Packet Storm

exploit the possibilities

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Baldr Botnet Panel Shell Upload: Posted Jul 29, 2020; Authored by Ege Balci | Site metasploit.com; This Metasploit module exploits a arbitrary file upload vulnerability within the Baldr stealer malware control panel. Attackers can turn this vulnerability into remote code execution by adding malicious PHP code inside the victim logs ZIP file and registering a new bot to the panel by uploading the ZIP file under the logs directory. On versions 3.0 and 3.1 victim logs are ciphered by a random 4 byte XOR key. This exploit module retrieves the IP specific XOR key from panel gate and registers a new victim to the panel with adding the selected payload inside the victim logs.; tags | exploit, remote, arbitrary, php, code execution, file upload; SHA-256 | eead6190f3debc909c6e03fa4150c29da6936794b738a1702f89596b906fc97f; Download | Favorite | View

Related Files

No related files

Top Authors In Last 30 Days

Red Hat 253 files
Ubuntu 83 files
Gentoo 29 files
indoushka 26 files
Debian 10 files
Sina Kheirkhah 7 files
tmrswrr 7 files
Rodolfo Tavares 4 files
Google Security Research 2 files
S. Dietz 2 files

File Tags

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,527)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,402)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,689)
UNIX (9,431)
UnixWare (187)
Windows (6,667)
Other

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec