Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Wrong CVE
Just so many IBM CVE's to pick from so I had to pick an interesting one
  • Loading branch information
mainframed committed Mar 2, 2014
1 parent 4c35c82 commit 1eb7ba3
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion README.md
Expand Up @@ -6,7 +6,7 @@ A python script which takes a hostname/ip address of a z/OS FTP server, a userna

**Bind/Reverse Shell**: A JCL file is dynamically generated which contains either a bind or reverse shell in C. This C code is compiled, on z/OS, at the time of exploit.

**CVE-2012-5955**: The JCL file contains an implementation of CVE-2012-5955 originally discovered by whomever perpetrated the Logica mainframe breach. Refer to https://github.com/mainframed/logica/blob/master/kuku.rx for original local priv escalation exploit on OMVS. This is essentially a REXX script that exploits a flaw to give you UID 0.
**CVE-2012-5951**: The JCL file contains an implementation of CVE-2012-5955 originally discovered by whomever perpetrated the Logica mainframe breach. Refer to https://github.com/mainframed/logica/blob/master/kuku.rx for original local priv escalation exploit on OMVS. This is essentially a REXX script that exploits a flaw to give you UID 0.

**JCL**: A JCL file is dynamically created based on the criteria provided (shell type, ip addresses, ports), uploaded via FTP and executed by JES (using the SITE FILE=JES extended commands).

Expand Down

0 comments on commit 1eb7ba3

Please sign in to comment.