This module exploits a remote code execution vulnerability (CVE-2022-33891) of Apache Spark. The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable.

This exploit is a proof-of-work exploit of the RFI vulnerabilities CVE-2024-25096 and CVE-2023-3452, which allow the attacker to establish an interactive remote shell session on the target.

Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun ...

前回、MacOS上で手軽にMetasploitable3やKali Linuxなどの環境を作ってみることを試してみましたが、ちゃんと同等の環境を構築するためにもうすこし踏み込んだ検証を行ったので、そのメモとして残しておきます。 つらつらといろいろ並べてしまいましたが、要は ...

A Metasploit exploit module has been released for the zero-day vulnerability in Internet Explorer. The flaw has been exploited in attacks against Japanese targets, and expert think the availability of ...

以前、Qiitaに以下のような記事を投稿しました。セキュリティ業界では有名なペネトレーションテストなどで使われるMetasploitのインストール方法と設定方法についてです。 Metasploitのインストール方法と設定方法 - Qiita セキュリティ業界では有名な ...

If you’ve got a way to crack Google Chrome, the Metasploit team wants to pay you for it. Today Rapid 7 announced that it has a total of $5,000 to reward to contributors who send in exploits for its ...