PyLoader (Intermediate, linux, 2023) -- pyLoader 0.5.0

[WDavid404]

Keypoints:

• login with pyload:ploady
• pyLoader 0.5.0 -- https://github.com/JacobEbben/CVE-2023-0297

[WDavid404]

PORT     STATE SERVICE REASON         VERSION
22/tcp   open  ssh     syn-ack ttl 61 OpenSSH 8.9p1 Ubuntu 3ubuntu0.1 (Ubuntu Linux; protocol 2.0)

9666/tcp open  http    syn-ack ttl 61 CherryPy wsgiserver
| http-title: Login - pyLoad 
|_http-server-header: Cheroot/8.6.0

9666/tcp --> Login with pyload:ploady --> succeed. (Reference for default credential: https://pypi.org/project/pyload-ng/)

/info --> pyLoader v0.5.0

search exploit info for pyLoader 0.5.0 -->

• PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)
• https://github.com/JacobEbben/CVE-2023-0297

Use github exploit py file --》 it works! and we got a reverse shell as root user !!!