Skip to content

Latest commit

 

History

History
 
 

CVE-2018-9206

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
docker
docker
 
 
CVE-2018-9206.sh
CVE-2018-9206.sh
 
 
README.md
README.md
 
 
list_of_forks_tested.txt
list_of_forks_tested.txt
 
 
test_results.txt
test_results.txt
 
 

README.md

A quick POC for CVE-2018-9206.

This exploit will attempt to find one of the three common variations of the software and upload a simple PHP shell.

alt text

I've done some testing against the 1000 forks of the original code and it seems only 36 were not vulnerable. I found these only required a slight tweak to my exploit to get the majority of them working.

Results are in the file test_results.txt.

Special Thanks to Phackt, @phackt_ul. He refactored the exploit code and added the docker testing environment.

For testing purpose (will create an Apache/PHP docker container with vuln versions of the plugin):
./docker/install.sh

You can examine the docker container with:

root # docker run -it vuln bash