Attack Samba Server – This module exploits a directory traversal flaw in the Samba CIFS server. To exploit this flaw, a writeable share must be specified. The newly created directory will link to the root filesystem.
Attack Linux DistCC Daemon – This module uses a documented security weakness to execute arbitrary commands on any system running distccd.
Attack PostgreSQL Server – This module attempts to authenticate against a PostgreSQL instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. Note that passwords may be either plaintext or MD5 formatted hashes.
Attack Apache – When run as a CGI, PHP up to version 5.3.12 and 5.4.2 is vulnerable to an argument injection vulnerability. This module takes advantage of the -d flag to set php.ini directives to achieve code execution.
Attack Unreal IRC Server – This module exploits a malicious backdoor that was added to the Unreal IRCD 18.104.22.168 download archive. This backdoor was present in the Unreal22.214.171.124.tar.gz archive between November 2009 and June 12th 2010.
This module exploits a command execution vulnerability in Samba versions 3.0.20 through 3.0.25rc3 when using the non-default “username map script” configuration option. By specifying a username containing shell meta characters, attackers can execute arbitrary commands.