├── .gitignore ├── Dockerfile ├── LICENSE ├── README.md ├── docker-compose.yml ├── glpwnme ├── __init__.py ├── __main__.py ├── exploits │ ├── exceptions.py │ ├── exploit.py │ ├── implementations │ │ ├── __init__.py │ │ ├── cve_2020_15175.py │ │ ├── cve_2022_31061.py │ │ ├── cve_2022_35914.py │ │ ├── cve_2023_41320.py │ │ ├── cve_2023_41323.py │ │ ├── cve_2023_41326.py │ │ ├── cve_2024_27937.py │ │ ├── cve_2024_29889.py │ │ ├── cve_2024_37148.py │ │ ├── cve_2024_37149.py │ │ ├── cve_2024_40638.py │ │ ├── cve_2024_50339.py │ │ ├── cve_2025_24799.py │ │ ├── cve_2025_32786.py │ │ ├── default_password_check.py │ │ ├── php_upload.py │ │ ├── template.py │ │ └── unserialize_order_plugin.py │ ├── logger.py │ ├── metadatas.py │ ├── orchestrator.py │ ├── plugin_exploit.py │ ├── plugins_enum.py │ ├── privileges.py │ ├── requirements.py │ ├── sql_injection_mixin.py │ ├── update_sql_injection_mixin.py │ └── utils │ │ ├── __init__.py │ │ ├── glpi_session.py │ │ ├── glpi_static_files_version.py │ │ └── glpi_utils.py └── input_reader.py ├── images ├── cve_2024_27937_example_glpwnme.png ├── glpwnme_check_all.png └── gui.png ├── payload.js ├── poetry.lock ├── pyproject.toml ├── requirements.txt ├── shell.php └── tables_glpi.sql /.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__/ 2 | log.glpwnme 3 | check_file.py 4 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/Dockerfile -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/README.md -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/docker-compose.yml -------------------------------------------------------------------------------- /glpwnme/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/__init__.py -------------------------------------------------------------------------------- /glpwnme/__main__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/__main__.py -------------------------------------------------------------------------------- /glpwnme/exploits/exceptions.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/exceptions.py -------------------------------------------------------------------------------- /glpwnme/exploits/exploit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/exploit.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/__init__.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2020_15175.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2020_15175.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2022_31061.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2022_31061.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2022_35914.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2022_35914.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2023_41320.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2023_41320.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2023_41323.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2023_41323.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2023_41326.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2023_41326.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2024_27937.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2024_27937.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2024_29889.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2024_29889.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2024_37148.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2024_37148.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2024_37149.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2024_37149.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2024_40638.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2024_40638.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2024_50339.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2024_50339.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2025_24799.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2025_24799.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/cve_2025_32786.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/cve_2025_32786.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/default_password_check.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/default_password_check.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/php_upload.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/php_upload.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/template.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/template.py -------------------------------------------------------------------------------- /glpwnme/exploits/implementations/unserialize_order_plugin.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/implementations/unserialize_order_plugin.py -------------------------------------------------------------------------------- /glpwnme/exploits/logger.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/logger.py -------------------------------------------------------------------------------- /glpwnme/exploits/metadatas.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/metadatas.py -------------------------------------------------------------------------------- /glpwnme/exploits/orchestrator.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/orchestrator.py -------------------------------------------------------------------------------- /glpwnme/exploits/plugin_exploit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/plugin_exploit.py -------------------------------------------------------------------------------- /glpwnme/exploits/plugins_enum.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/plugins_enum.py -------------------------------------------------------------------------------- /glpwnme/exploits/privileges.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/privileges.py -------------------------------------------------------------------------------- /glpwnme/exploits/requirements.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/requirements.py -------------------------------------------------------------------------------- /glpwnme/exploits/sql_injection_mixin.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/sql_injection_mixin.py -------------------------------------------------------------------------------- /glpwnme/exploits/update_sql_injection_mixin.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/update_sql_injection_mixin.py -------------------------------------------------------------------------------- /glpwnme/exploits/utils/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/utils/__init__.py -------------------------------------------------------------------------------- /glpwnme/exploits/utils/glpi_session.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/utils/glpi_session.py -------------------------------------------------------------------------------- /glpwnme/exploits/utils/glpi_static_files_version.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/utils/glpi_static_files_version.py -------------------------------------------------------------------------------- /glpwnme/exploits/utils/glpi_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/exploits/utils/glpi_utils.py -------------------------------------------------------------------------------- /glpwnme/input_reader.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/glpwnme/input_reader.py -------------------------------------------------------------------------------- /images/cve_2024_27937_example_glpwnme.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/images/cve_2024_27937_example_glpwnme.png -------------------------------------------------------------------------------- /images/glpwnme_check_all.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/images/glpwnme_check_all.png -------------------------------------------------------------------------------- /images/gui.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/images/gui.png -------------------------------------------------------------------------------- /payload.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/payload.js -------------------------------------------------------------------------------- /poetry.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/poetry.lock -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/pyproject.toml -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/requirements.txt -------------------------------------------------------------------------------- /shell.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/shell.php -------------------------------------------------------------------------------- /tables_glpi.sql: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Orange-Cyberdefense/glpwnme/HEAD/tables_glpi.sql --------------------------------------------------------------------------------