This module exploits a buffer overflow when parsing the username used to authenticate a connection against an Oracle DataBase.
This module exploits a buffer overflow in the arguments of the Oracle Service Listener commands.
This module exploits a stack-based buffer overflow in the Oracle DB Server by sending a specially crafted SQL query.
This module exploits a vulnerability in the Client System Analyzer component of the Oracle Database Server.
This module exploits a stack based buffer overflow in the Oracle process. This is done by sending an 'AUTH_SESSKEY' property longer than the 64 bytes expected.
A missing boundary check in the TLS Heartbeat extension in OpenSSL can be abused by remote attackers to read up to 64 kb of memory from the server. This memory disclosure vulnerability can be used by remote unauthenticated attackers to obtain sensitive information from the affected server, including private keys and session cookies. This module will check if the target machine is vulnerable and it will try to dump memory contents to the Module Log window. This memory dump may contain sensitive data, as explained above.
This module exploits a vulnerability in the OpenSSL library, which is used by Apache if HTTPS support is provided. OpenSSL versions 0.9.7-beta, 0.9.7, 0.9.7a and 0.9.7b are affected. The corresponding OpenSSL advisory states: "Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure". This module triggers this deallocation and abuses the dynamic memory allocator of vulnerable Linux systems in order to execute arbitrary code. This module can not be launched from an agent.
This module exploits a vulnerability in the OpenSSL library. OpenSSL versions 0.9.7-beta, 0.9.7, 0.9.7a and 0.9.7b are affected. The corresponding OpenSSL advisory states: "Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure". This module triggers this deallocation and abuses the dynamic memory allocator of vulnerable Linux systems in order to execute arbitrary code. 3 different attack methods are available: - Known-targets: this method will attempt to exploit the remote server using the parameters of the built-in known-targets. Since this method will be carried out quickly, it is the first one that should be tried. - Stack at 0xc0000000: this method will try to brute-force the stack until the correct return address is found. This method can take a very long time, but will stop as soon as it considers that the correct return address could not be found. - Stack at 0x80000000: this method is similar to the previous one and should only be tried if the previous methods failed. The stack of most of the Linux systems is indeed located at 0xc0000000, but in some rare cases it can be located at 0x80000000.
This module exploits an error in the PAM authentication code present in certain portable versions of OpenSSH. Vulnerable servers allow valid users to login with invalid passwords.
After successful exploitation an agent will be deployed. The agent will be installed with root privileges