Skip to content

Instantly share code, notes, and snippets.

View sinfulz's full-sized avatar
💩
Pooping!

sinfulz sinfulz

💩
Pooping!
View GitHub Profile
@sinfulz
sinfulz / .tmux.conf
Last active October 16, 2020 00:11
Ippsec's .tmux.conf file from https://www.youtube.com/watch?v=Lqehvpe_djs
# Remap prefix to screens
set -g prefix C-a
bind C-a send-prefix
unbind C-b
# Quality of line stuff
set -g history-limit 10000
set -g allow-rename off
@sinfulz
sinfulz / CVE-2019-17501.txt
Last active September 13, 2020 14:22
CVE-2019-17501 - Centreon 19.04 Authenticated RCE
Centreon 19.04 allows attackers to execute arbitrary OS commands via the Command Line field
of main.php?p=60807&type=4 (aka the Configuration > Commands > Discovery screen).
------------------------------------------
[Additional Information]
Once one has logged into Centreon:
1. navigate to: Configuration > Commands > Discovery OR http://ip-address/centreon/main.php?p=60807&type=4
2. in the "Command Line" section put a command: e.g. "cat /etc/passwd" without quotes.
@sinfulz
sinfulz / proof
Created August 15, 2019 13:41
proof
### Keybase proof
I hereby claim:
* I am sinfulz on github.
* I am sinfulz (https://keybase.io/sinfulz) on keybase.
* I have a public key ASAIN_yZRtaA0eeOArIx_slbk4JImcaiwNl9UZui94676Ao
To claim this, I am signing this object: