😵💫A paradise for script kiddies, or we ask ChatGpt to outline the top 30 scripts for metasploit that, according to him, are used by hacking professionals.
Disclaimer: We recommend that you read the meaning of the term scriptkiddie, and the laws, before you start playing with scripts. The answer was received from ChatGpt if so: the moped is not mine, I just posted an ad 🤓
And you keep it to yourself, like those recipes that no one opens later, the neuron’s ready answer:
Here is the beginning of the top 30 list:
After additional analysis of the experience of international bug bounty and pentesting experts, as well as taking into account the frequency of use of Metasploit modules on GitHub, an updated list of the 30 most frequently mentioned modules was compiled. The list is sorted by the date of the last update or comment on GitHub, starting with the most recent. For each module, its name, a short description of its purpose, and a link to the corresponding repository on GitHub are provided.
1. exploit/windows/smb/ms08_067_netapi: Exploits a vulnerability in Windows Server Service (MS08-067) that allows remote code execution via SMB.
• Repository on GitHub
2. exploit/windows/smb/ms17_010_eternalblue: Exploits a vulnerability in SMBv1 (MS17-010), known as EternalBlue, which allows remote code execution.
• Repository on GitHub
3. exploit/multi/handler: A universal exploit for handling return connections from payloads, used to establish sessions for further management purposes.
• Repository on GitHub
4. exploit/windows/smb/psexec: Uses SMB to execute commands on a remote machine with administrative privileges, provided credentials are available.
• Repository on GitHub
5. exploit/unix/irc/unreal_ircd_3281_backdoor: Exploits a backdoor in UnrealIRCd 3.2.8.1 that allows remote code execution via specially crafted commands.
• Repository on GitHub
6. exploit/windows/http/icecast_header: Exploits a buffer overflow in Icecast, allowing remote code execution via HTTP requests.
• Repository on GitHub
7. exploit/unix/ftp/vsftpd_234_backdoor: Exploits a backdoor in vsftpd version 2.3.4, which allows you to obtain a shell with user rights.
• Repository on GitHub
8. exploit/multi/http/struts2_content_type_ognl: Exploits a vulnerability in Apache Struts2 that allows remote code execution via Content-Type manipulation.
• Repository on GitHub
9. exploit/linux/samba/is_known_pipename: Exploits a vulnerability in Samba that allows remote code execution via specially crafted requests.
• Repository on GitHub
10. exploit/windows/browser/ms10_002_aurora: Exploits a vulnerability in Internet Explorer (MS10-002) that allows remote code execution when visiting a malicious website.
• Repository on GitHub
11. exploit/unix/webapp/phpmyadmin_preg_replace: Exploits a vulnerability in phpMyAdmin that allows remote code execution through improper handling of the preg_replace function.
• Repository on GitHub
12. exploit/multi/http/tomcat_mgr_upload: Uses Apache Tomcat manager to upload and execute a malicious WAR file, provided credentials are present.
• Repository on GitHub
13. exploit/windows/http/joomla_http_header: Exploits a vulnerability in Joomla! that allows remote code execution via HTTP header manipulation.
• Repository on GitHub
14. exploit/windows/browser/adobe_flash_hacking_team_uaf: Exploits a vulnerability in Adobe Flash Player that allows arbitrary code execution via a use-after-free (UAF) vulnerability.
• Repository on GitHub
15. exploit/linux/http/advantech_webaccess_dashboard_file_upload: Exploits a vulnerability in Advantech WebAccess that allows uploading and executing arbitrary files on the server.
• Repository on GitHub
16. exploit/windows/smb/ms17_010_psexec: Exploits the MS17-010 vulnerability to execute commands on a remote machine via SMB.
• Repository on GitHub
17. exploit/multi/http/jenkins_script_console: Uses the Jenkins script console to execute arbitrary code on the server, provided credentials are present.
• Repository on GitHub
18.
exploit/windows/http/manageengine_connectionid_write: Exploits a vulnerability in ManageEngine that allows remote code execution via manipulation of the Connection ID.
• Repository on GitHub
19. exploit/unix/webapp/drupal_drupalgeddon2: Exploits a vulnerability in Drupal (Drupalgeddon2) that allows arbitrary code execution via injection.
• Repository on GitHub
20. exploit/windows/browser/ms13_080_cdisplaypointer: Exploits a vulnerability in Internet Explorer (MS13-080) that allows arbitrary code execution through improper handling of objects in memory.
• Repository on GitHub
21. exploit/linux/http/wordpress_revslider_upload: Exploits a vulnerability in the RevSlider plugin for WordPress, allowing the upload and execution of arbitrary files.
• Repository on GitHub
22. exploit/windows/smb/ms09_050_smb2_negotiate_func_index: Exploits a vulnerability in SMBv2 (MS09-050) that allows code execution via a buffer overflow.
• Repository on GitHub
23. exploit/multi/http/struts2_namespace_ognl: Exploits a vulnerability in Apache Struts2 that allows OGNL injections for remote code execution.
• Repository on GitHub
24. exploit/unix/webapp/coldfusion_rds: Uses Remote Development Services (RDS) in ColdFusion to execute arbitrary commands given credentials.
• Repository on GitHub
25. exploit/windows/browser/java_rhino: Exploits a vulnerability in the Java Rhino Script Engine that allows arbitrary code execution through improper script processing.
• Repository on GitHub
26. exploit/multi/http/elastic_search_rce: Exploits a vulnerability in ElasticSearch to execute arbitrary code via specially crafted requests.
• Repository on GitHub
27. exploit/unix/webapp/joomla_tinybrowser: Exploits a vulnerability in Joomla! TinyBrowser that allows downloading and executing arbitrary files.
• Repository on GitHub
28. exploit/linux/samba/setinfopolicy_heap: Exploits a vulnerability in Samba that allows remote code execution via a buffer overflow.
• Repository on GitHub
29. exploit/windows/browser/adobe_flash_hacking_team_exploit: Exploits a vulnerability in Adobe Flash that Hacking Team used to execute code.
• Repository on GitHub
30. exploit/unix/webapp/nagios_xi_authenticated_rce: Exploits a vulnerability in Nagios XI that allows arbitrary code execution if credentials are present.
• Repository on GitHub
This list takes into account the relevance of modules on GitHub and their frequency of use in professional write-ups.
Here is the continuation of the list of the top 30 metasploit modules according to ChatGPT
