Skip to content

julio-cfa/PoC-IPFire-2.19-OINKCODE-Remote-Code-Execution-EXPLOIT

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 

Repository files navigation

IPFire 2.19 - OINKCODE Authenticated Remote Code Execution (RCE)

IPFire, a free linux based open source firewall distribution, version prior to 2.19 Update Core 110 contains a remote command execution vulnerability in the ids.cgi page in the OINKCODE field.

This is a very simple implementation of the OINKCODE RCE in Python 2.7 that I wrote for a lab that I was working on and I decided to share it on Github. Just clone the repository or download the raw .py file and run the exploit.


Executing the exploit:

Getting a reverse shell:


For more information, refer to:

https://www.exploit-db.com/exploits/42149

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages