.. / CVE-2021-38647

Exploit for Microsoft Open Management Infrastructure - Remote Code Execution (CVE-2021-38647)

Description:

Microsoft Open Management Infrastructure is susceptible to remote code execution (OMIGOD).

Proof of Concept

PoC exploit

https://github.com/AlteredSecurity/CVE-2021-38647 (Python)

Nuclei Template

View the template here CVE-2021-38647.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-38647.yaml

Try the exploit in a lab environment:

Lab	Machine	Link
Hack The Box	Jarmis	Go to Practice

References:

https://nvd.nist.gov/vuln/detail/CVE-2021-38647
https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azure
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38647
https://attackerkb.com/topics/08O94gYdF1/cve-2021-38647
https://github.com/microsoft/omi
https://censys.io/blog/understanding-the-impact-of-omigod-cve-2021-38647/