boy-hack
commented
5 years ago set target http://10.9.8.24:8080
注意最后不要加/,可能是这个问题,稍后会更新poc解决此问题
Closed BeingEasy closed 5 years ago
boy-hack
commented
5 years ago set target http://10.9.8.24:8080
注意最后不要加/,可能是这个问题,稍后会更新poc解决此问题
Pocsuite3 > list
+-------+----------------------------------------------+-------------------------------------------------------------------- ------+ | Index | Path | Name | +-------+----------------------------------------------+-------------------------------------------------------------------- ------+ | 0 | pocs/thinkphp_rce | ThinkPHP 5.x (v5.0.23及v5.1.31以下版本) 远程命令执行漏洞利用(GetSh ell) | | 1 | pocs/ecshop_rce | Ecshop 2.x/3.x Remote Code Execution | | 2 | pocs/drupalgeddon2 | Drupal core Remote Code Execution | | 3 | pocs/libssh_auth_bypass | libssh CVE-2018-10933 身份验证绕过漏洞
此处使用了Vulhub - Docker-Compose file for vulnerability environment https://vulhub.org/#/environments/drupal/CVE-2018-7600/搭建的漏洞环境。使用vulhub文档中给出的poc测试复现成功,使用pocsuite3如下图:
Pocsuite3 (pocs/drupalgeddon2) > run [10:37:58] [INFO] pocsusite got a total of 1 tasks [10:37:58] [INFO] running poc:'Drupal core Remote Code Execution' target 'http://10.9.8.24:8080/'
+------------------------+-----------------------------------+--------+-----------+---------+--------+ | target-url | poc-name | poc-id | component | version | status | +------------------------+-----------------------------------+--------+-----------+---------+--------+ | http://10.9.8.24:8080/ | Drupal core Remote Code Execution | 97207 | Drupal | | failed | +------------------------+-----------------------------------+--------+-----------+---------+--------+ success : 0 / 1