CVE-2018-1111

This Metasploit module exploits CVE-2018-1111 (DynoRoot), a command injection vulnerability in the DHCP client's NetworkManager integration script in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier. It acts as a malicious DHCP server to inject arbitrary commands with root privileges via crafted DHCP options.

This exploit leverages a DHCP client command injection vulnerability (CVE-2018-1111) in NetworkManager on RHEL/CentOS systems. It crafts a malicious DHCP response with an injected payload (default: reverse shell) to achieve remote code execution when a vulnerable client processes the response.

This PoC exploits CVE-2018-1111, a DHCP client command injection vulnerability in NetworkManager. The attacker script sets up a malicious DHCP server with a payload that triggers a reverse shell, while the victim script simulates a vulnerable client connecting to it.

This repository contains a working exploit for CVE-2018-1111, a DHCP client command injection vulnerability in Red Hat Enterprise Linux and CentOS. The exploit leverages a malicious DHCP server to inject arbitrary commands via DHCP options, achieving remote code execution with root privileges.

This repository contains a proof-of-concept exploit for CVE-2018-1111 (DynoRoot), a command injection vulnerability in the DHCP client implementation of Fedora and RedHat systems. The exploit leverages a rogue DHCP server to inject malicious payloads into DHCP options, which are then executed with root privileges on the victim machine.

This Metasploit module exploits CVE-2018-1111 (DynoRoot), a command injection vulnerability in the DHCP client's NetworkManager integration script in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier. It leverages a malicious DHCP server or spoofed DHCP responses to execute arbitrary commands with root privileges.