Skip to content

deadw0k/sar

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
sar.py
sar.py
 
 

Repository files navigation

sar

This PoC was created while working on the Sar machine in the OFFSEC Proving Grounds Play. The idea stems from the exploit titled Sar2HTML 3.2.1 - Remote Command Execution (https://www.exploit-db.com/exploits/47204).

How to use?

Save the script as sar.py. Then run it from command line. image

The IP address and port in the URL is not hardcoded for ease of use. Please make sure you put your target IP in the command line. After you run it, the command prompt will become kali@kali.

image

From here, you can do your thang.

image

How it works?

Sar2HTML v3.2.1 has a command injection vulnerability in the 'plot' parameter of the web application. This script exploits the vulnerability to execute commands on the target.

Sar2HTML does not validate user input when processing the $plot variable before passing it to PHP's exec function.

image

This is one of my first attempts at this so please be nice :)

About

Exploit that can be used on the Sar machine in Offsec Play

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages