This Proof-of-Concept(PoC) exploit is inspired from a CTF web challenge called CVE 1999
in HKCERT CTF 2022. (Writeup link)
Description: In Matt Wright Guestbook <= 2.3.1, there is a Server-Side Include injection vulnerability that allows unauthenticated user to execute arbitrary code. Original author: Patrick Original Exploit-DB link: https://www.exploit-db.com/exploits/9907
The Matt Wright
guestbook.pl
<= v2.3.1 CGI script contains a flaw that may allow arbitrary command execution. The vulnerability requires that HTML posting is enabled in theguestbook.pl
script, and that the web server must have the Server-Side Include (SSI) script handler enabled for the '.html
' file type. By combining the script weakness with non-default server configuration, it is possible to exploit this vulnerability successfully. (From Exploit-DB)
wget https://raw.githubusercontent.com/siunam321/CVE-1999-1053-PoC/main/CVE-1999-1053-PoC.py
-u
or--url
to supply the target full URL-p
or--payload
to supply the payload