POC详情: 9c338214a23404f1f904ed36e6b7cd1a80f169ee

来源
https://github.com/davcwikla/CVE-2019-9053-exploit
关联漏洞
标题: CMS Made Simple SQL注入漏洞 (CVE-2019-9053)
描述:CMS Made Simple(CMSMS)是CMSMS团队的一套开源的内容管理系统(CMS)。该系统支持基于角色的权限管理系统、基于向导的安装与更新机制、智能缓存机制等。 CMSMS 2.2.8版本中存在SQL注入漏洞,该漏洞源于基于数据库的应用缺少对外部输入SQL语句的验证。攻击者可利用该漏洞执行非法SQL命令。
描述
working exploit for CVE-2019-9053
介绍
# CVE-2019-9053-exploit
working exploit for CVE-2019-9053 

I edited oryginal exploit and now its working well. Oryginal exploit had some problems like missing syntax. 

Usage: 

Example usage (no cracking password): exploit.py -u http://target-uri

Example usage (with cracking password): exploit.py -u http://target-uri --crack -w /path-wordlist

If you get this when cracking a password:

```[*] Now try to crack password
Traceback (most recent call last):
  File "/home/home/Simple_CTF/exploit.py", line 184, in <module>
    crack_password()
  File "/home/user/Simple_CTF/exploit.py", line 53, in crack_password
    for line in dict.readlines():
                ^^^^^^^^^^^^^^^^
  File "<frozen codecs>", line 322, in decode
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf1 in position 933: invalid continuation byte
```

Just try convert Your wordlist to UTF8: 

iconv -f ISO-8859-1 -t UTF-8 /usr/share/wordlists/rockyou.txt > rockyou_utf8.txt

If it still won't work try passwordcracker.py but remember to change salt and pasword value before start cracking
文件快照

 [4.0K]  /data/pocs/9c338214a23404f1f904ed36e6b7cd1a80f169ee
├── [6.1K]  exploit.py
├── [ 378]  passwordcracker.py
└── [1.0K]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。