AutoSploit/etc/json/default_modules.json at dev-beta · Uncommon-Dev/AutoSploit · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
{
  "exploits": [
     "exploit/windows/ftp/ms09_053_ftpd_nlst",
     "exploit/windows/firewall/blackice_pam_icq",
     "exploit/windows/http/amlibweb_webquerydll_app",
     "exploit/windows/http/ektron_xslt_exec_ws",
     "exploit/windows/http/umbraco_upload_aspx",
     "exploit/windows/iis/iis_webdav_scstoragepathfromurl",
     "exploit/windows/iis/iis_webdav_upload_asp",
     "exploit/windows/iis/ms01_023_printer",
     "exploit/windows/iis/ms01_026_dbldecode",
     "exploit/windows/iis/ms01_033_idq",
     "exploit/windows/iis/ms02_018_htr",
     "exploit/windows/iis/ms02_065_msadc",
     "exploit/windows/iis/ms03_007_ntdll_webdav",
     "exploit/windows/iis/msadc",
     "exploit/windows/isapi/ms00_094_pbserver",
     "exploit/windows/isapi/ms03_022_nsiislog_post",
     "exploit/windows/isapi/ms03_051_fp30reg_chunked",
     "exploit/windows/isapi/rsa_webagent_redirect",
     "exploit/windows/isapi/w3who_query",
     "exploit/windows/scada/advantech_webaccess_dashboard_file_upload",
     "exploit/windows/ssl/ms04_011_pct",
     "exploit/freebsd/http/watchguard_cmd_exec ",
     "exploit/linux/http/alienvault_exec ",
     "exploit/linux/http/alienvault_sqli_exec ",
     "exploit/linux/http/astium_sqli_upload ",
     "exploit/linux/http/centreon_sqli_exec ",
     "exploit/linux/http/centreon_useralias_exec ",
     "exploit/linux/http/crypttech_cryptolog_login_exec ",
     "exploit/linux/http/dolibarr_cmd_exec ",
     "exploit/linux/http/goautodial_3_rce_command_injection",
     "exploit/linux/http/kloxo_sqli ",
     "exploit/linux/http/nagios_xi_chained_rce ",
     "exploit/linux/http/netgear_wnr2000_rce ",
     "exploit/linux/http/pandora_fms_sqli ",
     "exploit/linux/http/riverbed_netprofiler_netexpress_exe ",
     "exploit/linux/http/wd_mycloud_multiupload_upload ",
     "exploit/linux/http/zabbix_sqli ",
     "exploit/linux/misc/qnap_transcode_server ",
     "exploit/linux/mysql/mysql_yassl_getname ",
     "exploit/linux/mysql/mysql_yassl_hello ",
     "exploit/linux/postgres/postgres_payload ",
     "exploit/linux/samba/is_known_pipename ",
     "exploit/multi/browser/java_jre17_driver_manager ",
     "exploit/multi/http/atutor_sqli ",
     "exploit/multi/http/dexter_casinoloader_exec ",
     "exploit/multi/http/drupal_drupageddon ",
     "exploit/multi/http/manage_engine_dc_pmp_sqli ",
     "exploit/multi/http/manageengine_search_sqli ",
     "exploit/multi/http/movabletype_upgrade_exec ",
     "exploit/multi/http/php_volunteer_upload_exe ",
     "exploit/multi/http/sonicwall_scrutinizer_methoddetail_sqli ",
     "exploit/multi/http/splunk_mappy_exec ",
     "exploit/multi/http/testlink_upload_exec ",
     "exploit/multi/http/zpanel_information_disclosure_rce ",
     "exploit/multi/misc/legend_bot_exec ",
     "exploit/multi/mysql/mysql_udf_payload ",
     "exploit/multi/postgres/postgres_createlang ",
     "exploit/solaris/sunrpc/ypupdated_exec ",
     "exploit/unix/ftp/proftpd_133c_backdoor ",
     "exploit/unix/http/tnftp_savefile ",
     "exploit/unix/webapp/joomla_contenthistory_sqli_rce ",
     "exploit/unix/webapp/kimai_sqli ",
     "exploit/unix/webapp/openemr_sqli_privesc_upload ",
     "exploit/unix/webapp/seportal_sqli_exec ",
     "exploit/unix/webapp/vbulletin_vote_sqli_exec ",
     "exploit/unix/webapp/vicidial_manager_send_cmd_exec",
     "exploit/windows/antivirus/symantec_endpoint_manager_rce ",
     "exploit/windows/http/apache_mod_rewrite_ldap ",
     "exploit/windows/http/ca_totaldefense_regeneratereports",
     "exploit/windows/http/cyclope_ess_sqli",
     "exploit/windows/http/hp_mpa_job_acct",
     "exploit/windows/http/solarwinds_storage_manager_sql",
     "exploit/windows/http/sonicwall_scrutinizer_sql",
     "exploit/windows/misc/altiris_ds_sqli ",
     "exploit/windows/misc/fb_cnct_group ",
     "exploit/windows/misc/lianja_db_net ",
     "exploit/windows/misc/manageengine_eventlog_analyzer_rce ",
     "exploit/windows/mssql/lyris_listmanager_weak_pass ",
     "exploit/windows/mssql/ms02_039_slammer ",
     "exploit/windows/mssql/ms09_004_sp_replwritetovarbin ",
     "exploit/windows/mssql/ms09_004_sp_replwritetovarbin_sqli ",
     "exploit/windows/mssql/mssql_linkcrawler ",
     "exploit/windows/mssql/mssql_payload ",
     "exploit/windows/mssql/mssql_payload_sqli ",
     "exploit/windows/mysql/mysql_mof ",
     "exploit/windows/mysql/mysql_start_up ",
     "exploit/windows/mysql/mysql_yassl_hello",
     "exploit/windows/mysql/scrutinizer_upload_exec ",
     "exploit/windows/postgres/postgres_payload ",
     "exploit/windows/scada/realwin_on_fcs_login",
     "exploit/multi/http/rails_actionpack_inline_exec",
     "exploit/multi/http/rails_dynamic_render_code_exec",
     "exploit/multi/http/rails_json_yaml_code_exec",
     "exploit/multi/http/rails_secret_deserialization",
     "exploit/multi/http/rails_web_console_v2_code_exec",
     "exploit/multi/http/rails_xml_yaml_code_exec",
     "exploit/multi/http/rocket_servergraph_file_requestor_rce",
     "exploit/multi/http/phpmoadmin_exec",
     "exploit/multi/http/phpmyadmin_3522_backdoor",
     "exploit/multi/http/phpmyadmin_preg_replace",
     "exploit/multi/http/phpscheduleit_start_date",
     "exploit/multi/http/phptax_exec",
     "exploit/multi/http/phpwiki_ploticus_exec",
     "exploit/multi/http/plone_popen2",
     "exploit/multi/http/pmwiki_pagelist",
     "exploit/multi/http/joomla_http_header_rce",
     "exploit/multi/http/novell_servicedesk_rce",
     "exploit/multi/http/oracle_reports_rce",
     "exploit/multi/http/php_utility_belt_rce",
     "exploit/multi/http/phpfilemanager_rce",
     "exploit/multi/http/processmaker_exec",
     "exploit/multi/http/rocket_servergraph_file_requestor_rce",
     "exploit/multi/http/spree_search_exec",
     "exploit/multi/http/spree_searchlogic_exec",
     "exploit/multi/http/struts_code_exec_parameters",
     "exploit/multi/http/vtiger_install_rce",
     "exploit/multi/http/werkzeug_debug_rce",
     "exploit/multi/http/zemra_panel_rce",
     "exploit/multi/http/zpanel_information_disclosure_rce",
     "exploit/multi/http/joomla_http_header_rce",
     "exploit/unix/webapp/joomla_akeeba_unserialize",
     "exploit/unix/webapp/joomla_comjce_imgmanager",
     "exploit/unix/webapp/joomla_contenthistory_sqli_rce",
     "exploit/unix/webapp/joomla_media_upload_exec",
     "exploit/multi/http/builderengine_upload_exec",
     "exploit/multi/http/caidao_php_backdoor_exec",
     "exploit/multi/http/atutor_sqli ",
     "exploit/multi/http/ajaxplorer_checkinstall_exec",
     "exploit/multi/http/apache_activemq_upload_jsp",
     "exploit/unix/webapp/wp_lastpost_exec",
     "exploit/unix/webapp/wp_mobile_detector_upload_execute",
     "exploit/multi/http/axis2_deployer",
     "exploit/unix/webapp/wp_foxypress_upload",
     "exploit/linux/http/tr064_ntpserver_cmdinject",
     "exploit/linux/misc/quest_pmmasterd_bof",
     "exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload",
     "exploit/unix/webapp/php_xmlrpc_eval",
     "exploit/unix/webapp/wp_admin_shell_upload",
     "exploit/linux/http/sophos_wpa_sblistpack_exec",
     "exploit/linux/local/sophos_wpa_clear_keys",
     "exploit/multi/http/zpanel_information_disclosure_rce",
     "auxiliary/admin/cisco/cisco_asa_extrabacon",
     "auxiliary/admin/cisco/cisco_secure_acs_bypass",
     "auxiliary/admin/cisco/vpn_3000_ftp_bypass",
     "exploit/bsdi/softcart/mercantec_softcart ",
     "exploit/freebsd/misc/citrix_netscaler_soap_bof",
     "exploit/freebsd/samba/trans2open",
     "exploit/linux/ftp/proftp_sreplace ",
     "exploit/linux/http/dcos_marathon",
     "exploit/linux/http/f5_icall_cmd",
     "exploit/linux/http/fritzbox_echo_exec",
     "exploit/linux/http/gitlist_exec",
     "exploit/linux/http/goautodial_3_rce_command_injection",
     "exploit/linux/http/ipfire_bashbug_exec",
     "exploit/linux/http/ipfire_oinkcode_exec",
     "exploit/linux/http/ipfire_proxy_exec",
     "exploit/linux/http/kaltura_unserialize_rce",
     "exploit/linux/http/lifesize_uvc_ping_rce",
     "exploit/linux/http/nagios_xi_chained_rce",
     "exploit/linux/http/netgear_dgn1000_setup_unauth_exec",
     "exploit/linux/http/netgear_wnr2000_rce ",
     "exploit/linux/http/nuuo_nvrmini_auth_rce",
     "exploit/linux/http/nuuo_nvrmini_unauth_rce",
     "exploit/linux/http/op5_config_exec",
     "exploit/linux/http/pandora_fms_exec",
     "exploit/linux/http/pineapple_preconfig_cmdinject",
     "exploit/linux/http/seagate_nas_php_exec_noauth",
     "exploit/linux/http/symantec_messaging_gateway_exec",
     "exploit/linux/http/trendmicro_imsva_widget_exec",
     "exploit/linux/http/trueonline_billion_5200w_rce",
     "exploit/linux/http/trueonline_p660hn_v1_rce",
     "exploit/linux/http/trueonline_p660hn_v2_rce",
     "exploit/linux/http/vcms_upload",
     "exploit/linux/misc/lprng_format_string",
     "exploit/linux/misc/mongod_native_helper",
     "exploit/linux/misc/ueb9_bpserverd",
     "exploit/linux/mysql/mysql_yassl_getname",
     "exploit/linux/pop3/cyrus_pop3d_popsubfolders",
     "exploit/linux/postgres/postgres_payload",
     "exploit/linux/pptp/poptop_negative_read",
     "exploit/linux/proxy/squid_ntlm_authenticate",
     "exploit/linux/samba/lsa_transnames_heap",
     "exploit/linux/samba/setinfopolicy_heap",
     "exploit/linux/samba/trans2open",
     "exploit/multi/elasticsearch/script_mvel_rce",
     "exploit/multi/elasticsearch/search_groovy_script",
     "exploit/multi/http/atutor_sqli",
     "exploit/multi/http/axis2_deployer",
     "exploit/multi/http/familycms_less_exe",
     "exploit/multi/http/freenas_exec_raw",
     "exploit/multi/http/gestioip_exec",
     "exploit/multi/http/glassfish_deployer",
     "exploit/multi/http/glpi_install_rce",
     "exploit/multi/http/joomla_http_header_rce ",
     "exploit/multi/http/makoserver_cmd_exec",
     "exploit/multi/http/novell_servicedesk_rc",
     "exploit/multi/http/oracle_reports_rce",
     "exploit/multi/http/php_utility_belt_rce",
     "exploit/multi/http/phpfilemanager_rce",
     "exploit/multi/http/phpmyadmin_3522_backdoor",
     "exploit/multi/http/phpwiki_ploticus_exec",
     "exploit/multi/http/processmaker_exec",
     "exploit/multi/http/rails_actionpack_inline_exec",
     "exploit/multi/http/rails_dynamic_render_code_exec",
     "exploit/multi/http/rails_secret_deserialization",
     "exploit/multi/http/rocket_servergraph_file_requestor_rce",
     "exploit/multi/http/simple_backdoors_exec",
     "exploit/multi/http/spree_search_exec",
     "exploit/multi/http/spree_searchlogic_exec",
     "exploit/multi/http/struts2_rest_xstream",
     "exploit/multi/http/struts_code_exec",
     "exploit/multi/http/struts_code_exec_classloader",
     "exploit/multi/http/struts_code_exec_parameters",
     "exploit/multi/http/struts_dev_mode",
     "exploit/multi/http/sysaid_auth_file_upload",
     "exploit/multi/http/tomcat_jsp_upload_bypass",
     "exploit/multi/http/vtiger_install_rce",
     "exploit/multi/http/werkzeug_debug_rce",
     "exploit/multi/http/zemra_panel_rce",
     "exploit/multi/http/zpanel_information_disclosure_rce",
     "exploit/multi/ids/snort_dce_rpc",
     "exploit/multi/misc/batik_svg_java",
     "exploit/multi/misc/pbot_exec",
     "exploit/multi/misc/veritas_netbackup_cmdexec",
     "exploit/multi/mysql/mysql_udf_payload",
     "exploit/multi/php/php_unserialize_zval_cookie",
     "exploit/unix/http/freepbx_callmenum",
     "exploit/unix/http/lifesize_room",
     "exploit/unix/http/pfsense_clickjacking",
     "exploit/unix/http/pfsense_group_member_exec",
     "exploit/unix/http/tnftp_savefile",
     "exploit/unix/misc/polycom_hdx_traceroute_exec",
     "exploit/unix/webapp/awstats_migrate_exec",
     "exploit/unix/webapp/carberp_backdoor_exec",
     "exploit/unix/webapp/citrix_access_gateway_exec",
     "exploit/unix/webapp/dogfood_spell_exec",
     "exploit/unix/webapp/invision_pboard_unserialize_exec",
     "exploit/unix/webapp/joomla_contenthistory_sqli_rce",
     "exploit/unix/webapp/mybb_backdoor",
     "exploit/unix/webapp/opensis_modname_exec",
     "exploit/unix/webapp/oscommerce_filemanager",
     "exploit/unix/webapp/piwik_superuser_plugin_upload",
     "exploit/unix/webapp/tikiwiki_upload_exec",
     "exploit/unix/webapp/webtester_exec",
     "exploit/unix/webapp/wp_phpmailer_host_header",
     "exploit/unix/webapp/wp_total_cache_exec",
     "exploit/windows/antivirus/symantec_endpoint_manager_rce",
     "exploit/windows/http/ektron_xslt_exec",
     "exploit/windows/http/ektron_xslt_exec_ws",
     "exploit/windows/http/geutebrueck_gcore_x64_rce_bo",
     "exploit/windows/http/hp_autopass_license_traversal",
     "exploit/windows/http/manage_engine_opmanager_rce",
     "exploit/windows/http/netgear_nms_rce",
     "exploit/windows/http/sepm_auth_bypass_rce",
     "exploit/windows/http/trendmicro_officescan_widget_exec",
     "exploit/windows/iis/iis_webdav_upload_asp",
     "exploit/windows/iis/msadc",
     "exploit/windows/misc/manageengine_eventlog_analyzer_rce",
     "exploit/windows/novell/file_reporter_fsfui_upload",
     "exploit/windows/scada/ge_proficy_cimplicity_gefebt",
     "exploit/windows/smb/ipass_pipe_exec",
     "exploit/windows/smb/smb_relay",
     "auxiliary/sqli/oracle/jvm_os_code_10g",
     "auxiliary/sqli/oracle/jvm_os_code_11g"
  ]
}