Nmap Development mailing list archives
New VA Modules: MSF: 85
From: New VA Module Alert Service <postmaster () insecure org>
Date: Fri, 26 Dec 2014 10:00:15 +0000 (UTC)
This report describes any new scripts/modules/exploits added to Nmap, Metasploit, Nessus, and OpenVAS since yesterday. == Metasploit modules (85) == ca15d2d8 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/pandorafms_sqli.rb Pandora FMS version <= 5.0 SP2 Remote Code Execution 4ca11c08 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/cisco_ssl_vpn_priv_esc.rb Cisco ASA SSL VPN Privilege Escalation Vulnerability f956c8d9 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/multi/manage/shell_to_meterpreter.rb Shell to Meterpreter Upgrade 056fc149 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/cisco_ssl_vpn_priv_esc.rb Cisco ASA SSL VPN Privilege Escalation Vulnerability 10713dd4 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/windows/gather/enum_ad_users_to_wordlist.rb Windows Gather Words from Active Directory b770745e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/encoders/cmd/echo.rb Echo Command Encoder b770745e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/encoders/cmd/perl.rb Perl Command Encoder fc6f5005 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/local/desktop_linux_privilege_escalation.rb Desktop Linux Password Stealer and Privilege Escalation 052327b9 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/local/desktop_privilege_escalation.rb Desktop Linux Password Stealer and Privilege Escalation 299d9afa https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/centreon_sqli_exec.rb Centreon SQL and Command Injection d328b2c2 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/http/trackit_file_upload.rb Numara / BMC Track-It! FileStorageService Arbitrary File Upload 7dbfa19e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/trackit_sql_domain_creds.rb BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure 24286885 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/webapp/joomla_akeeba_exec.rb Joomla / Akeeba Kickstart Remote Code Execution 472985a8 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/buffalo_login.rb Buffalo NAS Login Utility 6092e840 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/misc/hp_data_protector_exec_integutil.rb HP Data Protector EXEC_INTEGUTIL Remote Code Execution 22aabc78 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/oracle/tnspoison_checker.rb Poison Oracle TNS Listener 85e6febe https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/multi/gather/lastpass_creds.rb LastPass Master Password Extractor e4064279 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/ms14_060_sandworm.rb MS14-060 Microsoft Windows OLE Package Manager Code Execution bf92769b https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/mssql/mssql_escalate_dbowner_sqli.rb Microsoft SQL Server - Escalate Db_Owner - SQLi 0ede70e7 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/cups_bash_env_exec.rb CUPS Filter Bash Environment Variable Code Injection c991c5e3 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/encoders/cmd/generic_sh.rb Generic Shell Variable Substitution Command Encoder 4e6f6176 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/webapp/joomla_akeeba_unserialize.rb Joomla Akeeba Kickstart Unserialize Remote Code Execution 70b13819 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/mybook_live_login.rb Western Digital MyBook Live Login Utility a75186d7 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/local/ms14_058_track_popup_menu.rb Windows TrackPopupMenu Win32k NULL Pointer Dereference d66dc889 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/x7chat2_php_exec.rb The X7 Group X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution f119abbf https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/praedasploit/xerox_workcentre_5XXX_ldap.rb Xerox workcentre 5735 LDAP credential extractor 0b225d94 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/praedasploit/xerox_pwd_extract.rb Xerox Administrator Console Password Extract 64c206fa https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/server/wget_symlink_file_write.rb GNU Wget FTP Symlink Arbitrary Filesystem Access 9021e4da https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/misc/xerox_mfp.rb Xerox reverse shell 0e42cf25 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/xerox_workcentre_5XXX_ldap.rb Xerox workcentre 5735 LDAP service redential extractor b17d6a66 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/xerox_pwd_extract.rb Xerox Administrator Console Password Extract 9d56f029 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/xerox_workcentre_5xxx_ldap.rb Xerox workcentre 5735 LDAP service redential extractor ac939325 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/freebsd/misc/citrix_netscaler_bof.rb Citrix NetScaler Buffer Overflow 88040fbc https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/android_object_tag_webview_uxss.rb Android Open Source Platform (AOSP) Browser UXSS 8fdea5f7 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/freebsd/misc/citrix_netscaler_soap_bof.rb Citrix NetScaler SOAP Handler Remote Code Execution e3ed7905 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/server/tnftp_savefile.rb tnftp "savefile" Arbitrary Command Execution d9f0a107 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/udp_scanner_template.rb UDP Scanner Example fbe3adcb https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/mssql/mssql_escalate_executeas.rb Microsoft SQL Server - Escalate EXECUTE AS 56a02fdb https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/mssql/mssql_escalate_executeas_sqli.rb Microsoft SQL Server - SQLi Escalate Execute As e71ba1ad https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/eventlog_cred_disclosure.rb ManageEngine Eventlog Analyzer Managed Hosts Administrator Credential Disclosure c08993a9 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/visual_mining_netcharts_upload.rb Visual Mining NetCharts Server Remote Code Execution 2843437c https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/manageengine_pmp_sadmin.rb ManageEngine Password Manager Pro Super Administrator Account Creation and Password DB Retrieval 143033f6 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/manageengine_pmp_privesc.rb ManageEngine Password Manager Pro Super Administrator Account Creation and Password DB Retrieval 5d176370 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/mantisbt_php_exec.rb MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability 9d848c8c https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/vpn/tincd_bof.rb Tincd Post-Authentication Remote TCP Stack Buffer Overflow 74344e92 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/mssql/mssql_enum_sql_logins.rb Microsoft SQL Server - Enumerate SQL Logins cac64944 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/mssql/mssql_escalate_execute_as.rb Microsoft SQL Server - Escalate EXECUTE AS 7e05f883 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/udp_scanner_template.rb UDP Scanner Example c35dc2e6 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/ms14_064_packager_run_as_admin.rb MS14-064 Microsoft Windows OLE Package Manager Code Execution e1164d3e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/mssql/mssql_escalate_execute_as_sqli.rb Microsoft SQL Server - SQLi Escalate Execute As 8689b0ad https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/android/browser/samsung_knox_smdm_url.rb Samsung Galaxy Knox Android Root Browser Exploit 529f749a https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/windows/recon/outbound_ports.rb Windows Outbound-Filering Rules 07a1653e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/quake/server_info.rb Gather Quake Server Information e25b6145 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/ms14_064_packager_python.rb MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python 681ae8ce https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/stagers/python/reverse_http.rb Python Reverse HTTP Stager f729a6cf https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/multi/gather/remmina_creds.rb UNIX Gather Remmina Credentials 7a2b7208 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/windows/gather/outlook.rb Windows gather/search Outlook e-mailmessages 8c34f35c https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/mssql/mssql_enum_windows_domain_accounts.rb Microsoft SQL Server SUSER_SNAME Windows Domain Account Enumeration 703e0486 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/dlsw/dlsw_leak_capture.rb Cisco DLSw information leak d78d57ea https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/spoof/cisco/viproy_cdp.rb CDP Discovery and Spoofing 7e93d890 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/spoof/cisco/cdp.rb CDP Discovery and Spoofing a718e6f8 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/misc/hikvision_rtsp_bof.rb Hikvision DVR RTSP Request Remote Code Execution 8306d739 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/smtp/smtp_ntlm_domain.rb SMTP NTLM Domain Extraction ab49d01a https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/kademlia/server_info.rb Gather Kademlia Server Information 08a67d78 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ms14_064_ole_code_execution.rb Windows OLE Automation Array Remote Code Execution 7164c4e0 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/mssql/mssql_enum_domain_accounts.rb Microsoft SQL Server SUSER_SNAME Windows Domain Account Enumeration 71669b9f https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/windows/gather/enum_ad_to_wordlist.rb Windows Active Directory Wordlist Builder 4bd579bc https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/mssql/mssql_enum_domain_accounts_sqli.rb Microsoft SQL Server - SQLi SUSER_SNAME Domain Account Enumeration 7a3fb121 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/osx/local/iokit_keyboard_root.rb Mac OS X IOKit Keyboard Driver Root Privilege Escalation 6ceb4761 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/pandora_fms_sqli.rb Pandora FMS SQLi Remote Code Execution f5633ba3 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/windows/format_all_drives.rb Shellcode Of Death f8dc366f https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/wildfly_8_traversal.rb WildFly 8 (JBossAS) Directory Traversal 2fb38ec7 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/netflow_file_download.rb ManageEngine NetFlow Analyzer Arbitrary File Download e4b3ee28 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/wildfly_traversal.rb WildFly 8 (JBossAS) Directory Traversal 55b8d672 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/webapp/wp_downloadmanager_upload.rb Wordpress Download Manager (download-manager) Unauthenticated File Upload 42744e56 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/webapp/actualanalyzer_ant_cookie_exec.rb ActualAnalyzer 'ant' Cookie Command Execution 4abfb84c https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/jboss_deploymentfilerepository.rb JBoss JMX Console DeploymentFileRepository WAR Upload and Deployment 700ccc71 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/webapp/tuleap_unserialize_exec.rb Tuleap unserialize() PHP Code Execution f37dc13a https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/bmc_trackit_passwd_reset.rb BMC TrackIt! Unauthenticated Arbitrary Local User Password Change 22c9db58 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/ssh/detect_kippo.rb Kippo SSH Honeypot Detector 6c825292 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/bmc_trackit_passwd_reset.rb BMC TrackIt! Unauthenticated Arbitrary Local User Password Change 751bc7a3 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/bmc_trackit_passwd_reset.rb BMC TrackIt! Unauthenticated Arbitrary Local User Password Change 2e94280c https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/bmc_trackit_passwd_reset.rb BMC TrackIt! Unauthenticated Arbitrary Local User Password Change 8d2bd74d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/allegro_rompager_misfortune_cookie.rb Allegro Software RomPager 'Misfortune Cookie' (CVE-2014-9222) Scanner c0fa8c0e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/stagers/windows/bind_hidden_tcp.rb Hidden Bind TCP Stager _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: MSF: 85 New VA Module Alert Service (Dec 26)