daily pastebin goal
49%
SHARE
TWEET

[JUMPSCALE EXPLOT LOADER][PRIVATE]31/10

xB4ckdoorREAL Nov 7th, 2018 136 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #DISCORD: https://discord.gg/QDy3bUy  Skype: b4ckdoor.porn [For max 650gbps spots/private source and fresh exploit ! ]
  2.  
  3. ##CVE:  Exploit discovered: 31/10
  4. GIG Technology NV JumpScale Portal 7 version before commit 15443122ed2b1cbfd7bdefc048bf106f075becdb contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in method: notifySpaceModification; that can result in Improper validation of parameters results in command execution. This attack appear to be exploitable via Network connectivity, required minimal auth privileges (everyone can register an account). This vulnerability appears to have been fixed in After commit 15443122ed2b1cbfd7bdefc048bf106f075becdb.
  5.  
  6. exploit builded !, join my discord to more information
  7.  
  8. Little description if you are able to own this for you skidz.
  9.  
  10. In method. https://github.com/jumpscale7/jumpscale_portal/blob/c997bb1824862b08246d60e34e950df06ebac68c/apps/portalbase/system/system__contentmanager/methodclass/system_contentmanager.py#L293-L315 we can send any text in owner field that will be added to the command cmd="cd /opt/code/%s/%s;hg pull;hg update -C"%(owner,name) and executed after string formatting.
  11.  
  12. Using ;{cmd}# as owner we can execute any command on server
  13.  
  14. It was fixed by removing old methods: https://github.com/jumpscale7/jumpscale_portal/pull/108
  15.  
  16. You can see reverse shell at issue on git with payload: https://github.com/0-complexity/openvcloud/issues/1207
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top