Skip to content

Boomingjacob/ZZCMS2021

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 

ZZCMS2021

Location

http://www.zzcms2021.com/index.php

Affected Products

ZZCMS2021

Poc

1.Set up ZZCMS and access the default page normally: http://www.zzcms2021.com/index.php
    LINK: https://github.com/Boomingjacob/ZZCMS2021/blob/main/1.png
2.Construct three HTM files containing malicious code named "bottom.htm", "index.htm", "top_index.htm". And then somehow upload it to the server on any path. For example, you can upload malicious files to the wordpress path through a CMS such as wordpress. Of course, you can upload anywhere on the server in some way, but not anywhere in the Apache directory.
    LINK: https://github.com/Boomingjacob/ZZCMS2021/blob/main/2-1.png
3.Intercept current access information with Burpsuite, modify request lines, and add parameters “skin=../../wordpress0581”,then continue to submit.
    LINK: https://github.com/Boomingjacob/ZZCMS2021/blob/main/3.png
4.At this point, you can see that "Success" pops up on the page, and click OK to pop up the user's cookie information saved in the current directory.
    LINK: https://github.com/Boomingjacob/ZZCMS2021/blob/main/4.png; https://github.com/Boomingjacob/ZZCMS2021/blob/main/5.png

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published