CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/exploit/multi/http/freenas_exec_raw.md
Views: 1904
Vulnerable Application
This module exploits an arbitrary command execution flaw in FreeNAS 0.7.2 < rev.5543. When passing a specially formatted URL to the exec_raw.php page, an attacker may be able to execute arbitrary commands.
NOTE: This module works best with php/meterpreter payloads.
Verification Steps
Install the application
Start msfconsole
Do:
use exploit/multi/http/freenas_exec_raw
Do:
set rhost [ip]
Do:
run
You should get a shell.