This Metasploit module uploads an executable file to the victim system, creates a share containing that executable, creates a remote service on each target system using a UNC path to that file, and finally starts the service(s). The result is similar to psexec but with the added benefit of using the session's current authentication token instead of having to know a password or hash.
1266e769e519a09d7281cc5e6e4bf971bf2865f98a66227eb701a97be346b69f
BASE, the Basic Analysis and Security Engine, suffers from persistent and reflective cross site scripting vulnerabilities.
d9a751bcb3f529c6b08274bfcd1ab03641b45d437840201bb3bc5afd38b94d4c