CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/exploit/unix/webapp/webmin_upload_exec.md
Views: 1904
Description
This module exploits an arbitrary command execution vulnerability in Webmin 1.900 and lower versions. Any user authorized to the "Upload and Download" module can execute arbitrary commands with root privileges. In addition, if the 'Running Processes' (proc) privilege is set the user can accurately determine which directory to upload to. Webmin application files can be written/overwritten, which allows remote code execution. The module has been tested successfully with Webmin 1.900.
Vulnerable Application
This module has been tested with Webmin 1.900
Options
GUESSUPLOAD
Use default installation path /usr/share/webmin/
Verification Steps
use exploit/unix/webapp/webmin_upload_exec
set rhosts <rhost>
set username <username>
set password <password>
exploit