ProjectSend Arbitrary File Upload
This module exploits a file upload vulnerability in ProjectSend revisions 100 to 561. The 'process-upload.php' file allows unauthenticated users to upload PHP files resulting in remote code execution as the web server user.
Module Name
exploit/unix/webapp/projectsend_upload_exec
Authors
- Fady Mohammed Osman
- bcoles <bcoles [at] gmail.com>
References
Targets
- ProjectSend (PHP Payload)
Platforms
- php
Architectures
- php
Reliability
Development
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use exploit/unix/webapp/projectsend_upload_exec
msf exploit(projectsend_upload_exec) > show targets
...targets...
msf exploit(projectsend_upload_exec) > set TARGET <target-id>
msf exploit(projectsend_upload_exec) > show options
...show and set options...
msf exploit(projectsend_upload_exec) > exploit