fb11 · March 7, 2018 14:13
diff --git a/2017_mstasploit b/2017_mstasploit
   auxiliary/admin/http/cnpilot_r_cmd_exec                                         normal     Cambium cnPilot r200/r201 Command Execution as 'root'
   auxiliary/admin/http/cnpilot_r_fpt                                              normal     Cambium cnPilot r200/r201 File Path Traversal
   auxiliary/admin/http/mantisbt_password_reset                   2017-04-16       normal     MantisBT password reset
   auxiliary/admin/http/pfadmin_set_protected_alias               2017-02-03       normal     Postfixadmin Protected Alias Deletion Vulnerability
   auxiliary/admin/http/ulterius_file_download                                     normal     Ulterius Server File Download Vulnerability
   auxiliary/admin/smb/ms17_010_command                           2017-03-14       normal     MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution
   auxiliary/dos/cisco/ios_telnet_rocem                           2017-03-17       normal     Cisco IOS Telnet Denial of Service
   auxiliary/dos/http/brother_debut_dos                           2017-11-02       normal     Brother Debut http Denial Of Service
   auxiliary/dos/http/ibm_lotus_notes                             2017-08-31       normal     IBM Notes encodeURI DOS
   auxiliary/dos/http/ibm_lotus_notes2                            2017-08-31       normal     IBM Notes Denial Of Service
   auxiliary/dos/rpc/rpcbomb                                                       normal     RPC DoS targeting *nix rpcbind/libtirpc
   auxiliary/gather/netgear_password_disclosure                                    normal     NETGEAR Administrator Password Disclosure
   auxiliary/gather/samsung_browser_sop_bypass                    2017-11-08       normal     Samsung Internet Browser SOP Bypass
   auxiliary/scanner/ftp/easy_file_sharing_ftp                    2017-03-07       normal     Easy File Sharing FTP Server 3.6 Directory Traversal
   auxiliary/scanner/http/apache_optionsbleed                     2017-09-18       normal     Apache Optionsbleed Scanner
   auxiliary/scanner/http/cnpilot_r_web_login_loot                                 normal     Cambium cnPilot r200/r201 Login Scanner and Config Dump
   auxiliary/scanner/http/dnalims_file_retrieve                   2017-03-08       normal     DnaLIMS Directory Traversal
   auxiliary/scanner/http/epmp1000_get_chart_cmd_exec                              normal     Cambium ePMP 1000 'get_chart' Command Injection (v3.1-3.5-RC7)
   auxiliary/scanner/http/epmp1000_reset_pass                                      normal     Cambium ePMP 1000 Account Password Reset
   auxiliary/scanner/http/intel_amt_digest_bypass                 2017-05-05       normal     Intel AMT Digest Authentication Bypass Scanner
   auxiliary/scanner/http/kodi_traversal                          2017-02-12       normal     Kodi 17.0 Local File Inclusion Vulnerability
   auxiliary/scanner/smb/smb_ms17_010                                              normal     MS17-010 SMB RCE Detection
   auxiliary/scanner/snmp/cnpilot_r_snmp_loot                                      normal     Cambium cnPilot r200/r201 SNMP Enumeration
   auxiliary/scanner/snmp/epmp1000_snmp_loot                                       normal     Cambium ePMP 1000 SNMP Enumeration
   auxiliary/scanner/ssl/bleichenbacher_oracle                    2009-06-17       normal     Scanner for Bleichenbacher Oracle in RSA PKCS #1 v1.5
   auxiliary/scanner/telnet/satel_cmd_exec                        2017-04-07       normal     Satel Iberia SenNet Data Logger and Electricity Meters Command Injection Vulnerability
   auxiliary/scanner/vnc/ard_root_pw                                               normal     Apple Remote Desktop Root Vulnerability
   auxiliary/scanner/wproxy/att_open_proxy                        2017-08-31       normal     Open WAN-to-LAN proxy on AT&T routers
   exploit/linux/http/denyall_waf_exec                            2017-09-19       excellent  DenyAll Web Application Firewall Remote Code Execution
   exploit/linux/http/dnalims_admin_exec                          2017-03-08       excellent  dnaLIMS Admin Module Command Execution
   exploit/linux/http/goahead_ldpreload                           2017-12-18       excellent  GoAhead Web Server LD_PRELOAD Arbitrary Module Load
   exploit/linux/http/kaltura_unserialize_cookie_rce              2017-09-12       excellent  Kaltura Remote PHP Code Execution over Cookie
   exploit/linux/http/linksys_wvbr0_user_agent_exec_noauth        2017-12-13       excellent  Linksys WVBR0-25 User-Agent Command Execution
   exploit/linux/http/netgear_dnslookup_cmd_exec                  2017-02-25       excellent  Netgear DGN2200 dnslookup.cgi Command Injection
   exploit/linux/http/samsung_srv_1670d_upload_exec               2017-03-14       good       Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload
   exploit/linux/http/supervisor_xmlrpc_exec                      2017-07-19       excellent  Supervisor XML-RPC Authenticated Remote Code Execution
   exploit/linux/http/symantec_messaging_gateway_exec             2017-04-26       excellent  Symantec Messaging Gateway Remote Code Execution
   exploit/linux/http/trend_micro_imsva_exec                      2017-01-15       excellent  Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution
   exploit/linux/http/ueb9_api_storage                            2017-08-08       excellent  Unitrends UEB 9 http api/storage remote root
   exploit/linux/http/wd_mycloud_multiupload_upload               2017-07-29       excellent  Western Digital MyCloud multi_uploadify File Upload Vulnerability
   exploit/linux/http/xplico_exec                                 2017-10-29       excellent  Xplico Remote Code Execution
   exploit/linux/local/juju_run_agent_priv_esc                    2017-04-13       excellent  Juju-run Agent Privilege Escalation
   exploit/linux/local/ntfs3g_priv_esc                            2017-01-05       good       Debian/Ubuntu ntfs-3g Local Privilege Escalation
   exploit/linux/local/vmware_alsa_config                         2017-05-22       excellent  VMware Workstation ALSA Config File Local Privilege Escalation
   exploit/linux/misc/quest_pmmasterd_bof                         2017-04-09       normal     Quest Privilege Manager pmmasterd Buffer Overflow
   exploit/linux/misc/ueb9_bpserverd                              2017-08-08       excellent  Unitrends UEB bpserverd authentication bypass RCE
   exploit/linux/samba/is_known_pipename                          2017-03-24       excellent  Samba is_known_pipename() Arbitrary Module Load
   exploit/multi/http/git_submodule_command_exec                  2017-08-10       excellent  Malicious Git HTTP Server For CVE-2017-1000117
   exploit/multi/http/ibm_openadmin_tool_soap_welcomeserver_exec  2017-05-30       excellent  IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution
   exploit/multi/http/mediawiki_syntaxhighlight                   2017-04-06       good       MediaWiki SyntaxHighlight extension option injection vulnerability
   exploit/multi/http/oracle_weblogic_wsat_deserialization_rce    2017-10-19       excellent  Oracle WebLogic wls-wsat Component Deserialization RCE
   exploit/multi/http/struts2_content_type_ognl                   2017-03-07       excellent  Apache Struts Jakarta Multipart Parser OGNL Injection
   exploit/multi/http/struts2_rest_xstream                        2017-09-05       excellent  Apache Struts 2 REST Plugin XStream RCE
   exploit/multi/http/tomcat_jsp_upload_bypass                    2017-10-03       excellent  Tomcat RCE via JSP Upload Bypass
   exploit/multi/local/magnicomp_sysinfo_mcsiwrapper_priv_esc     2016-09-23       excellent  MagniComp SysInfo mcsiwrapper Privilege Escalation
   exploit/unix/fileformat/ghostscript_type_confusion             2017-04-27       excellent  Ghostscript Type Confusion Arbitrary Command Execution
   exploit/unix/http/epmp1000_get_chart_cmd_shell                 2017-12-18       excellent  Cambium ePMP1000 'get_chart' Shell via Command Injection (v3.1-3.5-RC7)
   exploit/unix/webapp/phpcollab_upload_exec                      2017-09-29       excellent  phpCollab 2.5.1 Unauthenticated File Upload
   exploit/unix/webapp/tuleap_rest_unserialize_exec               2017-10-23       excellent  Tuleap 9.6 Second-Order PHP Object Injection
   exploit/windows/backupexec/ssl_uaf                             2017-05-10       normal     Veritas/Symantec Backup Exec SSL NDMP Connection Use-After-Free
   exploit/windows/browser/cisco_webex_ext                        2017-01-21       great      Cisco WebEx Chrome Extension RCE (CVE-2017-3823)
   exploit/windows/fileformat/cve_2017_8464_lnk_rce               2017-06-13       excellent  LNK Code Execution Vulnerability
   exploit/windows/fileformat/dupscout_xml                        2017-03-29       normal     Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow
   exploit/windows/fileformat/nitro_reader_jsapi                  2017-07-24       excellent  Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution
   exploit/windows/fileformat/office_word_hta                     2017-04-14       excellent  Microsoft Office Word Malicious Hta Execution
   exploit/windows/fileformat/syncbreeze_xml                      2017-03-29       normal     Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow
   exploit/windows/ftp/ayukov_nftp                                2017-10-21       normal     Ayukov NFTP FTP Client Buffer Overflow
   exploit/windows/http/geutebrueck_gcore_x64_rce_bo              2017-01-24       normal     Geutebrueck GCore - GCoreServer.exe Buffer Overflow RCE
   exploit/windows/iis/iis_webdav_scstoragepathfromurl            2017-03-26       manual      Microsoft IIS WebDav ScStoragePathFromUrl Overflow
   exploit/windows/local/cve_2017_8464_lnk_lpe                    2017-06-13       excellent  LNK Code Execution Vulnerability
   exploit/windows/local/razer_zwopenprocess                      2017-03-22       normal     Razer Synapse rzpnk.sys ZwOpenProcess
   exploit/windows/misc/hp_imc_dbman_restartdb_unauth_rce         2017-05-15       excellent  HPE iMC dbman RestartDB Unauthenticated RCE
   exploit/windows/misc/hp_imc_dbman_restoredbase_unauth_rce      2017-05-15       excellent  HPE iMC dbman RestoreDBase Unauthenticated RCE
   exploit/windows/scada/advantech_webaccess_webvrpcs_bof         2017-11-02       good       Advantech WebAccess Webvrpcs Service Opcode 80061 Stack Buffer Overflow
   exploit/windows/smb/ms17_010_eternalblue                       2017-03-14       average    MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
   exploit/windows/smb/ms17_010_psexec                            2017-03-14       normal     MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution
   post/hardware/automotive/pdt                                                    normal     Check For and Prep the Pyrotechnic Devices (Airbags, Battery Clamps, etc.)
	auxiliary/admin/http/cnpilot_r_cmd_exec normal Cambium cnPilot r200/r201 Command Execution as 'root'
	auxiliary/admin/http/cnpilot_r_fpt normal Cambium cnPilot r200/r201 File Path Traversal
	auxiliary/admin/http/mantisbt_password_reset 2017-04-16 normal MantisBT password reset
	auxiliary/admin/http/pfadmin_set_protected_alias 2017-02-03 normal Postfixadmin Protected Alias Deletion Vulnerability
	auxiliary/admin/http/ulterius_file_download normal Ulterius Server File Download Vulnerability
	auxiliary/admin/smb/ms17_010_command 2017-03-14 normal MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution
	auxiliary/dos/cisco/ios_telnet_rocem 2017-03-17 normal Cisco IOS Telnet Denial of Service
	auxiliary/dos/http/brother_debut_dos 2017-11-02 normal Brother Debut http Denial Of Service
	auxiliary/dos/http/ibm_lotus_notes 2017-08-31 normal IBM Notes encodeURI DOS
	auxiliary/dos/http/ibm_lotus_notes2 2017-08-31 normal IBM Notes Denial Of Service
	auxiliary/dos/rpc/rpcbomb normal RPC DoS targeting *nix rpcbind/libtirpc
	auxiliary/gather/netgear_password_disclosure normal NETGEAR Administrator Password Disclosure
	auxiliary/gather/samsung_browser_sop_bypass 2017-11-08 normal Samsung Internet Browser SOP Bypass
	auxiliary/scanner/ftp/easy_file_sharing_ftp 2017-03-07 normal Easy File Sharing FTP Server 3.6 Directory Traversal
	auxiliary/scanner/http/apache_optionsbleed 2017-09-18 normal Apache Optionsbleed Scanner
	auxiliary/scanner/http/cnpilot_r_web_login_loot normal Cambium cnPilot r200/r201 Login Scanner and Config Dump
	auxiliary/scanner/http/dnalims_file_retrieve 2017-03-08 normal DnaLIMS Directory Traversal
	auxiliary/scanner/http/epmp1000_get_chart_cmd_exec normal Cambium ePMP 1000 'get_chart' Command Injection (v3.1-3.5-RC7)
	auxiliary/scanner/http/epmp1000_reset_pass normal Cambium ePMP 1000 Account Password Reset
	auxiliary/scanner/http/intel_amt_digest_bypass 2017-05-05 normal Intel AMT Digest Authentication Bypass Scanner
	auxiliary/scanner/http/kodi_traversal 2017-02-12 normal Kodi 17.0 Local File Inclusion Vulnerability
	auxiliary/scanner/smb/smb_ms17_010 normal MS17-010 SMB RCE Detection
	auxiliary/scanner/snmp/cnpilot_r_snmp_loot normal Cambium cnPilot r200/r201 SNMP Enumeration
	auxiliary/scanner/snmp/epmp1000_snmp_loot normal Cambium ePMP 1000 SNMP Enumeration
	auxiliary/scanner/ssl/bleichenbacher_oracle 2009-06-17 normal Scanner for Bleichenbacher Oracle in RSA PKCS #1 v1.5
	auxiliary/scanner/telnet/satel_cmd_exec 2017-04-07 normal Satel Iberia SenNet Data Logger and Electricity Meters Command Injection Vulnerability
	auxiliary/scanner/vnc/ard_root_pw normal Apple Remote Desktop Root Vulnerability
	auxiliary/scanner/wproxy/att_open_proxy 2017-08-31 normal Open WAN-to-LAN proxy on AT&T routers
	exploit/linux/http/denyall_waf_exec 2017-09-19 excellent DenyAll Web Application Firewall Remote Code Execution
	exploit/linux/http/dnalims_admin_exec 2017-03-08 excellent dnaLIMS Admin Module Command Execution
	exploit/linux/http/goahead_ldpreload 2017-12-18 excellent GoAhead Web Server LD_PRELOAD Arbitrary Module Load
	exploit/linux/http/kaltura_unserialize_cookie_rce 2017-09-12 excellent Kaltura Remote PHP Code Execution over Cookie
	exploit/linux/http/linksys_wvbr0_user_agent_exec_noauth 2017-12-13 excellent Linksys WVBR0-25 User-Agent Command Execution
	exploit/linux/http/netgear_dnslookup_cmd_exec 2017-02-25 excellent Netgear DGN2200 dnslookup.cgi Command Injection
	exploit/linux/http/samsung_srv_1670d_upload_exec 2017-03-14 good Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload
	exploit/linux/http/supervisor_xmlrpc_exec 2017-07-19 excellent Supervisor XML-RPC Authenticated Remote Code Execution
	exploit/linux/http/symantec_messaging_gateway_exec 2017-04-26 excellent Symantec Messaging Gateway Remote Code Execution
	exploit/linux/http/trend_micro_imsva_exec 2017-01-15 excellent Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution
	exploit/linux/http/ueb9_api_storage 2017-08-08 excellent Unitrends UEB 9 http api/storage remote root
	exploit/linux/http/wd_mycloud_multiupload_upload 2017-07-29 excellent Western Digital MyCloud multi_uploadify File Upload Vulnerability
	exploit/linux/http/xplico_exec 2017-10-29 excellent Xplico Remote Code Execution
	exploit/linux/local/juju_run_agent_priv_esc 2017-04-13 excellent Juju-run Agent Privilege Escalation
	exploit/linux/local/ntfs3g_priv_esc 2017-01-05 good Debian/Ubuntu ntfs-3g Local Privilege Escalation
	exploit/linux/local/vmware_alsa_config 2017-05-22 excellent VMware Workstation ALSA Config File Local Privilege Escalation
	exploit/linux/misc/quest_pmmasterd_bof 2017-04-09 normal Quest Privilege Manager pmmasterd Buffer Overflow
	exploit/linux/misc/ueb9_bpserverd 2017-08-08 excellent Unitrends UEB bpserverd authentication bypass RCE
	exploit/linux/samba/is_known_pipename 2017-03-24 excellent Samba is_known_pipename() Arbitrary Module Load
	exploit/multi/http/git_submodule_command_exec 2017-08-10 excellent Malicious Git HTTP Server For CVE-2017-1000117
	exploit/multi/http/ibm_openadmin_tool_soap_welcomeserver_exec 2017-05-30 excellent IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution
	exploit/multi/http/mediawiki_syntaxhighlight 2017-04-06 good MediaWiki SyntaxHighlight extension option injection vulnerability
	exploit/multi/http/oracle_weblogic_wsat_deserialization_rce 2017-10-19 excellent Oracle WebLogic wls-wsat Component Deserialization RCE
	exploit/multi/http/struts2_content_type_ognl 2017-03-07 excellent Apache Struts Jakarta Multipart Parser OGNL Injection
	exploit/multi/http/struts2_rest_xstream 2017-09-05 excellent Apache Struts 2 REST Plugin XStream RCE
	exploit/multi/http/tomcat_jsp_upload_bypass 2017-10-03 excellent Tomcat RCE via JSP Upload Bypass
	exploit/multi/local/magnicomp_sysinfo_mcsiwrapper_priv_esc 2016-09-23 excellent MagniComp SysInfo mcsiwrapper Privilege Escalation
	exploit/unix/fileformat/ghostscript_type_confusion 2017-04-27 excellent Ghostscript Type Confusion Arbitrary Command Execution
	exploit/unix/http/epmp1000_get_chart_cmd_shell 2017-12-18 excellent Cambium ePMP1000 'get_chart' Shell via Command Injection (v3.1-3.5-RC7)
	exploit/unix/webapp/phpcollab_upload_exec 2017-09-29 excellent phpCollab 2.5.1 Unauthenticated File Upload
	exploit/unix/webapp/tuleap_rest_unserialize_exec 2017-10-23 excellent Tuleap 9.6 Second-Order PHP Object Injection
	exploit/windows/backupexec/ssl_uaf 2017-05-10 normal Veritas/Symantec Backup Exec SSL NDMP Connection Use-After-Free
	exploit/windows/browser/cisco_webex_ext 2017-01-21 great Cisco WebEx Chrome Extension RCE (CVE-2017-3823)
	exploit/windows/fileformat/cve_2017_8464_lnk_rce 2017-06-13 excellent LNK Code Execution Vulnerability
	exploit/windows/fileformat/dupscout_xml 2017-03-29 normal Dup Scout Enterprise v10.4.16 - Import Command Buffer Overflow
	exploit/windows/fileformat/nitro_reader_jsapi 2017-07-24 excellent Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution
	exploit/windows/fileformat/office_word_hta 2017-04-14 excellent Microsoft Office Word Malicious Hta Execution
	exploit/windows/fileformat/syncbreeze_xml 2017-03-29 normal Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow
	exploit/windows/ftp/ayukov_nftp 2017-10-21 normal Ayukov NFTP FTP Client Buffer Overflow
	exploit/windows/http/geutebrueck_gcore_x64_rce_bo 2017-01-24 normal Geutebrueck GCore - GCoreServer.exe Buffer Overflow RCE
	exploit/windows/iis/iis_webdav_scstoragepathfromurl 2017-03-26 manual Microsoft IIS WebDav ScStoragePathFromUrl Overflow
	exploit/windows/local/cve_2017_8464_lnk_lpe 2017-06-13 excellent LNK Code Execution Vulnerability
	exploit/windows/local/razer_zwopenprocess 2017-03-22 normal Razer Synapse rzpnk.sys ZwOpenProcess
	exploit/windows/misc/hp_imc_dbman_restartdb_unauth_rce 2017-05-15 excellent HPE iMC dbman RestartDB Unauthenticated RCE
	exploit/windows/misc/hp_imc_dbman_restoredbase_unauth_rce 2017-05-15 excellent HPE iMC dbman RestoreDBase Unauthenticated RCE
	exploit/windows/scada/advantech_webaccess_webvrpcs_bof 2017-11-02 good Advantech WebAccess Webvrpcs Service Opcode 80061 Stack Buffer Overflow
	exploit/windows/smb/ms17_010_eternalblue 2017-03-14 average MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
	exploit/windows/smb/ms17_010_psexec 2017-03-14 normal MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution
	post/hardware/automotive/pdt normal Check For and Prep the Pyrotechnic Devices (Airbags, Battery Clamps, etc.)
No results found