Metasploit modules that can be used to exploit SUN products

Order by Disclosure Date Module Name Module Type
  • WinRM Login Utility
    First seen: 2020-04-26
    auxiliary/scanner/winrm/winrm_login
    This module attempts to authenticate to a WinRM service. It currently works only if the remote end allows Negotiate(NTLM) authentication. Kerberos is not currently supported. Please note: in order to use this module without SSL, the 'AllowUnencrypted' winrm option must be set. Otherwise adjust the port and set the SSL options in the module as appropriate. Authors: - thelightcosine - smashery
  • GlassFish Brute Force Utility
    First seen: 2020-04-26
    auxiliary/scanner/http/glassfish_login
    This module attempts to login to GlassFish instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. It will also try to do an authentication bypass against older versions of GlassFish. Note: by default, GlassFish 4.0 requires HTTPS, which means you must set the SSL option to true, and SSLVersion to TLS1. It also needs Secure Admin to access the DAS remotely. Authors: - Joshua Abraham <jabra@spl0it.org> - sinn3r <sinn3r@metasploit.com>
  • PcAnywhere Login Scanner
    First seen: 2020-04-26
    auxiliary/scanner/pcanywhere/pcanywhere_login
    This module will test pcAnywhere logins on a range of machines and report successful logins. Authors: - theLightCosine <theLightCosine@metasploit.com>
  • Brocade Enable Login Check Scanner
    First seen: 2020-04-26
    auxiliary/scanner/telnet/brocade_enable_login
    This module will test a range of Brocade network devices for a privileged logins and report successes. The device authentication mode must be set as 'aaa authentication enable default local'. Telnet authentication, e.g. 'enable telnet authentication', should not be enabled in the device configuration. This module has been tested against the following devices: ICX6450-24 SWver 07.4.00bT311, FastIron WS 624 SWver 07.2.02fT7e1 Authors: - h00die <mike@shorebreaksecurity.com>
  • rsh Authentication Scanner
    First seen: 2020-04-26
    auxiliary/scanner/rservices/rsh_login
    This module will test a shell (rsh) service on a range of machines and report successful logins. NOTE: This module requires access to bind to privileged ports (below 1024). Authors: - jduck <jduck@metasploit.com>
  • FTP Authentication Scanner
    First seen: 2020-04-26
    auxiliary/scanner/ftp/ftp_login
    This module will test FTP logins on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access. Authors: - todb <todb@metasploit.com>
  • D-Link DIR-300A / DIR-320 / DIR-615D HTTP Login Utility
    First seen: 2020-04-26
    auxiliary/scanner/http/dlink_dir_300_615_http_login
    This module attempts to authenticate to different D-Link HTTP management services. It has been tested on D-Link DIR-300 Hardware revision A, D-Link DIR-615 Hardware revision D and D-Link DIR-320 devices. It is possible that this module also works with other models. Authors: - hdm <x@hdm.io> - Michael Messner <devnull@s3cur1ty.de>
  • NNTP Login Utility
    First seen: 2020-04-26
    auxiliary/scanner/nntp/nntp_login
    This module attempts to authenticate to NNTP services which support the AUTHINFO authentication extension. This module supports AUTHINFO USER/PASS authentication, but does not support AUTHINFO GENERIC or AUTHINFO SASL authentication methods. Authors: - bcoles <bcoles@gmail.com>
  • SSH Login Check Scanner
    First seen: 2020-04-26
    auxiliary/scanner/ssh/ssh_login
    This module will test ssh logins on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access. Authors: - todb <todb@metasploit.com>
  • PostgreSQL Login Utility
    First seen: 2020-04-26
    auxiliary/scanner/postgres/postgres_login
    This module attempts to authenticate against a PostgreSQL instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. Note that passwords may be either plaintext or MD5 formatted hashes. Authors: - todb <todb@metasploit.com>
  • Joomla Bruteforce Login Utility
    First seen: 2020-04-26
    auxiliary/scanner/http/joomla_bruteforce_login
    This module attempts to authenticate to Joomla 2.5. or 3.0 through bruteforce attacks Authors: - luisco100 <luisco100@gmail.com>
  • Telnet Login Check Scanner
    First seen: 2020-04-26
    auxiliary/scanner/telnet/telnet_login
    This module will test a telnet login on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access. Authors: - egypt <egypt@metasploit.com>
  • DB2 Authentication Brute Force Utility
    First seen: 2020-04-26
    auxiliary/scanner/db2/db2_auth
    This module attempts to authenticate against a DB2 instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. Authors: - todb <todb@metasploit.com>
  • Wordpress XML-RPC Username/Password Login Scanner
    First seen: 2020-04-26
    auxiliary/scanner/http/wordpress_xmlrpc_login
    This module attempts to authenticate against a Wordpress-site (via XMLRPC) using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. Authors: - Cenk Kalpakoglu <cenk.kalpakoglu@gmail.com>
  • Tomcat Application Manager Login Utility
    First seen: 2020-04-26
    auxiliary/scanner/http/tomcat_mgr_login
    This module simply attempts to login to a Tomcat Application Manager instance using a specific user/pass. Authors: - MC <mc@metasploit.com> - Matteo Cantoni <goony@nothink.org> - jduck <jduck@metasploit.com>
  • D-Link DIR-300B / DIR-600B / DIR-815 / DIR-645 HTTP Login Utility
    First seen: 2020-04-26
    auxiliary/scanner/http/dlink_dir_session_cgi_http_login
    This module attempts to authenticate to different D-Link HTTP management services. It has been tested successfully on D-Link DIR-300 Hardware revision B, D-Link DIR-600 Hardware revision B, D-Link DIR-815 Hardware revision A and DIR-645 Hardware revision A devices. It is possible that this module also works with other models. Authors: - hdm <x@hdm.io> - Michael Messner <devnull@s3cur1ty.de>
  • HTTP Login Utility
    First seen: 2020-04-26
    auxiliary/scanner/http/http_login
    This module attempts to authenticate to an HTTP service. Authors: - hdm <x@hdm.io>
  • MySQL Login Utility
    First seen: 2020-04-26
    auxiliary/scanner/mysql/mysql_login
    This module simply queries the MySQL instance for a specific user/pass (default is root with blank). Authors: - Bernardo Damele A. G. <bernardo.damele@gmail.com>
  • D-Link DIR-615H HTTP Login Utility
    First seen: 2020-04-26
    auxiliary/scanner/http/dlink_dir_615h_http_login
    This module attempts to authenticate to different D-Link HTTP management services. It has been tested successfully on D-Link DIR-615 Hardware revision H devices. It is possible that this module also works with other models. Authors: - hdm <x@hdm.io> - Michael Messner <devnull@s3cur1ty.de>
  • VMWare Web Login Scanner
    First seen: 2020-04-26
    auxiliary/scanner/vmware/vmware_http_login
    This module attempts to authenticate to the VMWare HTTP service for VmWare Server, ESX, and ESXI Authors: - theLightCosine <theLightCosine@metasploit.com>
60 metasploit modules found
1 2 3
Please note: Metasploit modules are only matched by CVE numbers. Visit metasploit web site for more details
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close