IRIS Citations Management Tool – (Authenticated) Remote Command Execution

• Exploit Database
• 35 阅读

• 作者： aeon
  日期： 2013-02-11
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/24480/

• Here is a bug that I finally found time to write about :-)
  
  https://infosecabsurdity.wordpress.com/2013/02/09/iris-citations-management-tool-post-auth-remote-command-execution/
  
  The attached contains my mini framework, exploit and screenshot.
  
  Cheers!
  
  ~ aeon
  
  # I Read It Somewhere (IRIS) <= v1.3 (post auth) Remote Command Execution
  # download: http://ireaditsomewhere.googlecode.com 
  # Notes: 
  # - Found this in my archive, duno how long this has been 0Day for... but I had no use for it obviously.
  # - Yes! ..the code is disgusting, but does the job
  # - Sorry if I ripped your code, it worked for me and I dont reinvent wheels so thank you!
  # ~ aeon (https://infosecabsurdity.wordpress.com/)
  #
  # Exploit requirements:
  # ~~~~~~~~~~~~~~~~~~~~~
  #
  # - A valid account as at least a user
  # - The target to have outgoing internet connectivity
  
  Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/24480.tar.gz