关联漏洞
标题:CMS Made Simple SQL注入漏洞 (CVE-2019-9053)描述:CMS Made Simple(CMSMS)是CMSMS团队的一套开源的内容管理系统(CMS)。该系统支持基于角色的权限管理系统、基于向导的安装与更新机制、智能缓存机制等。 CMSMS 2.2.8版本中存在SQL注入漏洞,该漏洞源于基于数据库的应用缺少对外部输入SQL语句的验证。攻击者可利用该漏洞执行非法SQL命令。
描述
Python3-converted exploit and research notes for CMS Made Simple (CVE-2019-9053) — Unauthenticated SQL Injection vulnerability. Includes original PoC, improved Python3 version, usage instructions, and lab testing reference.
介绍
# CMS Made Simple – Exploitation Toolkit
A collection of scripts, notes, and Python3–ready exploits for **CMS Made Simple (CMSMS)**, including the famous **Unauthenticated Time-Based SQL Injection – CVE-2019-9053**.
This repository is created and maintained by **Encrypticle (Jagdeep Singh)** as part of my cybersecurity research, ethical hacking practice, and 100-Day Cybersecurity Challenge series.
---
## 🚀 About This Repo
This repository contains:
- ✔️ The original Python2 exploit converted to Python3 for **CVE-2019-9053**
- ✔️ A fully ported **Python3 version** of the exploit
- ✔️ Walkthrough notes for attacking CMS Made Simple in labs
- ✔️ Usage examples for Python3
- ✔️ Fixes for common errors (print syntax, dependencies, termcolor issues, Python2 missing, etc.)
- ✔️ Wordlist cracking support (MD5 + salt)
---
## 🕳️ Vulnerability: CVE-2019-9053
CMS Made Simple versions **≤ 2.2.9** suffer from an **unauthenticated blind SQL injection** vulnerability.
Successful exploitation allows an attacker to leak:
- Salt
- Username
- Email
- Admin password hash
- And optionally crack the password using a wordlist
The original exploit uses time-based SQL injection via the `moduleinterface.php?mact=` parameter.
---
## 📂 Usage Example
sudo python3 exploit_python3.py -u http://TARGET/cms --crack -w /usr/share/wordlists/rockyou.txt
⚠️ Legal Disclaimer
This project is for educational and authorized penetration testing purposes only.
Do NOT use these scripts on systems you do not own or do not have written permission to test.
Unauthorized testing is illegal.
📧 Contact
Maintained by Encrypticle (Jagdeep Singh)
YouTube: https://youtube.com/@Encrypticle
LinkedIn: https://www.linkedin.com/company/Encrypticle
⭐ Support & Contribution
If this repository helped you —
Star ⭐ the repo, fork it, or contribute improvements to the Python3 exploit.
文件快照
[4.0K] /data/pocs/718fe0e34c1b19141da7beddbd28e2dd2e685ac7
├── [6.9K] exploit_python3.py
└── [1.9K] README.md
1 directory, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。