Skip to content

Instantly share code, notes, and snippets.

View romankis95's full-sized avatar
🕶️
A little bit tired

Roman Kis romankis95

🕶️
A little bit tired
  • Gruppo Mutui Online
  • Milan, Italy
  • 09:44 (UTC +01:00)
  • LinkedIn in/romankis
View GitHub Profile
@momenbasel
momenbasel / saltstack.py
Created October 2, 2020 13:48
edited Saltstack 3000.1 - Remote Code Execution
# Exploit Title: Saltstack 3000.1 - Remote Code Execution
# Date: 2020-05-04
#edited: 2020-10-02
#the edit: instead of testing locally --first--, making it testing remotely
# Exploit Author: Jasper Lievisse Adriaanse
# Vendor Homepage: https://www.saltstack.com/
# Version: < 3000.2, < 2019.2.4, 2017.*, 2018.*
# Tested on: Debian 10 with Salt 2019.2.0
# CVE : CVE-2020-11651 and CVE-2020-11652
# Description: Saltstack authentication bypass/remote code execution