czwartek, 26 marca 2020

Postauth RCE in Symantec Web Gateway

Last time I decided to check Symantec Web Gateway (version I tried was 5.0.2.8). Below you will find few notes from the journey. Here we go...
Today we'll start here:






In this document I described the way to exploit the bug I found (for postauth users) in Symantec Web Gateway (v.5.0.2.8). Quick intro for created 10 pages PDF:

Reader will be able to reproduce the attack 'step-by-step' to achieve similar results as presented on the screen below:



Yes, webshell. But don't worry. I also described quick way to get root. ;)



I hope you'll find IT useful.

See you next time!



Special thanks to my new Patrons:
- Daniel
- julianvolodia

Thank you! You are AWSOME! ;)


Cheers








2 komentarze:

  1. Hi, Nice find
    How i can finding Symantec Web Gateways in shodan.io or google?!

    OdpowiedzUsuń
  2. There is a simple old known way: write an email to hacktheplanet @ fbi .gov with the same question.
    They will answer during next 24h. ;)

    Thanks for watching.

    OdpowiedzUsuń