GOautodial 4.0 Shell Upload

GOautodial 4.0 Shell Upload: Posted Oct 21, 2020; Authored by Balzabu; GOautodial version 4.0 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | 0085f0c395aedb6eeb4cdbcd8c5646045e41ace8ab6b82ba53f5ef1df3119143; Download | Favorite | View

GOautodial 4.0 Shell Upload

# Exploit Title: GOautodial 4.0 - Authenticated Shell Upload
# Author: Balzabu
# Discovery Date: 07-23-2020
# Vendor Homepage: https://goautodial.org/
# Software Link: https://goautodial.org/GOautodial-4-x86_64-Final-20191010-0150.iso.html
# Tested Version: 4.0 (Last relase as of today)
# Tested on OS: CentOS 7

# STEPS TO REPRODUCE:

1 - Log in as an agent
2 - Write a new message to user goadmin with random subject and text
3 - Attach your webshell to the message
4 - Access your shell at 
https://www.foo.com/uploads/year/month/shellname.php ( Example: 
https://XXX.XXX.XXX.XXX/uploads/2020/07/shell.php )
5 - Priv esc and enjoy ... :-)

Top Authors In Last 30 Days

Red Hat 282 files
Jay Turla 150 files
indoushka 149 files
Ubuntu 69 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
Gentoo 31 files
H D Moore 31 files
Debian 30 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,059)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,725)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,806)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

GOautodial 4.0 Shell Upload

GOautodial 4.0 Shell Upload

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

GOautodial 4.0 Shell Upload

Share This

GOautodial 4.0 Shell Upload

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems