CVE-2021-36394 PoC — Moodle 代码注入漏洞

Source

https://github.com/dinhbaouit/CVE-2021-36394

Associated Vulnerability

Title:Moodle 代码注入漏洞 (CVE-2021-36394)
Description:Moodle是一套免费、开源的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle 存在代码注入漏洞，该漏洞源于Shibboleth认证插件的输入验证不正确。远程攻击者可利用该漏洞发送专门设计的请求，并在目标系统上执行任意代码。受影响的产品及版本如下:Moodle: 3.9.0、3.9.1、3.9.2、3.9.3、3.9.4、3.9.5、3.9.6、3.9.7、3.10.0、3.10.1、3.10.2、3.10.3、3.10.4、3.11、3.11.0

Readme

# CVE-2021-36394


## Update table or Change password Admin: 

Custom Code
`
$newpassword = "Accounttakedover123";
`
Then Execute:


`
$ CVE2021-36394.php http://victim/path_to_moodle
`

## Execute function
Custom Code
`$function = "header";
$param = "Hacked: by0d0ff9";
`

Then Execute:

`
$ CVE2021-36394_RCE.php http://victim/path_to_moodle
`

### Demo: https://www.youtube.com/watch?v=rn4ENyASWe8
### Blog: https://0xd0ff9.wordpress.com/2021/08/28/cve-2021-36394-hack-truong-sua-diem-cac-kieu/

File Snapshot


 [4.0K]  /data/pocs/6c25db07e20087a3b03a06fc1d0ee1354c17629c
├── [4.1K]  CVE2021-36394.php
├── [2.9K]  CVE2021-36394_RCE.php
├── [ 55M]  moodle-3.9.7.tgz
└── [ 498]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!