Exploit Database

The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.


Displaying module details 1 - 10 of 3677 in total

DHCP Client Command Injection (DynoRoot) Exploit

Disclosed: May 15, 2018

This module exploits the DynoRoot vulnerability, a flaw in how the NetworkManager integration script included in the DHCP client in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier processes DHCP options. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could u...

LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator Exploit

Disclosed: May 01, 2018

Generates a Malicious ODT File which can be used with auxiliary/server/capture/smb or similar to capture hashes.

osCommerce Installer Unauthenticated Code Execution Exploit

Disclosed: April 30, 2018

If the /install/ directory was not removed, it is possible for an unauthenticated attacker to run the "install_4.php" script, which will create the configuration file for the installation. This allows the attacker to inject PHP code into the configuration file and execute it.

Metasploit msfd Remote Code Execution Exploit

Disclosed: April 11, 2018

Metasploit's msfd-service makes it possible to get a msfconsole-like interface over a TCP socket. If this socket is accessible on a remote interface, an attacker can execute commands on the victim's machine. If msfd is running with higher privileges than the current local user, this module can also be used for privilege ...

Metasploit msfd Remote Code Execution via Browser Exploit

Disclosed: April 11, 2018

Metasploit's msfd-service makes it possible to get a msfconsole-like interface over a TCP socket. This module connects to the msfd-socket through the victim's browser. To execute msfconsole-commands in JavaScript from a web application, this module places the payload in the POST-data. These POST-requests can be sen...

Steamed Hams Exploit

Disclosed: April 01, 2018

but it's a Metasploit Module

Drupal Drupalgeddon 2 Forms API Property Injection Exploit

Disclosed: March 28, 2018

This module exploits a Drupal property injection in the Forms API. Drupal 6.x, < 7.58, 8.2.x, < 8.3.9, < 8.4.6, and < 8.5.1 are vulnerable.

Mac OS X APFS Encrypted Volume Password Disclosure Exploit

Disclosed: March 21, 2018

This module exploits a flaw in OSX 10.13 through 10.13.3 that discloses the passwords of encrypted APFS volumes. In OSX a normal user can use the 'log' command to view the system logs. In OSX 10.13 to 10.13.2 when a user creates an encrypted APFS volume the password is visible in plaintext within these logs.

Etcd Version Scanner Exploit

Disclosed: March 16, 2018

This module connections to etcd API endpoints, typically on 2379/TCP, and attempts to obtain the version of etcd.

Etcd Keys API Information Gathering Exploit

Disclosed: March 16, 2018

This module queries the etcd API to recursively retrieve all of the stored key value pairs. Etcd by default does not utilize authentication.