goofsec / omigod Public

Notifications You must be signed in to change notification settings
Fork 0
Star 1

Quick and dirty CVE-2021-38647 (Omigod) exploit written in Go.

1 star 0 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
Readme.md		Readme.md
main.go		main.go

Repository files navigation

CVE-2021-38647: Omigod

Another exploit for Omigod written quick and dirty in Go.

The exploit uses and is based on:

the research by wiz: https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azure
the SOAP payload by midoxnet: https://github.com/midoxnet/CVE-2021-38647
the Python Proof of Concept by horizon3ai: https://github.com/horizon3ai/CVE-2021-38647

Usage

Usage:   go run main.go <IP> <command>
Example: go run main.go 192.168.2.115 'cat /etc/shadow/'

About

Quick and dirty CVE-2021-38647 (Omigod) exploit written in Go.

Report repository

Languages

Go 100.0%