CVE-2023-30943 PoC — Moodle 安全漏洞

Source

https://github.com/d0rb/CVE-2023-30943

Associated Vulnerability

Title:Moodle 安全漏洞 (CVE-2023-30943)
Description:Moodle是一套免费、开源的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle存在安全漏洞，该漏洞源于允许用户控制要在TinyMCE加载程序中创建的旧文件的路径，远程用户可以发送特制的HTTP请求并在系统上创建任意文件夹。

Description

CVE-2023-30943  RCE PoC

Readme

<div align="center">
    
 #  🇮🇱  **#BringThemHome #NeverAgainIsNow**   🇮🇱

**We demand the safe return of all citizens who have been taken hostage by the terrorist group Hamas. We will not rest until every hostage is released and returns home safely. You can help bring them back home.
https://stories.bringthemhomenow.net/**

# CVE-2023-30943
# Moodle Vulnerabilities Exploits


This repository contains combined exploits for two vulnerabilities in Moodle, a widely used open-source learning management system (LMS). The exploits leverage the vulnerabilities to demonstrate Unauthenticated Arbitrary Folder Creation leading to Stored Cross-Site Scripting (XSS) and Self-XSS leading to Account Takeover. Please note that these exploits are provided for educational purposes and should not be used for malicious intent.

## Exploits Overview

### Unauthenticated Arbitrary Folder Creation leading to Stored XSS

Exploit 1 takes advantage of the Unauthenticated Arbitrary Folder Creation vulnerability in Moodle versions 4.1.x before 4.1.3 and 4.2.x before 4.2.0. It showcases how an attacker can create arbitrary folders on the server, leading to Stored XSS. The exploit demonstrates how an attacker can inject malicious code that will be executed when an administrator visits certain panels.

### Self-XSS leading to Account Takeover

Exploit 2 focuses on the Self-XSS vulnerability in Moodle versions before 4.2.2, 4.1.5, 4.0.10, 3.11.16, and 3.9.23. This exploit illustrates how an attacker can craft a malicious link that, when clicked by a victim, triggers Self-XSS. This can potentially lead to an Account Takeover scenario, allowing the attacker to gain control over the victim's account.

## Usage

1. Set up a Moodle instance with the specified vulnerable versions.
2. Customize the placeholder values in the exploits (e.g., `$rev`, `$filepath`, etc.) to match your environment.
3. Execute the combined exploit script, which simulates both vulnerabilities and demonstrates the exploitation process.

Please remember to use these exploits responsibly and only in controlled environments to understand the security risks involved and improve your knowledge of cybersecurity.

## Disclaimer

These exploits are provided for educational purposes only. The intention is to demonstrate how vulnerabilities can be exploited for educational and security awareness purposes. Please refrain from using these exploits for any malicious activities.
</div>

File Snapshot


 [4.0K]  /data/pocs/39ddd95dc07aabc96b0ddaf06d090660ce1883f0
├── [2.6K]  PoC.php
└── [2.4K]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!