r1b / Cve 2017 13089
PoC for wget v1.19.1
Stars: ✭ 50
Programming Languages
shell
77523 projects
Projects that are alternatives of or similar to Cve 2017 13089
Http Client
A high-performance, high-stability, cross-platform HTTP client.
Stars: ✭ 86 (+72%)
Mutual labels: wget
Instagram Stalker Scraper
(UNMAINTAINED) Fetch data of any public Instagram profile, without using api
Stars: ✭ 39 (-22%)
Mutual labels: wget
Insideheartz Whatsapp Bot
A multipurpose whatsapp bot buillt on node.js
Stars: ✭ 102 (+104%)
Mutual labels: wget
Google Group Crawler
Get (almost) original messages from google group archives. Your data is yours.
Stars: ✭ 190 (+280%)
Mutual labels: wget
fetchurls
A bash script to spider a site, follow links, and fetch urls (with built-in filtering) into a generated text file.
Stars: ✭ 97 (+94%)
Mutual labels: wget
Gdown
Download a large file from Google Drive (curl/wget fails because of the security notice).
Stars: ✭ 962 (+1824%)
Mutual labels: wget
Pillager
A wget script that makes pillaging websites much easier.
Stars: ✭ 107 (+114%)
Mutual labels: wget
Bitextor
Bitextor generates translation memories from multilingual websites.
Stars: ✭ 168 (+236%)
Mutual labels: wget
wget-lua
Wget-AT is a modern Wget with Lua hooks, Zstandard (+dictionary) WARC compression and URL-agnostic deduplication.
Stars: ✭ 52 (+4%)
Mutual labels: wget
Rsget
A simple command line utility to download a remote file, similar to wget. This is not intended to be a full feature wget replacement but a simple tool to test few Rust crates.
Stars: ✭ 98 (+96%)
Mutual labels: wget
Xidel
Command line tool to download and extract data from HTML/XML pages or JSON-APIs, using CSS, XPath 3.0, XQuery 3.0, JSONiq or pattern matching. It can also create new or transformed XML/HTML/JSON documents.
Stars: ✭ 335 (+570%)
Mutual labels: wget
Archivebox
🗃 Open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more...
Stars: ✭ 12,383 (+24666%)
Mutual labels: wget
squirrel
Like curl, or wget, but downloads directly go to a SQLite databse
Stars: ✭ 24 (-52%)
Mutual labels: wget
dePAC
seamless Proxy Auto-Config (a.k.a. Web Proxy Auto Discovery) for CLI apps
Stars: ✭ 26 (-48%)
Mutual labels: wget
CVE-2017-13089
wget v1.19.1 for exploit dev.
NOTE
This is not a working exploit - under development.
Usage
# Build the container
docker build -t cve201713089 .
# OR ...
docker pull robertcolejensen/cve201713089
# Play around in the container, `src` will be mounted at `/opt/CVE-2017-13089/src`
./run.sh
# Develop an exploit, runs `gdb` with external debugging symbols loaded
./run.sh dev
# Run the included DoS PoC
./run.sh dos
# Run the included exploit PoC (wip)
./run.sh exploit
Notes
For maximum FUN I have done the following:
- Enabled executable stack flag in wget:
execstack -s /usr/local/bin/wget
- Disabled stack canaries in wget:
CFLAGS="-fno-stack-protector $CFLAGS"
- Disabled ASLR on the docker host:
docker-machine ssh security-vm 'sudo sysctl -w kernel.randomize_va_space=0'
- Generated external debug symbols for exploit dev
You should duplicate the ASLR change on your own Docker host - the other changes are in the Dockerfile.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].