• Close
  • Back to search

    MobileCartly 1.0 Arbitrary File Creation Vulnerability

    This module exploits a vulnerability in MobileCartly. The savepage.php file does not do any permission checks before using file_put_contents(), which allows any user to have direct control of that function to create files under the 'pages' directory by default, or anywhere else as long as the user has WRITE permission.

    Free Metasploit Download

    Get your copy of the world's leading penetration testing tool

     Download Now

    Module Name

    exploit/multi/http/mobilecartly_upload_exec

    Authors

    • Yakir Wizman <yakir.wizman [at] gmail.com>
    • sinn3r <sinn3r [at] metasploit.com>

    References

    Targets

    • Generic (PHP Payload)
    • Linux x86

    Platforms

    • linux
    • php

    Architectures

    • php
    • x86

    Reliability

    Development

    Module Options

    To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

    msf > use exploit/multi/http/mobilecartly_upload_exec msf exploit(mobilecartly_upload_exec) > show targets ...targets... msf exploit(mobilecartly_upload_exec) > set TARGET <target-id> msf exploit(mobilecartly_upload_exec) > show options ...show and set options... msf exploit(mobilecartly_upload_exec) > exploit