Jump to content
herakty

Own The Router Cisco Security Agent Management Console ‘st_upload’ RCE Exploit

Recommended Posts

herakty

hqdefault.jpg

The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.

este exploit vai criar um processo chamado calc.exe que é uma shell de comandos com totais previlégios na máquina vitima.

Algo assim: reparem que há um linux por detrás que enviou o exploit e um servidor windows, no qual não se tem acessos, mas conseguimos ter no linux (ou windows) uma shell (linha de comandos) a correr dentro do servidor vítima

https://docs.google.com/leaf?id=0B-yzqPEMvkoOZDFiNDM4NTctMzEyOC00ZmQ4LTk5OTAtODg2Mzk5MTQ2OTQ3&hl=en

Explicação: (Published: 2011-04-12)

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0364

Python Exploit

Cisco Security Agent Management Console ‘st_upload’ RCE Exploit

http://www.exploit-db.com/exploits/17155/

Instalar o Python e correr na shell

(linux) #!/usr/bin/env python

(windows) C:\python python.py

teckV - 011000010110111001101111011011100111100101101101011011110111010101110011

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

By using this site you accept our Terms of Use and Privacy Policy. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.