Exploits / Vulnerability Discovered : 2022-05-11 |
Type : webapps |
Platform : php
This exploit / vulnerability Bitrix24 remote code execution (rce) (authenticated) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Bitrix24 - Remote Code Execution (RCE) (Authenticated)
# Date: 4/22/2022
# Exploit Author: picaro_o
# Vendor Homepage: https://www.bitrix24.com/apps/desktop.php
# Tested on: Linux os
#/usr/bin/env python
#Created by heinjame
import requests
import re
from bs4 import BeautifulSoup
import argparse,sys