关联漏洞
标题:
CMS Made Simple SQL注入漏洞
(CVE-2019-9053)
描述:CMS Made Simple(CMSMS)是CMSMS团队的一套开源的内容管理系统(CMS)。该系统支持基于角色的权限管理系统、基于向导的安装与更新机制、智能缓存机制等。 CMSMS 2.2.8版本中存在SQL注入漏洞,该漏洞源于基于数据库的应用缺少对外部输入SQL语句的验证。攻击者可利用该漏洞执行非法SQL命令。
描述
This exploit targets an unauthenticated SQL injection vulnerability in CMS Made Simple <= 2.2.9 (CVE-2019-9053). It uses a time-based blind SQL injection to extract the username, email, and password hash from the database. Additionally, it supports password cracking using a wordlist.
介绍
# CMS Made Simple <= 2.2.9 SQL Injection Exploit (CVE-2019-9053)
📌 Description
This exploit targets an unauthenticated SQL injection vulnerability in CMS Made Simple <= 2.2.9 (CVE-2019-9053). The vulnerability allows attackers to extract sensitive information such as username, email, password hash, and salt via a time-based blind SQL injection.
Additionally, the exploit supports password cracking using a provided wordlist.
# 🚀 Features
Unauthenticated SQL Injection
Extracts Username, Email, and Password Hash
Retrieves Password Salt
Supports Password Cracking via Wordlist (Optional)
Uses Time-Based Blind SQL Injection
# 🔧 Installation
Clone the repository:
```bash
git clone https://github.com/hf3cyber/CMS-Made-Simple-2.2.9-Unauthenticated-SQL-Injection-Exploit-CVE-2019-9053-.git
cd CMS-Made-Simple-2.2.9-Unauthenticated-SQL-Injection-Exploit-CVE-2019-9053-
```
# ⚡ Usage
Basic Exploitation
```bash
python3 exploit.py -u http://target.com/cms
```
Exploitation with Password Cracking
```bash
python3 exploit.py -u http://target.com/cms -c -w /usr/share/wordlist/rockyou.txt
```
# 📦 Requirements
Python 3
requests module (pip install requests)
termcolor module (pip install termcolor)
# 🔒 Mitigation
To protect against this vulnerability, upgrade CMS Made Simple to the latest secure version and ensure proper input sanitization with prepared statements.
# ⚠️ Disclaimer
This exploit is for educational and authorized penetration testing purposes only. Misuse of this script for unauthorized access is illegal. The author is not responsible for any misuse or damage caused.
# 📜 License
This project is licensed under the MIT License. See the [](https://github.com/hf3cyber/CMS-Made-Simple-2.2.9-Unauthenticated-SQL-Injection-Exploit-CVE-2019-9053-/blob/main/LICENSE)
file for details.
🤝 Contributing
Contributions are welcome! Feel free to open an issue or submit a pull request to improve the script.
文件快照
[4.0K] /data/pocs/e34c72f9bf51eb74972eb0c998aa31552cfc4cb7
├── [3.9K] exploit.py
├── [1.0K] LICENSE
└── [2.1K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。