Name		Name	Last commit message	Last commit date
parent directory ..
Docker version		Docker version
Script version		Script version
samhain		samhain
use-cases		use-cases
README.md		README.md
exploit.py		exploit.py

README.md

CVE-2019-15641

About

https://nvd.nist.gov/vuln/detail/CVE-2019-15641

PoC / Exploit

https://www.calypt.com/blog/index.php/authenticated-xxe-on-webmin/

Environment used

Ubuntu 18.04.3 LTS
Webmin 1.90

Reproduction

Server

Docker version:

docker run --rm -p 10000:10000 -it simaofsilva/cve-2019-15641

Script version:
```
sudo bash installation.sh
```

Client:

python3 exploit.py --ip SERVER_IP --port 10000 --user test --password qwerty --file FILE

The output will be the content of FILE if system permissions allow.