CVE-2021-38647

This repository contains a functional exploit for CVE-2021-38647, an unauthenticated RCE vulnerability in the OMI agent. The exploit sends a crafted SOAP request to execute arbitrary commands as root on vulnerable systems.

This repository contains functional exploit code for CVE-2021-38647, an unauthenticated RCE vulnerability in OMI (Open Management Infrastructure). The Python and PowerShell scripts craft SOAP requests to execute arbitrary commands or scripts on vulnerable systems via the WS-Management protocol.

This repository contains a scanner tool for detecting VMs vulnerable to CVE-2021-38647 (OMIGOD vulnerability) in Azure environments. It performs multiple checks via Azure APIs, including OMS Agent version, Network Security Groups, and optional script execution or attack simulation.

This repository provides a functional proof-of-concept for CVE-2021-38647, an RCE vulnerability in OMI (Open Management Infrastructure) via a crafted POST request to the /wsman endpoint. The exploit leverages a malicious XML payload to execute arbitrary commands (e.g., 'id').

This repository provides a Zeek package for detecting CVE-2021-38647 (OMIGOD) exploit attempts by monitoring for missing Authorization headers in OMI/WMI requests. It includes configurable options for port monitoring, payload capture, and notice generation for incident response.

This repository contains a functional exploit PoC for CVE-2021-38647, an unauthenticated RCE vulnerability in Microsoft's Open Management Infrastructure (OMI). It includes a Dockerfile to set up a vulnerable environment and a Python script to exploit the vulnerability via crafted SOAP requests.

This repository contains a functional Python exploit for CVE-2021-38647, an RCE vulnerability in OMI (Open Management Infrastructure). The exploit leverages SOAP-based WS-Management protocol to execute arbitrary commands via `ExecuteShellCommand` or `ExecuteScript` methods.

The repository lacks actual exploit code and only provides vague instructions to modify a payload without technical details. It references an external GitHub repository and includes promotional links, which are indicators of a potential lure.

This repository contains a functional Ansible playbook that exploits CVE-2021-38647 (OMIGOD) by sending a crafted SOAP request to the OMI management interface on port 5986, allowing remote command execution. The playbook includes setup instructions for a vulnerable environment and a payload delivery mechanism.

This repository contains a functional Go-based exploit for CVE-2021-38647, leveraging a SOAP-based RCE vulnerability in the OMI (Open Management Infrastructure) agent. The exploit sends a crafted SOAP request to execute arbitrary commands on vulnerable systems.

This repository provides a Zeek package for detecting CVE-2021-38647 (OMIGOD) exploit attempts by monitoring for missing Authorization headers in OMI/WMI requests. It includes configurable options for port monitoring, payload capture, and notice generation for incident response.

This repository provides a Zeek package for detecting CVE-2021-38647 (OMIGOD) exploit attempts by monitoring for missing Authorization headers in OMI/WMI requests. It includes configurable options for port monitoring, notice verbosity, and user-agent whitelisting.

This Metasploit module exploits an authentication bypass vulnerability in Microsoft OMI Management Interface (CVE-2021-38647) by sending a crafted SOAP request without authentication headers, allowing remote command execution as root.