-
Notifications
You must be signed in to change notification settings - Fork 51
/
6 - Exploitation
48 lines (32 loc) · 1.16 KB
/
6 - Exploitation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#Search Exploit with google;
site:exploit-db.com "October CMS"
site:github.com "October CMS"
#Search Exploit with searchsploit;
searchsploit OpenSSL
searchsploit OpenSSL | grep --invert-match 'PHP\|Heartbleed\|dos\|windows'
searchsploit -p 41936.txt
cp /usr/share/exploitdb/exploits/php/webapps/41936.txt .
-------------------------------------------------------------------------------------------------------------------------------
#Compiler the exploit
##for Linux;
which gcc
gcc -o kernel-exploit 44298.c
./kernel-exploit
or
dos2unix exploit.sh (very useful ;) )
For more; https://tools.kali.org/reporting-tools/dos2unix
##for Windows;
i686-w64-mingw32-gcc 40564.c -o exploit.exe -lws2_32
-------------------------------------------------------------------------------------------------------------------------------
#Running the Exploit
##Firstly;
chmod +x asd.sh
or
chmod 755 asd.sh
##Later;
./asd.sh
python asd.py
perl asd.pl
ruby asd.rb
php asd.php (php-curl is installed: apt install php-curl)
------------------------------------------------------------------------------------------------------------------------------