关联漏洞
Description
🐍 Python Exploit for CVE-2021-45010
介绍
# CVE-2021-45010
🐍 Contrived Python PoC Exploit for [CVE-2021-45010](https://nvd.nist.gov/vuln/detail/CVE-2021-45010).
Tiny File Manager < 2.4.7
## Usage
```bash
usage: main.py [-h] -u URL -l USERNAME -p PASSWORD [-g GUI_PATH] [-r FS_RELPATH]
options:
-h, --help show this help message and exit
-u URL, --url URL Base URL
-l USERNAME, --username USERNAME
Username
-p PASSWORD, --password PASSWORD
Password
-g GUI_PATH, --gui-path GUI_PATH
GUI relative path for upload (default: /)
-r FS_RELPATH, --fs-relpath FS_RELPATH
Filesystem relative path (from web root) to write to
```
### GUI Relative Path
Tiny File Manager checks the relative path (as seen in the GUI) for write permissions before attempting the upload. In some cases a writable relative path in the GUI must be found before attempting to leverage the directory traversal
```php
// tinyfilemanager.php (2.4.3)
$targetPath = $path . $ds;
if ( is_writable($targetPath) ) {
$fullPath = $path . '/' . $_REQUEST['fullpath'];
```
### Filesystem Relative Path
If the actual web root is not writable by the running user, specify the relative path to one that is.
### Installation
```bash
python3 -m pip install cve_2021-45010-1.0.0-py3-none-any.whl
```
[Download Latest Release](https://github.com/BKreisel/CVE-2021-45010/releases/download/1.0.0/cve_2021_45010-1.0.0-py3-none-any.whl)
## Demo
[](https://asciinema.org/a/546897?autoplay=1)
文件快照
[4.0K] /data/pocs/88629189df5f1c77aef1165b820a7e3a890d951b
├── [1.0K] LICENSE
├── [ 715] pyproject.toml
├── [1.5K] README.md
└── [4.0K] src
└── [4.0K] cve_2021_45010
├── [ 0] __init__.py
└── [8.5K] main.py
2 directories, 5 files
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →