CVE-2019-15107 PoC — Webmin 命令操作系统命令注入漏洞

Source

https://github.com/wenruoya/CVE-2019-15107

Associated Vulnerability

Title:Webmin 命令操作系统命令注入漏洞 (CVE-2019-15107)
Description:An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.

Description

CVE-2019-15107 图形化测试程序

Readme

# CVE-2019-15107
CVE-2019-15107测试程序

webmin的这个远程命令执行漏洞，大致是perl中qx/…/导致命令执行，利用需要一定的特殊条件，复现的时候随手写了个图形化的利用程序。

<img width="599" alt="屏幕截图 2023-03-09 224744" src="https://user-images.githubusercontent.com/44966823/224064392-6c678099-3d25-4ccd-b347-f6b89a3265d9.png">

<img width="601" alt="屏幕截图 2023-03-09 224650" src="https://user-images.githubusercontent.com/44966823/224064411-b55bc740-7d56-4258-a4ef-b6fba09b2300.png">

值得注意的是，user值要是用的是一个假的用户，使用真实的root测试不成功，只有在发送的用户参数的值不是已知的Linux用户的情况下，展示进入才会到修改/etc/shadow的地方，从而触发命令注入漏洞

反弹shell可能需要编码，这可能需要修改代码

File Snapshot


 [4.0K]  /data/pocs/0012d77375114579c553231fd1d4c5ac91d43c42
├── [1.0K]  LICENSE
├── [1.0K]  pom.xml
├── [ 874]  README.md
├── [4.0K]  src
│   └── [4.0K]  main
│       ├── [4.0K]  java
│       │   └── [4.0K]  org
│       │       └── [4.0K]  example
│       │           ├── [5.3K]  Main.form
│       │           └── [8.4K]  Main.java
│       └── [4.0K]  resources
│           └── [4.0K]  META-INF
│               └── [  52]  MANIFEST.MF
└── [4.0K]  target
    └── [4.0K]  classes
        └── [4.0K]  META-INF
            └── [  52]  MANIFEST.MF

10 directories, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!