Metasploit modules that can be used to exploit SAP » Businessobjects
-
Axis2 / SAP BusinessObjects Authenticated Code Execution (via SOAP)
Disclosure Date: 2010-12-30First seen: 2020-04-26exploit/multi/http/axis2_deployerThis module logs in to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using SOAP. Authors: - Joshua Abraham <jabra@rapid7.com> - Chris John Riley -
Apache Axis2 Brute Force Utility
First seen: 2020-04-26auxiliary/scanner/http/axis_loginThis module attempts to login to an Apache Axis2 instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. It has been verified to work on at least versions 1.4.1 and 1.6.2. Authors: - Leandro Oliveira <leandrofernando@gmail.com>
2 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details