bcoles
/ http-igd-info.nse
Created
January 29, 2012 04:38
http-igd-info.nse - Attempts to retrieve device information from an Internet Gateway Device (IGD) UPnP configuration file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| description = [[ | |
| Attempts to retrieve device information from an Internet Gateway Device (IGD) | |
| UPnP configuration file. | |
| For more information, see: | |
| http://upnp.org/specs/gw/igd2 | |
| http://en.wikipedia.org/wiki/Internet_Gateway_Device_Protocol | |
| ]] | |
| --- |
bcoles
/ http-carel-data-server-users.nse
Last active
June 21, 2022 21:53
http-carel-data-server-users.nse - Attempts to retrieve all valid usernames from the HTTP component of Carel Pl@ntVisor (CarelDataServer.exe).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| description = [[ | |
| Attempts to retrieve all valid usernames from the HTTP component of Carel | |
| Pl@ntVisor (CarelDataServer.exe). | |
| ]] | |
| --- | |
| -- @usage | |
| -- nmap --script http-carel-data-server-users -p <port> <host> | |
| -- | |
| -- @output |
bcoles
/ http-server.nse
Created
February 4, 2012 10:21
http-server.nse - Retrieves all HTTP "server" headers.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| description = [[ | |
| Retrieves all HTTP "server" headers. | |
| ]] | |
| --- | |
| -- @usage | |
| -- nmap --script http-server -p <port> <host> | |
| -- | |
| -- @output | |
| -- PORT STATE SERVICE REASON |
bcoles
/ http-3com-nbx-info.nse
Created
February 4, 2012 10:21
http-3com-nbx-info.nse - Attempts to retrieve device information from a 3COM NBX phone system using the web interface. The web interface (NBX NetSet utility) runs on port 80 by default.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| description = [[ | |
| Attempts to retrieve device information from a 3COM NBX phone system using the | |
| web interface. The web interface (NBX NetSet utility) runs on port 80 by | |
| default. | |
| ]] | |
| --- | |
| -- @usage | |
| -- nmap --script http-3com-nbx-info -p <port> <host> | |
| -- |
bcoles
/ acarsd-info.nse
Created
February 24, 2012 00:34
acarsd-info.nse - Retrieves information from a listening acarsd daemon.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| description = [[ | |
| Retrieves information from a listening acarsd daemon. | |
| acarsd is an ACARS decoder for a Linux or Windows PC which attempts to decode ACARS transmissions in real-time. The information retrieved includes the daemon version, API version, administrator e-mail address and listening frequency. | |
| For more information about acarsd, see: | |
| * http://www.acarsd.org/ | |
| ]] | |
| --- |
bcoles
/ nettemp_cmd_exec.rb
Created
October 13, 2013 16:01
This module exploits a command execution vulnerability in nettemp version 7.x which could be abused to allow unauthenticated users to execute arbitrary commands under the context of the web server user. The 'mail_test.php' file calls 'exec()' with user controlled data from the 'test_mail' parameter.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This file is part of the Metasploit Framework and may be subject to | |
| # redistribution and commercial restrictions. Please see the Metasploit | |
| # Framework web site for more information on licensing and terms of use. | |
| # http://metasploit.com/framework/ | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote |
bcoles
/ crack-smartermail
Last active
April 9, 2017 17:18
Crack SmarterMail sysadmin password from 'mailConfig.xml' configuration file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Based on work by Joe Giron @theonlyevil1 | |
| // http://www.gironsec.com/blog/tag/cracking-smartermail/ | |
| using System; | |
| using System.Collections.Generic; | |
| using System.Text; | |
| using System.IO; | |
| using System.Security.Cryptography; | |
| namespace TicketCounter | |
| { |
bcoles
/ shellinabox.rb
Created
August 25, 2014 11:05
This module uses valid credentials to log in to Shell In A Box and execute arbitrary operating system commands. Shell In A Box must be configured to use the system shell (default).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http//metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = AverageRanking |
bcoles
/ pchart_example_page_traversal.rb
Created
August 25, 2014 11:23
This module exploits a directory traversal bug in pChart version 2.1.3 or earlier. The module can only be used to retrieve files.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http//metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Auxiliary | |
| include Msf::Auxiliary::Scanner |
bcoles
/ brute-doom
Created
December 26, 2014 15:00
Throttled single-threaded remote dictionary attack tool for Doom multiplayer server connection password. Tested on Zandronum 1.2.42016.1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # Throttled single-threaded remote dictionary attack tool | |
| # for Doom multiplayer server connection password. | |
| # Tested on Zandronum 1.2.42016.1 | |
| # 2014-12-20 | |
| ## | |
| require 'socket' | |
| $debug = false |