyobrute.rb Basecamp module from DigitalBond.
aec78b92195bf4c9c28e103cf974f233901b700547dfefd61da7b7042b020860This Metasploit module attempts to bruteforce the SID on the Oracle application server iSQL*Plus login pages. It does this by testing Oracle error responses returned in the HTTP response. Incorrect username/pass with a correct SID will produce an Oracle ORA-01017 error. Works against Oracle 9.2, 10.1 and 10.2 iSQL*Plus. This Metasploit module will attempt to fingerprint the version and automatically select the correct POST request.
43ed00b533fa9fa67f34d41215d2bfb5042a798ae610c8ddddbae41d921c2719The EtherNet/IP CIP protocol allows a number of unauthenticated commands to a PLC which implements the protocol. This Metasploit module implements the CPU STOP command, as well as the ability to crash the Ethernet card in an affected device. This Metasploit module is based on the original ethernetip-multi.rb Basecamp module from DigitalBond.
887d7ca941da90893389c8d56d690e8e44325dff76f8eba61e9b105f62a0c3e5The Schneider Modicon with Unity series of PLCs use Modbus function code 90 (0x5a) to send and receive ladder logic. The protocol is unauthenticated, and allows a rogue host to retrieve the existing logic and to upload new logic. Two modes are supported: "SEND" and "RECV," which behave as one might expect -- use set mode ACTIONAME to use either mode of operation. In either mode, FILENAME must be set to a valid path to an existing file (for SENDing) or a new file (for RECVing), and the directory must already exist. The default, modicon_ladder.apx is a blank ladder logic file which can be used for testing. This Metasploit module is based on the original modiconstux.rb Basecamp module from DigitalBond.
e5568f7609da41c1b5a99aaa7d319bbcc02872f0370b9fe227d271b21a9b5d97The Schneider Modicon with Unity series of PLCs use Modbus function code 90 (0x5a) to perform administrative commands without authentication. This Metasploit module allows a remote user to change the state of the PLC between STOP and RUN, allowing an attacker to end process control by the PLC. This Metasploit module is based on the original modiconstop.rb Basecamp module from DigitalBond.
b1ab2b6cc51066fbc4e2694146c089e9ffe0bd212d9fdf2475b47cf4afabb543The Schneider Modicon Quantum series of Ethernet cards store usernames and passwords for the system in files that may be retrieved via backdoor access. This Metasploit module is based on the original modiconpass.rb Basecamp module from DigitalBond.
c8e98263aef5c597ea77667625a93e2b0b4a28b1287956030c4b4e2bdb3f8294This Metasploit module attempts to authenticate against an Oracle RDBMS instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. Due to a bug in nmap versions 6.50-7.80 may not work.
935c3cc284b489b3842030b9f0161273d8c501d3709235f70534870951e06649This Metasploit module takes advantage of a Same-Origin Policy (SOP) bypass vulnerability in the Samsung Internet Browser, a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up.
d84c00616d548716b9414d5a60ebf17fd0c1065bb413ce49d1a747e954c01fc0This Metasploit module exploits a denial of service vulnerability in Juniper Networks JunOS router operating system. By sending a TCP packet with TCP option 101 set, an attacker can cause an affected router to reboot.
08cdfbd242df275e59eddfc4bc6b02c08584e7f50c6f6577a3ecd7ea5c272711When Ruby attempts to convert a string representation of a large floating point decimal number to its floating point equivalent, a heap-based buffer overflow can be triggered. This Metasploit module has been tested successfully on a Ruby on Rails application using Ruby version 1.9.3-p448 with WebRick and Thin web servers, where the Rails application crashes with a segfault error. Other versions of Ruby are reported to be affected.
2d1198655520ca701328d30ac959c34844102b92bdc9874522f9945cc8f352d4This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL versions 5.5.9 and below, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE: This Metasploit module will leave a payload executable on the target system when the attack is finished, as well as the UDF DLL, and will define or redefine sys_eval() and sys_exec() functions.
e271ecc64a4930d48b45420b13646e62bddc742c830913aff948fcd6de464829This Metasploit module takes advantage of a Same-Origin Policy (SOP) bypass vulnerability in the Samsung Internet Browser, a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up.
453452b6c39fc4137d17372c00e57358247a6b6b2880964c69ec6f1e59572af4This Metasploit module exploits the fact that Ceragon ships a public/private key pair on FibeAir IP-10 devices that allows passwordless authentication to any other IP-10 device. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "mateidu" user.
3ffda87a127eecead37db406771d24d73a3f8fb62c5608cc9113f96992bf3bc3Ceragon FibeAir IP-10 suffers from an SSH private key exposure vulnerability.
768dfecfdbbc1cece9dc248bd3f46e0b6f857da272a00ca6029519bf8127e833The InfoSec Southwest 2015 Call For Papers has been announced. The conference will be held April 11th through April 12th, 2015 in Austin, Texas.
5f14ffe6e76678c0e63364b8dddcbf079f37ac0b1175373472a9f801fa2f74c6The InfoSec Southwest 2014 Call For Papers has been announced. The conference will be held April 4th through April 6th, 2014 in Austin, Texas.
339a930fc5b597160bf708c5dda8c237525d45a61ee405ab1c0dbb30e4ec22a5The InfoSec Southwest 2013 Call For Papers has been announced. The conference will be held April 19th through April 21st, 2013 in Austin, Texas.
51ec6c86768fa02faf2fab8106b35205cc39eec539f4ba9056a46a2481c3fcc3Remote OS fingerprinting tool written in Perl that analyzes the retransmission timeout lengths of a TCP handshake to detect remote operating systems.
dc7fea5649186770394de79bc8fc28fa6fed9514e07f2a48476faa5d4e2dd950
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed