TeamCity Agent XML-RPC Command Execution

This Metasploit module allows remote code execution on TeamCity Agents configured to use bidirectional communication via xml-rpc. In bidirectional mode the TeamCity server pushes build commands to the Build Agents over port TCP/9090 without requiring authentication. Up until version 10 this was the default configuration. This Metasploit module supports TeamCity agents from version 6.0 onwards.

Link: https://packetstormsecurity.com/files/150487/teamcity_agent_xmlrpc_exec.rb.txt