Skip to content

Y1LD1R1M-1337/Limesurvey-RCE

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
December 5, 2021 19:01
December 5, 2021 18:41
December 5, 2021 18:42
December 9, 2021 14:04
December 5, 2021 18:42

Limesurvey-RCE

LimeSurvey Authenticated RCE Proof of Concept:

  1. Create your files (config.xml and php reverse shell files)
  2. Create archive with these files
  3. Login with credentials
  4. Go Configuration -> Plugins -> Upload & Install
  5. Choose your zipped file
  6. Upload
  7. Install
  8. Activate plugin
  9. Start your listener
  10. Go url+{upload/plugins/#Name/#Shell_file_name}
  11. Get reverse shell :shipit:

You can use exploit.py for automatic exploitation.

Usage: python exploit.py URL username password port

Example Usage: python exploit.py http://192.26.26.128/limesurvey admin password 80

About

LimeSurvey Authenticated RCE

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published