CVE-2018-1042 PoC — Moodle filepicker 安全漏洞

Source

https://github.com/UDPsycho/Moodle-CVE-2018-1042

Associated Vulnerability

Title:Moodle filepicker 安全漏洞 (CVE-2018-1042)
Description:Moodle是澳大利亚马丁-多基马（Martin Dougiamas）博士开发的一套免费、开源的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。filepicker是其中的一个文件选择器。 Moodle 3.x版本中的filepicker存在服务器端请求伪造漏洞。攻击者可利用该漏洞检索并查看任意的URL。

Description

Script to exploit CVE-2018-1042 in order to do internal port scans.

Readme

# Moodle CVE-2018-1042

Script to exploit CVE-2018-1042 in order to do internal port scans.

File Snapshot


 [4.0K]  /data/pocs/84a7ab953029042029272b515608493b6874e9fe
├── [1.0K]  LICENSE
├── [2.4K]  moodle_ssrf2portscan.py
└── [  92]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!