Image of AttackDefense 2018

Mission

GreenCMS is a free and open source CMS developed in PHP.

GreenCMS (2.3.0603) is vulnerable to a Sensitive Information Disclosure documented in CVE-2018-12604. Your mission is to find and exploit this vulnerability. The following username and passwords may be used to explore the application and/or find a vulnerability which might require authenticated access:

  • Username: admin
  • Password: password1

Level difficulty: Easy

Category: Webapps CVEs > Remote Code Execution

Solution

CVE-2018-12604 referse to an Information Disclosure vulnerability on GreenCMS version 2.3.0603 application.

In my case I was provided with the following application:

Image of AttackDefense 2018

Following the exploit for CVE-2018-12604 (https://www.exploit-db.com/exploits/44922/) we will obtain the following informations from the public aviable directory listing:

http://w742xalcvupffryr0gyh6m9wo.public1.attackdefenselabs.com/Data/Log/

Image of AttackDefense 2018

http://w742xalcvupffryr0gyh6m9wo.public1.attackdefenselabs.com/Data/Log/18_07_05.log

Image of AttackDefense 2018

http://w742xalcvupffryr0gyh6m9wo.public1.attackdefenselabs.com/Data/Log/18_10_27.log

Image of AttackDefense 2018

Image of AttackDefense 2018