Showing 1 - 3 of 3

Files from Graeme Robinson

First Active	2018-04-09
Last Active	2020-11-28

Apache NiFi API Remote Code Execution: Posted Nov 28, 2020; Authored by Graeme Robinson | Site metasploit.com; This Metasploit module uses the NiFi API to create an ExecuteProcess processor that will execute OS commands. The API must be unsecured (or credentials provided) and the ExecuteProcess processor must be available. An ExecuteProcessor processor is created then is configured with the payload and started. The processor is then stopped and deleted.; tags | exploit; SHA-256 | b437b66f2c8618f8c04df9a7df92d09d11a6da720c7f0e0b83b4d0ced50bc1b8; Download | Favorite | View

Kong Gateway Admin API Remote Code Execution: Posted Nov 25, 2020; Authored by Graeme Robinson | Site metasploit.com; This Metasploit module uses the Kong admin API to create a route and a serverless function plugin that is associated with the route. The plugin runs Lua code and is used to run a system command using os.execute(). After execution the route is deleted, which also deletes the plugin.; tags | exploit; SHA-256 | 4bafd791ffc69e6f0e7e5e659d5843334eaeb9b206ab4512782cccf29ffe011a; Download | Favorite | View

WordPress Simple Fields 0.3.5 File Inclusion / Remote Code Execution: Posted Apr 9, 2018; Authored by Graeme Robinson; WordPress Simple Fields plugin versions 0.2 through 0.3.5 suffer from file inclusion and remote code execution vulnerabilities.; tags | exploit, remote, vulnerability, code execution, file inclusion; SHA-256 | 4338cd5a6fee565ad17148aae284a9aeb2d14240ccb815f68d640689e9cfc13c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days