CVE-2018-1133 PoC — Moodle 代码注入漏洞

Source

https://github.com/That-Guy-Steve/CVE-2018-1133-Exploit

Associated Vulnerability

Title:Moodle 代码注入漏洞 (CVE-2018-1133)
Description:Moodle是澳大利亚马丁-多基马（Martin Dougiamas）博士开发的一套免费、开源的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle 3.x版本中存在安全漏洞。远程攻击者可利用该漏洞在服务器上执行代码。

Readme

# CVE-2018-1133-Exploit
This repository contains a python exploit script for the Moodle Evil Teacher exploit (CVE-2018-1133).

## Usage
```
usage: Moodle Evil Teacher Exploit [-h] -u URL -l LOGIN -p PASSWORD -c COMMAND [-P PROXY]

options:
  -h, --help            show this help message and exit
  -u URL, --url URL     Target URL
  -l LOGIN, --login LOGIN
                        Login username
  -p PASSWORD, --password PASSWORD
                        Login password
  -c COMMAND, --command COMMAND
                        Command to execute (Note: this is blind so maybe try a reverse shell or something)
  -P PROXY, --proxy PROXY
                        Proxy (optional)
```

File Snapshot


 [4.0K]  /data/pocs/b4e3e46a5d177a20f7b15b55436a0d0cc80a13c9
├── [6.2K]  CVE-2018-1133Exp.py
└── [ 680]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!