Vulnerability & Exploit Database

Back to search

Mako Server v2.5, 2.6 OS Command Injection RCE

This module exploits a vulnerability found in Mako Server v2.5, 2.6. It's possible to inject arbitrary OS commands in the Mako Server tutorial page through a PUT request to save.lsp. Attacker input will be saved on the victims machine and can be executed by sending a GET request to manage.lsp.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/multi/http/makoserver_cmd_exec

Authors

  • John Page (hyp3rlinx) - Beyond Security SecuriTeam Secure Disclosure
  • Steven Patterson (Shogun Lab) <steven [at] shogunlab.com>

References

Targets

  • Mako Server v2.5, 2.6

Platforms

  • windows
  • unix

Architectures

  • cmd

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/multi/http/makoserver_cmd_exec msf exploit(makoserver_cmd_exec) > show targets ...targets... msf exploit(makoserver_cmd_exec) > set TARGET <target-id> msf exploit(makoserver_cmd_exec) > show options ...show and set options... msf exploit(makoserver_cmd_exec) > exploit