Request for CVE-2024-56145: Craft CMS RCE #19759
Comments
|
Just an update, for information. The PoC has been modified, by putting a payload in Hoping someone wants to work on this vulnerability :) |
|
Hey @Chocapikk, thanks for the module suggestion! This does look like a cool exploit. Great PoC, I'll start taking a look and let you know how it goes. |
|
@Chocapikk and @jheysel-r7, |
Ohhh okay thanks @h00die-gr3y! Actually I didn't know exactly if I could import other modules than those already available on metasploit that's why I had an issue making this module. |
|
Hey @h00die-gr3y, thanks for the heads up. I tried implementing the FTP Server using what we already have in metasploit and posted my findings in the drafted PR: #19772 If simulating the FTP server doesn't end up working out using the Ruby FTP server library from Wayne Conrad seems like it would simplify things greatly. Much appreciated! |
Summary
This issue concerns a vulnerability in Craft CMS (CVE-2024-56145) discovered by Assetnote, allowing Remote Code Execution (RCE).
Basic example
I attempted to create a Metasploit module for this vulnerability but encountered difficulties simulating an FTP server using sockets to deliver the malicious payload. A fully functional Python implementation of the exploit, along with lab setup instructions, can be found here: https://github.com/Chocapikk/CVE-2024-56145 .
For more details about the vulnerability, refer to Assetnote’s blog post: https://www.assetnote.io/resources/research/how-an-obscure-php-footgun-led-to-rce-in-craft-cms
Motivation
It's cool :)
cc: @stephenfewer @jheysel-r7 @h00die-gr3y @h00die
The text was updated successfully, but these errors were encountered: