https://github.com/v1k1ngfr/exploits-rconfig

Exploit codes for rconfig <= 3.9.4
https://github.com/v1k1ngfr/exploits-rconfig

exploit-code rconfig

Last synced: 11 months ago
JSON representation

Exploit codes for rconfig <= 3.9.4

• Host: GitHub
• URL: https://github.com/v1k1ngfr/exploits-rconfig
• Owner: v1k1ngfr
• Created: 2019-12-02T16:32:45.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2020-03-17T14:01:17.000Z (over 6 years ago)
• Last Synced: 2025-05-30T03:02:15.118Z (about 1 year ago)
• Topics: exploit-code, rconfig
• Language: Python
• Homepage:
• Size: 55.7 KB
• Stars: 11
• Watchers: 2
• Forks: 11
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# exploits

Three exploits for rconfig <= 3.9.4 :

```

CVE-2019-19509 : authenticated RCE

CVE-2019-19585 : Local Privilege Escalation (root)

CVE-2020-10220 : unauthenticated SQLi

rconfig_root_RCE_unauth.py : chaining the three CVEs above to get root reverse shell 

                              without authentication

rconfig_ajaxarchivefiles_rce.rb : Rconfig 3.x - Chained Remote Code Execution

                                  Metasploit Module (EDB : 48223)

```