Skip to content
/ CVE-2019-9193 Public

PoC tool designed to exploit an authenticated Remote Code Execution (RCE) vulnerability in certain versions of PostgreSQL (9.3 - 11.7)

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AxthonyV/CVE-2019-9193

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
GenPostgresRCEExploit.py
GenPostgresRCEExploit.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

EN

GenPostgresRCEExploit is a PoC tool designed to exploit an authenticated Remote Code Execution (RCE) vulnerability in certain versions of PostgreSQL (9.3 - 11.7). It allows authenticated users to execute system commands on a PostgreSQL database server vulnerable to CVE-2019-9193.

Features

  • Exploitation of RCE: Executes system commands through an authenticated PostgreSQL session.
  • Version Check: Checks the version of the target PostgreSQL server to confirm the presence of a vulnerability.
  • Command Execution: Allows user commands to be executed on the server if it is vulnerable.
  • Automatic Table Management: Creates and deletes a temporary table to execute commands without manual intervention.

Requirements

  • Python 3.x
  • PostgreSQL client library (package psycopg2)

Installation

  1. Clone the repository: ``bash git clone https://github.com/AxthonyV/CVE-2019-9193 cd CVE-2019-9193
  2. Install the required packages: 
    pip install -r requirements.txt

Usage

python3 GenPostgresRCEExploit.py -i <target_ip> -p <port> -d <database_name> -U <username> -P <password> -c “<system_command>

Options

  • -i, --ip: IP address of the PostgreSQL server (Default: 127.0.0.1)
  • -p, --port: PostgreSQL server port (Default: 5432)
  • -d, --database: PostgreSQL database name (Default: template1)
  • -U, --user: Username to connect to the PostgreSQL server (Default: postgres)
  • -P, --password: Password to connect to PostgreSQL server (Default: postgres)
  • -c, ---command: System command to be executed on the server
  • -t, --timeout: Connection timeout in seconds (Default: 10)

Example

``bash python3 GenPostgresRCEExploit.py -i 192.168.1.10 -p 5432 -d mydb -U myuser -P mypass -c “whoami”

This example connects to the PostgreSQL server at `192.168.1.10`, authenticates with the provided credentials, and executes the `whoami` command.

## Example output

$ python3 GenPostgresRCEExploit.py -i 192.168.1.10 -p 5432 -d testdb -U postgres -P mypassword -c “whoami”

[+] Connection to PostgreSQL database at 192.168.1.10:5432 [+] Connection successfully established [+] PostgreSQL version check [+] Vulnerable PostgreSQL version detected: 10.4 [+] Temporary table creation: temp_3f8b8f9e2c9c11d7bd8f7c61d4e9eaf2 [+] Command successfully executed

postgres


## Disclaimer
This tool is intended for educational purposes and ethical testing only. Unauthorized use of this tool against any systems is illegal and strictly prohibited. The authors do not take responsibility for any misuse.

# RU
**GenPostgresRCEExploit** is a PoC exploit designed to exploit remote code execution (RCE) vulnerability in certain versions of PostgreSQL (9.3 - 11.7). The program allows authenticated users to execute system commands on a PostgreSQL server vulnerable to CVE-2019-9193.

## Features
- **Exploit RCE**: Execute system commands over an authenticated connection to PostgreSQL.
- **Version Check**: Checks the version of the target PostgreSQL server for vulnerabilities.
- **Command Execution**: Allows arbitrary commands to be executed on the server in the presence of a vulnerability.
- **Table Management**: Automatically creates and deletes a temporary table for command execution.

## Requirements
- Python 3.x
- PostgreSQL client library (`psycopg2` package)

## Installation
1. Clone the repository:
    ```bash
    git clone https://github.com/geniuszly/CVE-2019-9193
    cd CVE-2019-9193
    ```
2. Install the required packages:
    ````bash
    pip install -r requirements.txt
    ```

## Usage
````bash
python3 GenPostgresRCEExploit.py -i <IP address> -p <port> -d <database_name> -U <user> -P <password> -c “<system_command>”

Options

  • -i, --ip: IP address of PostgreSQL server (Default: 127.0.0.1)
  • -p, --port: PostgreSQL server port (Default: 5432)
  • -d, --database: PostgreSQL database name (Default: template1)
  • -U, --user: Username to connect to the PostgreSQL server (Default: postgres)
  • -P, --password: Password to connect to PostgreSQL server (Default: postgres)
  • -c, --command: System command to execute on the server
  • -t, --timeout: Connection timeout in seconds (Default: 10)

Example

python3 GenPostgresRCEExploit.py -i 192.168.1.10 -p 5432 -d mydb -U myuser -P mypass -c “whoami”

In this example, the program connects to the PostgreSQL server at 192.168.1.10, authenticates with the specified credentials, and executes the whoami command.

Example output

$ python3 GenPostgresRCEExploit.py -i 192.168.1.10 -p 5432 -d testdb -U postgres -P mypassword -c “whoami”

[+] Connection to PostgreSQL database at 192.168.1.10:5432
[+] Connection successfully established
[+] PostgreSQL version check
[+] Vulnerable PostgreSQL version detected: 10.4
[+] Temporary table creation: temp_3f8b8f9e2c9c11d7bd8f7c61d4e9eaf2
[+] Command successfully executed

postgres

Disclaimer

This tool is for educational purposes and legal testing only. Unauthorized use of this tool against any systems is illegal and strictly prohibited. The authors are not responsible for any misuse.

About

PoC tool designed to exploit an authenticated Remote Code Execution (RCE) vulnerability in certain versions of PostgreSQL (9.3 - 11.7)

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages