what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Thomas McCarthy

Wordpress Pingback Locator

Posted Sep 1, 2024

Authored by Brandon McCann, Thomas McCarthy, Christian Mehlmauer | Site metasploit.com

This Metasploit module will scan for wordpress sites with the Pingback API enabled. By interfacing with the API an attacker can cause the wordpress site to port scan an external target and return results. Refer to the wordpress_pingback_portscanner module. This issue was fixed in wordpress 3.5.1.

tags | exploit

advisories | CVE-2013-0235

SHA-256 | 65cbac95feefbe173371074c6a38d799642d743e4d6bf6a043123171794c676b

Download | Favorite | View

Windows Manage User Level Persistent Payload Installer

Posted Feb 18, 2013

Authored by Brandon McCann, Thomas McCarthy | Site metasploit.com

This Metasploit module creates a scheduled task that will run using service-for-user (S4U). This allows the scheduled task to run even as an unprivileged user that is not logged into the device. This will result in lower security context, allowing access to local resources only. The module requires 'Logon as a batch job' permissions (SeBatchLogonRight).

tags | exploit, local

SHA-256 | cbb54215cefd21bbad843bf7ad1489f0dbdc50063f7fe9bb3f39430b2a7f556d

Download | Favorite | View