Skip to content
This exploit for CVE 2018-11759, vulnerability in apache mod_jk, module for load-balancer
Branch: master
Clone or download
Latest commit c3b697d Jan 21, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
files_cap
.gitignore
LICENSE
main
readme.md

readme.md

Other language git - pt-BR

Check if your instances are expose the CVE 2018-11759

The archive main are a script in bash for exploiting.

The urls shall use the protocol and complete addres, example: https://test.site.com.br

asciicast

For more urls in one consult, can be used the here-document, example:

# Call the bash, no request permission for exec
bash main << EOF
https://vulpagepagevul.com
http://pamonhaemandioca.gov.br
https://youtube.com
# ...
EOF

If no want use the here-document, he can be open with bash main

Audit

To facilitate the audit report a file is created in files_cap/ with name of target.data that have all details of target load balancer, with internal address, ports, timestemp, distros, routes, etc.

License

This exploit is free, GNU GPL version 3

This project created by @jul10l1r4 are part of Segmentation fault

Segmentation fault

You can’t perform that action at this time.