Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

ThinkCMF - Remote Code Execution

By kannthu

High
Vidoc logoVidoc Module
#thinkcmf#rce
Description

What is "ThinkCMF - Remote Code Execution?"

The "ThinkCMF - Remote Code Execution" module is designed to detect a vulnerability in the ThinkCMF software that allows remote code execution. ThinkCMF is a content management framework that is susceptible to this type of attack. The severity of this vulnerability is classified as high, as it allows an attacker to execute malicious code, gain unauthorized access to sensitive information, modify data, and potentially take full control of the compromised system without needing valid credentials.

This module was authored by pikpikcu.

Impact

The impact of the "ThinkCMF - Remote Code Execution" vulnerability can be severe. An attacker who successfully exploits this vulnerability can:

- Execute arbitrary code on the target system - Gain unauthorized access to sensitive information - Modify data within the system - Potentially take full control of the compromised system

It is crucial to address this vulnerability promptly to prevent potential damage and unauthorized access to the ThinkCMF software and its associated systems.

How the module works?

The "ThinkCMF - Remote Code Execution" module works by sending a specific HTTP request to the target system. The request path includes a parameter that allows the execution of arbitrary PHP code. Here is an example of the request:

/index.php?g=g&m=Door&a=index&content=<?php%20echo%20md5('ThinkCMF');

The module then applies matching conditions to the response received from the target system. In this case, it checks if the response contains the MD5 hash value "d9b2c63a497e2f30c4ad9ad083a00691" and if the HTTP status code is 200. If both conditions are met, the module identifies the vulnerability as present.

It is important to note that this module is designed to detect the vulnerability, not to exploit it. Its purpose is to provide information about the vulnerability so that appropriate actions can be taken to mitigate the risk.

For more information about this vulnerability, you can refer to the following resource: https://www.shuzhiduo.com/A/l1dygr36Je/

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/index.php?g=g&m=Doo...
Matching conditions
word: d9b2c63a497e2f30c4ad9ad083a00691and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability