Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jsmoreira02/sar2html_exploit

Exploit the Sar2HTML RCE vulnerability and also perform a Shell Upload on the target
https://github.com/jsmoreira02/sar2html_exploit

cybersecurity exploit hacking python3 reverse-shell vulnerability web-exploitation

Last synced: about 9 hours ago
JSON representation

Exploit the Sar2HTML RCE vulnerability and also perform a Shell Upload on the target

Host: GitHub
URL: https://github.com/jsmoreira02/sar2html_exploit
Owner: Jsmoreira02
License: mit
Created: 2023-06-17T01:55:16.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-04-19T18:13:39.000Z (7 months ago)
Last Synced: 2024-04-19T19:31:02.660Z (7 months ago)
Topics: cybersecurity, exploit, hacking, python3, reverse-shell, vulnerability, web-exploitation
Language: Python
Homepage:
Size: 29.3 KB
Stars: 2
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Sar2HTML Exploit | Reverse shell

The index.php script in Sar2HTML 3.2.1 is vulnerable to remote command execution. The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted HTTP request. A remote attacker may be able to exploit this to execute arbitrary commands within the context of the application, via a crafted HTTP request.

> "This Vulnerability could allow a remote attacker to execute arbitrary commands on the system, caused by a commend injection flaw in the index.php script. By sending specially-crafted commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system."

#### This script has two ways of exploiting the vulnerability. Use with ethics and wisdom:
--------------------------------------------------------

### 1 - Command Injection
Sends GET requests, using the ?plot parameter to inject Linux Commands and then returns the output of the command. To pass more complex commands or commands with arguments, use quotation marks "".

![commandinject-ezgif com-video-to-gif-converter](https://github.com/Jsmoreira02/sar2HTML_exploit/assets/103542430/99b1fc1d-050a-4b20-87b3-da25a5f35159)

### 2 - Reverse Shell Injection
Remotely uploads a reverse shell to the user's machine using the same command injection method, but opens a mini HTTP server on the local machine for the transfer.

![shellmode-ezgif com-video-to-gif-converter](https://github.com/Jsmoreira02/sar2HTML_exploit/assets/103542430/f1403c98-6859-46bc-ad2d-9fe21199e30c)

### Lab for vulnerability testing

- [VulnHub](https://www.vulnhub.com/entry/sar-1,425/)
- [TryHackMe](https://tryhackme.com/r/room/boilerctf2)

# Warning:
> I am not responsible for any illegal use or damage caused by this tool. It was written for fun, not evil and is intended to raise awareness about cybersecurity.

***Have a good hack :D***