Attack Samba Server – This module exploits a directory traversal flaw in the Samba CIFS server. To exploit this flaw, a writeable share must be specified. The newly created directory will link to the root filesystem.
Attack Linux DistCC Daemon – This module uses a documented security weakness to execute arbitrary commands on any system running distccd.
Attack PostgreSQL Server – This module attempts to authenticate against a PostgreSQL instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. Note that passwords may be either plaintext or MD5 formatted hashes.
Attack Samba Server – This module exploits a command execution vulnerability in Samba versions 3.0.20 through 3.0.25rc3 when using the non-default “username map script” configuration option. By specifying a username containing shell meta characters, attackers can execute arbitrary commands.
Attack Apache – When run as a CGI, PHP up to version 5.3.12 and 5.4.2 is vulnerable to an argument injection vulnerability. This module takes advantage of the -d flag to set php.ini directives to achieve code execution.
Attack Unreal IRC Server – This module exploits a malicious backdoor that was added to the Unreal IRCD 126.96.36.199 download archive. This backdoor was present in the Unreal188.8.131.52.tar.gz archive between November 2009 and June 12th 2010.
This module exploits a command execution vulnerability in Samba versions 3.0.20 through 3.0.25rc3 when using the non-default “username map script” configuration option. By specifying a username containing shell meta characters, attackers can execute arbitrary commands.
Attack DNS Servers – A name server is a computer Hardware or software server that implements a network service for providing responses to queries against a directory service.
FTP Bruteforce Attacks are the most common attack on FTP Servers, we just setup a simple tool to test a different combinations of usernames and passwords using wordlists against FTP authentication system but if the username or password isn’t on those wordlists we fail. We need to create a custom wordlist for each company based […]
SMTP Servers Security Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (email) transmission. First defined by RFC 821 in 1982, it was last updated in 2008 with Extended SMTP additions by RFC 5321, which is the protocol in widespread use today. Although electronic mail servers and other mail transfer agents use […]