CVE-2019-6447 PoC — ES File Explorer File Manager application for Android 访问控制错误漏洞

Source

https://github.com/vino-theva/CVE-2019-6447

Associated Vulnerability

Title:ES File Explorer File Manager application for Android 访问控制错误漏洞 (CVE-2019-6447)
Description:The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.

Description

This paper is about manual exploitation of android open port vulnerability found in ES file manager. This open TCP 59777 port allows the attacker to install a backdoor  and gather all the user’s data. Further in this paper there will be a proof of concept presented  to consolidate the vulnerability. Download the PDF and enjoy !!! Cheers !!!

Readme

# CVE-2019-6447
This paper is about manual exploitation of android open port vulnerability found in ES file manager. This open TCP port allows the attacker to install a backdoor  and gather all the user’s data. Further in this paper there will be a proof of concept presented  to consolidate the vulnerability with this paper for an extra knowledege an overview about of backdoor attack is presented. Download the PDFs and enjoy !!! Cheers !!!

File Snapshot


 [4.0K]  /data/pocs/dfd45fb912f0c595c1e2895a04ef9e8ede76f60f
├── [986K]  CVE 2019-6447 - ES File Manager Vulnerability- Backdoor.pdf
├── [284K]  Insight of Backdoor Attacks - Case Study.pdf
└── [ 446]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!