CVE-2018-2636 PoC — Oracle Hospitality Applications Oracle Hospitality Simphony组件安全漏洞

Source

https://github.com/erpscanteam/CVE-2018-2636

Associated Vulnerability

Title:Oracle Hospitality Applications Oracle Hospitality Simphony组件安全漏洞 (CVE-2018-2636)
Description:Oracle Hospitality Applications是美国甲骨文（Oracle）公司的一套用于酒店管理的业务应用程序、服务器和存储解决方案。该方案提供人力资源成本管理、提供客户整个旅途中服务的跟踪管理来提高客户满意度等功能。Oracle Hospitality Simphony是其中的一个基于云的移动餐饮销售组件。 Oracle Hospitality Applications中的Oracle Hospitality Simphony组件2.7版本、2.8版本和2.9版本的Security子组件

Description

ERPScan Public POC for CVE-2018-2636

Readme

# Install
```
$ pip install --user requests argparse unicodedata
```


# Info
POC for CVE-2018-2636.


# Usage example
```
python eGw.py -H 127.0.0.1 -P 8080 -i 
...
[*] Let's get info about server
[!] Your instance is vulnerable to CVE-2018-2636
...
```
# Links
[Oracle Critical Patch Update Advisory January 2018 - CVE-2018-2636](http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html)

[Oracle Micros POS breached again](https://erpscan.com/press-center/blog/oracle-micros-pos-breached/)

File Snapshot


 [4.0K]  /data/pocs/c08c82bd3a2d9651ef9c9aaa6a997ff4287392b3
├── [ 12K]  eGw.py
└── [ 512]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!