CVE-2020-8816 PoC — Pi-hole 操作系统命令注入漏洞

Source

https://github.com/AndreyRainchik/CVE-2020-8816

Associated Vulnerability

Title:Pi-hole 操作系统命令注入漏洞 (CVE-2020-8816)
Description:Pi-hole是Pi-hole公司的一款网络级广告拦截应用程序。 Pi-hole Web interface 4.3.2及之前版本中存在安全漏洞。攻击者可利用该漏洞执行任意命令。

Description

A Python script to exploit CVE-2020-8816, a remote code execution vulnerability on the Pi-hole

Readme

# CVE-2020-8816
A Python script to exploit CVE-2020-8816, a remote code execution vulnerability on the Pi-hole.

This script uses the techniques found by [François Renaud-Philippon](https://natedotred.wordpress.com/2020/03/28/cve-2020-8816-pi-hole-remote-code-execution/) to achieve remote code execution on a [Pi-hole](https://pi-hole.net/) running a web interface version less than 4.3.3. The exploit requires the path for the www-data user to be `/opt/pihole:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin`.

```
> python3 .\CVE-2020-8816.py -h
usage: CVE-2020-8816.py [-h] url password ip port

Receive a reverse shell on a Pi-hole with access to the admin web console

positional arguments:
  url         The URL of the Pi-hole console
  password    The admin password for the Pi-hole console
  ip          The IP address for the reverse shell to connect to
  port        The port for the reverse shell to connect to

optional arguments:
  -h, --help  show this help message and exit
```

![The script in action](example.gif "The script in action")

File Snapshot


 [4.0K]  /data/pocs/3e6c8a6e4c901f3a8fdf4dac210ab96127088485
├── [5.1K]  CVE-2020-8816.py
├── [742K]  example.gif
└── [1.0K]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!