GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → noraj → Umbraco-RCE

noraj / Umbraco-RCE

Licence: MIT license
Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

Programming Languages

python
139335 projects - #7 most used programming language

Labels

proof-of-conceptexploitumbracopocrceumbraco-cmsumbraco-v7remote-code-executionumbraco7

Projects that are alternatives of or similar to Umbraco-RCE

Penetration testing poc
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+6224.59%)
Mutual labels:  exploit, poc, rce
Uintra
A flexible and lightweight Umbraco based framework, for making an Intranet, Extranet or social platform based on known conventions.
Stars: ✭ 43 (-29.51%)
Mutual labels:  umbraco, umbraco-cms, umbraco-v7
Skybrud.Umbraco.Redirects
Redirects manager for Umbraco.
Stars: ✭ 31 (-49.18%)
Mutual labels:  umbraco, umbraco-cms, umbraco-v7
Poc
Proofs-of-concept
Stars: ✭ 467 (+665.57%)
Mutual labels:  proof-of-concept, exploit, poc
Ciscoexploit
Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
Stars: ✭ 73 (+19.67%)
Mutual labels:  exploit, poc, rce
Commodity Injection Signatures
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (+337.7%)
Mutual labels:  exploit, poc, rce
Exploit-Development
Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Stars: ✭ 84 (+37.7%)
Mutual labels:  exploit, poc, rce
Cve 2019 1003000 Jenkins Rce Poc
Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Stars: ✭ 270 (+342.62%)
Mutual labels:  exploit, poc, rce
Cve 2019 0708 Tool
A social experiment
Stars: ✭ 87 (+42.62%)
Mutual labels:  exploit, poc, rce
PwnX.py
🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-50.82%)
Mutual labels:  exploit, rce, remote-code-execution
poc-github-actions
Various proofs of concept examples using Github Actions 🤖
Stars: ✭ 103 (+68.85%)
Mutual labels:  proof-of-concept, poc
dheater
D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (+132.79%)
Mutual labels:  exploit, poc
Proof Of Concepts
A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Stars: ✭ 148 (+142.62%)
Mutual labels:  proof-of-concept, poc
Spectre Meltdown Poc
A semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities
Stars: ✭ 127 (+108.2%)
Mutual labels:  proof-of-concept, exploit
SAP vulnerabilities
DoS PoC's for SAP products
Stars: ✭ 47 (-22.95%)
Mutual labels:  exploit, rce
exprolog
ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Stars: ✭ 131 (+114.75%)
Mutual labels:  poc, rce
PoC-Bank
Focus on cybersecurity | collection of PoC and Exploits
Stars: ✭ 83 (+36.07%)
Mutual labels:  exploit, poc
Gopoc
用cel-go重现了长亭xray的poc检测功能的轮子
Stars: ✭ 124 (+103.28%)
Mutual labels:  proof-of-concept, poc
iota-mqtt-poc
IOTA Proof of Concept, store MQTT messages on the tangle.
Stars: ✭ 40 (-34.43%)
Mutual labels:  proof-of-concept, poc
PocOrExp in Github
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
Stars: ✭ 544 (+791.8%)
Mutual labels:  exploit, poc
View All Similar Projects ➔

Umbraco RCE exploit / PoC

Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

[EDB-49488] [PacketStorm] [WLB-2020080012]

Usage

$ python exploit.py -h
usage: exploit.py [-h] -u USER -p PASS -i URL -c CMD [-a ARGS]

Umbraco authenticated RCE

optional arguments:
  -h, --help                 show this help message and exit
  -u USER, --user USER       username / email
  -p PASS, --password PASS   password
  -i URL, --host URL         root URL
  -c CMD, --command CMD      command
  -a ARGS, --arguments ARGS  arguments

Examples:

$ python exploit.py -u [email protected] -p password123 -i 'http://10.0.0.1' -c ipconfig
$ python exploit.py -u [email protected] -p password123 -i 'http://10.0.0.1' -c powershell.exe -a '-NoProfile -Command ls'

Requirements

Example for ArchLinux:

pacman -S python-beautifulsoup4 python-requests

Example using pip:

pip3 install -r requirements.txt

Reference

This is a better re-write of EDB-ID-46153 using arguments (instead of harcoded values) and with stdout display.

Tested with python 3.8.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].