CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/exploit/unix/misc/qnx_qconn_exec.md
Views: 1904
Description
This module uses the qconn daemon on QNX systems to gain a shell.
The QNX qconn daemon does not require authentication and allows remote users to execute arbitrary operating system commands.
Vulnerable Application
The QNX qconn daemon is a service provider that provides support, such as profiling system information, to remote IDE components.
This module has been tested successfully on:
QNX Neutrino 6.5.0 (x86)
QNX Neutrino 6.5.0 SP1 (x86)
QNX Neutrino 6.5.0 Service Pack 1 is available here:
Verification Steps
Start
msfconsole
use exploit/unix/misc/qnx_qconn_exec
set rhost <IP>
set rport <PORT>
run
You should get a session