Hi ! Im new to pen testing and im currently working on my very first box (OpenAdmin)

I did some scanning and found exploit CVE-2019-0211 in exploitdb, which seems to be a good candidate. My problem is, as i try to copy the exploit from searchsploit (exploitdb), metasploit-framework does not registre the new module. And when i do a search for the exploit in msfconsole there is no result.

Path i copied module from exploitdb to:

i ofc tried reload_all /updatedb and all that jazz, and still cant get metasploit to recognize the new module.

In the exploit itself it says that i should upload exploit to target server, and maybe this is what im doing wrong, maybe the exploit is not a metasploit module.
ive read that metasploit only accepts ruby modules so maybe this is the problem ? or am i missing something els ? pls enlighten me :slight_smile:


That is a php exploit and won’t run under metasploit. To use metasploit , you need to search for that specific metasploit module (CVE-2019-0211) , which is written in ruby ( .rb). But i don’t think there’s one written yet …
So to use that php file you’ve got , you’ll need to transfer that .php exploit file to the target machine and run it there

Thank you ! Allready suspected that but feared i was missing something very basic which might have made it work. So thanks again :slight_smile: