-
## Summary
CVSS 9.8 allows unauthenticated account takeover on wordpress. Looks like a pretty fun exploit, you auth bypass, then do an account password reset, then view the logs to pull out the URL…
-
## Input file
I expected that the `Style/StringConcatenation` auto-correct wouldn't change any characters with the following input:
```ruby
$ cat example.rb
query
-
I have created a payload using @Metasploit with the help of MSF Venom. When you open this payload, it requests permissions to access various things. If you grant permission, the payload runs. This is…
-
# Idea:
While testing and merging https://github.com/rapid7/metasploit-framework/pull/6954 with @wvu-r7 , I noticed that we require length in all exploits. That does not make a lot of sense for many…
-
Based on the documentation here: https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/payload/windows/shell/reverse_ord_tcp.md
I should be doing this right, but the result…
-
If you'd like to propose a feature, describe what you'd like to see. Mock ups of console views would be great.
If you're reporting a bug, please be sure to include the expected behavior, the observed…
-
Hello, I am trying to use other shellcode but it will appear 'Can't handle code ambiguity. Aborting...' and cmd.exe stops without responding. Is shellcode limited to the two provided? Or What are the…
-
Hi Metasploit development team,
OS:
Kali Linux
Version
Framework Version: 4.13.14-dev (installed via apt-get ...)
I used below commands and parameters:
First:
```
root@kali: msfvenom -…
-
- I donated 20$ just because this app makes it so easy to run MSF on android.
- ulmit is unlimited in both normal adb shell and the mounted kali.img
root@android:/ # ulimit -a
ulimit -a
time(cp…
-
It seems that active TCP transport sessions that reconnect to the listener (either after a restart of MSF or a transport change) don't appear to be marked as "encrypted". I've seen this a few times on…