POC详情: 8b04af82c273af045c09349a44a4248ba641feda

来源
https://github.com/prodigiousMind/CVE-2023-41425
关联漏洞
标题: WonderCMS 安全漏洞 (CVE-2023-41425)
描述:WonderCMS是一套基于PHP的开源内容管理系统(CMS)。 WonderCMS v.3.2.0版本至v.3.4.2版本存在安全漏洞。攻击者利用该漏洞通过上传到installModule组件的特制脚本执行任意代码。
描述
WonderCMS Authenticated RCE - CVE-2023-41425
介绍
# CVE-2023-41425

## Description
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.

## Working
The attached exploit "exploit.py" performs the following actions:

1. It takes 3 arguments:
   - URL: where WonderCMS is installed (no need to know the password)
   - IP: attacker's Machine IP
   - Port No: attacker's Machine PORT
2. It generates an xss.js file (for reflected XSS) and outputs a malicious link.
3. As soon as the admin (logged user) opens/clicks the malicious link, a few background requests are made without admin acknowledgement to upload a shell via the upload theme/plugin functionality.
4. After uploading the shell, it executes the shell and the attacker gets the reverse connection of the server.

## PoC
![PoC](https://github.com/prodigiousMind/CVE-2023-41425/assets/76691910/5aa2d248-ae5a-4d13-bf48-62b8ee20342d)

## References
1. https://gist.github.com/prodigiousMind/fc69a79629c4ba9ee88a7ad526043413
2. https://github.com/WonderCMS/wondercms/releases/tag/3.4.3
文件快照

 [4.0K]  /data/pocs/8b04af82c273af045c09349a44a4248ba641feda
├── [2.2K]  exploit.py
└── [1.1K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。