Mirrors_BOOKS/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2026-05-09 22:37:49 +08:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity

add CVE-2019-0211-apache

Browse Source
This commit is contained in:
mr-xn
2019-09-30 20:41:26 +08:00
parent ec73a27cef
commit 94419ee1da
2 changed files with 822 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CVE-2019-0211-apache/README.md
+25
View File
@@ -0,0 +1,25 @@
# CARPE (DIEM): CVE-2019-0211 Apache Root Privilege Escalation
This is a local root exploit for Apache HTTPd.
Details [here](https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html).
This is a POC. It might fail for a dozen of reasons. PR welcome.
# Targets
The exploit has been tested and works on:
#### Ubuntu 18.04.2 LTS
PHP : 7.1.27-1 / 7.2.15-0 / 7.3.3-1<br />
Apache : Apache/2.4.29 (Ubuntu), build 2018-03-02T02:19:31
#### Ubuntu 16.04.6 LTS
PHP : 7.1.27-1 / 7.2.16-1 / 7.3.3-1<br />
Apache : Apache/2.4.18 (Ubuntu), build 2016-04-15T18:00:57
#### Debian GNU/Linux 9.8 (stretch)
PHP : 7.1.27-1 / 7.2.16-1 / 7.3.3-1<br />
Apache : Apache/2.4.25 (Debian), build 2018-11-03T18:46:19
(latest version when debian-security repo is disabled)
From:https://github.com/cfreal/exploits/tree/master/CVE-2019-0211-apache
CVE-2019-0211-apache/cfreal-carpediem.php
+797
View File
File diff suppressed because it is too large Load Diff