kodbox v1.26 has a command execution vulnerability
official website:https://kodcloud.com/
version:1.26
1.After setting up the environment, download the WebConsole plug-in
Find routing is/plugins/webConsole/lib/index. The PHP
- Index.php starts with check() for login authentication, and includes./webconsole.php.txt at the bottom, so the last file included is the key
4.Analyze webconsole.php.txt and delete the.txt suffix for auditing purposes,If POST instantiates the WebConsoleRPCServer class, call the Execute() method in the class through $rpc_server.
The processCall() method is invoked in Execute() to follow up processCall
There are five parameters in params, the last of which is the command to execute
5.The console directly executes system commands









