Tags archives: execution

 

 

0

VICIdial user_authorization Unauthenticated Command Execution

This Metasploit module exploits a vulnerability in VICIdial versions 2.9 RC 1 to 2.13 RC1 which allows unauthenticated users to execute arbitrary operating system commands as the web server user if password encryption is enabled (disabled by default). When password encryption is enabled the user’s password supplied using HTTP basic authentication is used in a […]

The post VICIdial user_authorization Unauthenticated Command Execution appeared first on MondoUnix.

 

0

Metasploit RPC Console Command Execution

This Metasploit module connects to a specified Metasploit RPC server and uses the ‘console.write’ procedure to execute operating system commands. Valid credentials are required to access the RPC interface. This Metasploit module has been tested successfully on Metasploit 4.15 on Kali 1.0.6; Metasploit 4.14 on Kali 2017.1; and Metasploit 4.14 on Windows 7 SP1. Source: […]

The post Metasploit RPC Console Command Execution appeared first on MondoUnix.