module
ProcessMaker Plugin Upload
| Disclosed | Created |
|---|---|
| Aug 25, 2010 | Jun 14, 2018 |
Disclosed
Aug 25, 2010
Created
Jun 14, 2018
Description
This module will generate and upload a plugin to ProcessMaker
resulting in execution of PHP code as the web server user.
Credentials for a valid user account with Administrator roles
is required to run this module.
This module has been tested successfully on ProcessMaker versions
1.6-4276, 2.0.23, 3.0 RC 1, 3.2.0, 3.2.1 on Windows 7 SP 1;
and version 3.2.0 on Debian Linux 8.
resulting in execution of PHP code as the web server user.
Credentials for a valid user account with Administrator roles
is required to run this module.
This module has been tested successfully on ProcessMaker versions
1.6-4276, 2.0.23, 3.0 RC 1, 3.2.0, 3.2.1 on Windows 7 SP 1;
and version 3.2.0 on Debian Linux 8.
Author
bcoles [email protected]
Platform
PHP
Architectures
php
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.