CVE-1978-1234

Sample Linux Priv Esc

STIX 2.1

Exploitation Summary

EIP tracks 5 public exploits for CVE-1978-1234. PoCs published by h00die <[email protected]>, researcher, skape, including Metasploit module spec/support/shared/examples/msf/db_manager/vuln.

AI-analyzed exploit summary This is a test suite for Metasploit's vulnerability management database functionality, specifically testing the `Msf::DBManager::Vuln` module. It includes unit tests for vulnerability reporting, querying, and reference handling, but does not contain actual exploit code.

Description

This exploit module illustrates how a vulnerability could be exploited in an linux command for priv esc.

Exploits (5)

metasploit WRITEUP
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/spec/support/shared/examples/msf/db_manager/vuln.rb

This is a test suite for Metasploit's vulnerability management database functionality, specifically testing the `Msf::DBManager::Vuln` module. It includes unit tests for vulnerability reporting, querying, and reference handling, but does not contain actual exploit code.

Classification
Writeup 90%
Attack Type
Other
Complexity
Moderate
Reliability
Theoretical
Target: Metasploit Framework
No auth needed
Prerequisites: Metasploit Framework installation · Database backend configured
devstral-2 · analyzed Apr 10, 2026 Full analysis →
metasploit WORKING POC NORMAL
by h00die <[email protected]>, researcher · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/example_webapp.rb

This Metasploit module exploits a command injection vulnerability in a sample web application by authenticating and sending a malicious payload via POST request. It includes version checking and multiple exploit techniques.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Sample Webapp (version <= 1.3)
Auth required
Prerequisites: Valid credentials for the web application · Network access to the target web server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit STUB NORMAL
by skape · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/example.rb

This is a Metasploit module stub for a hypothetical TCP server vulnerability. It includes placeholder values and does not target a real CVE or software.

Classification
Stub 100%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Arbitrary TCP server (example only)
No auth needed
Prerequisites: None (example code only)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by h00die <[email protected]>, researcher · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/example_linux_persistence.rb

This Metasploit module demonstrates Linux persistence by writing a backdoor to a writable directory and modifying a file to maintain access. It supports multiple payload architectures and includes cleanup functionality.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Linux systems with an example app installed
Auth required
Prerequisites: Meterpreter session · Writable directory · Example app installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by h00die <[email protected]>, researcher · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/example_linux_priv_esc.rb

This Metasploit module demonstrates a Linux local privilege escalation exploit. It checks for vulnerable kernel versions and application versions, compiles or uploads an exploit binary, and executes a payload to gain root privileges.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Example Linux command (hypothetical)
Auth required
Prerequisites: Access to a vulnerable Linux system · Write permissions in a directory (e.g., /tmp) · Vulnerable kernel version (4.0 to 4.14.11) · Vulnerable application version (1:2015.3.14AR.1-1build1)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status draft
Tracked Since Feb 18, 2026