Skip to content

cd6629/Python-scripts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits

BruteForcePHPExtensions.py

BruteForcePHPExtensions.py

 
 

CVE-2019-15107.py

CVE-2019-15107.py

 
 

README.md

README.md

 
 

brutePig.py

brutePig.py

 
 

jackLocalPriv.py

jackLocalPriv.py

 
 

pickDeserial.py

pickDeserial.py

 
 

Repository files navigation

Python-scripts

Random Python scripts

CVE-2019-15107

I constructed this small script for the TryHackMe Room Source. Packet storm provided a base PoC script to build from including

  • calling the payload via os.system with curl
  • formatting the header with a referer
  • establishing a revere shell by downloading a bash script from an HTTP server

Proof showing the reverse shell on source:

Alt text

EDB-ID-44595-Wordpress-Python-Privesc-Script

I wrote this small script as an alternative to a Metasploit Wordpress privilege escalation module (44595.rb), for the TryHackMe room Jack. The only issue was formatting the cookie properly for the second request. The initial request responds with three separate cookies, one for the test, one for plugins and one for the admin page. Inspecting the headers reveal that the admin page is the last cookie and I was able split accordingly.

Proof showing the 200 OK status code:

Alt text

About

Random Python scripts

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages