{"id":28242941,"url":"https://github.com/unicordev/exploit-cve-2020-5844","last_synced_at":"2025-06-10T14:30:41.374Z","repository":{"id":40540371,"uuid":"494251639","full_name":"UNICORDev/exploit-CVE-2020-5844","owner":"UNICORDev","description":"Exploit for CVE-2020-5844 (Pandora FMS v7.0NG.742) - Remote Code Execution","archived":false,"fork":false,"pushed_at":"2024-02-17T17:50:35.000Z","size":69,"stargazers_count":8,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-05-19T06:10:00.338Z","etag":null,"topics":["cve","cve-2020-5844","exploit","hackthebox","linux","pandora","penetration-testing","proof-of-concept","python","remote-code-execution","unicord","vulnerability"],"latest_commit_sha":null,"homepage":"https://unicord.dev/exploit-CVE-2020-5844","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/UNICORDev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2022-05-19T22:50:44.000Z","updated_at":"2024-07-14T19:47:08.000Z","dependencies_parsed_at":"2024-02-17T18:48:01.422Z","dependency_job_id":null,"html_url":"https://github.com/UNICORDev/exploit-CVE-2020-5844","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UNICORDev%2Fexploit-CVE-2020-5844","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UNICORDev%2Fexploit-CVE-2020-5844/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UNICORDev%2Fexploit-CVE-2020-5844/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UNICORDev%2Fexploit-CVE-2020-5844/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/UNICORDev","download_url":"https://codeload.github.com/UNICORDev/exploit-CVE-2020-5844/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UNICORDev%2Fexploit-CVE-2020-5844/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259092517,"owners_count":22804029,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve","cve-2020-5844","exploit","hackthebox","linux","pandora","penetration-testing","proof-of-concept","python","remote-code-execution","unicord","vulnerability"],"created_at":"2025-05-19T06:10:01.045Z","updated_at":"2025-06-10T14:30:41.351Z","avatar_url":"https://github.com/UNICORDev.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Exploit for CVE-2020-5844 (Pandora FMS v7.0NG.742) - Remote Code Execution\n\n![GitHub CVE Cover](https://user-images.githubusercontent.com/23003787/172497977-d6f22c52-ba5d-4fa0-9c90-04fc685ad871.png)\n\n**Like this repo? Give us a ⭐!**\n\n*For educational and authorized security research purposes only.*\n\n## Exploit Author\n[@UNICORDev](https://unicord.dev) by ([@NicPWNs](https://github.com/NicPWNs) and [@Dev-Yeoj](https://github.com/Dev-Yeoj))\n\n## Vulnerability Description\n`index.php?sec=godmode/extensions\u0026sec2=extensions/files_repo` in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects `v7.0NG.742_FIX_PERL2020`.\n\n## Exploit Description\nUse this exploit for remote code execution on vulnerable versions of Pandora FMS. Requires a target IP address and port. Requires valid username/password or valid PHPSESSID cookie authentication. Run in default mode to upload a basic PHP web shell. Run in custom command mode to run a custom command on the target. Run in reverse shell mode to receive a reverse shell from the target on a listener you set up. Run in web shell custom mode to change the name of the PHP web shell file.\n\n## Usage\n```bash\n  python3 exploit-CVE-2020-5844.py -t \u003ctarget-IP\u003e \u003ctarget-port\u003e -u \u003cusername\u003e \u003cpassword\u003e\n  python3 exploit-CVE-2020-5844.py -t \u003ctarget-IP\u003e \u003ctarget-port\u003e -p \u003cPHPSESSID\u003e\n  python3 exploit-CVE-2020-5844.py -t \u003ctarget-IP\u003e \u003ctarget-port\u003e -p \u003cPHPSESSID\u003e [-c \u003ccustom-command\u003e]\n  python3 exploit-CVE-2020-5844.py -t \u003ctarget-IP\u003e \u003ctarget-port\u003e -p \u003cPHPSESSID\u003e [-s \u003clocal-ip\u003e \u003clocal-port\u003e]\n  python3 exploit-CVE-2020-5844.py -t \u003ctarget-IP\u003e \u003ctarget-port\u003e -p \u003cPHPSESSID\u003e [-w \u003cname.php\u003e]\n  python3 exploit-CVE-2020-5844.py -h\n```\n\n## Options\n```bash\n  -t    Target host and port. Provide target IP address and port.\n  -u    Target username and password. Provide username and password to log in to Pandora FMS.\n  -p    Target valid PHP session ID. No username or password needed. (Optional)\n  -s    Reverse shell mode. Provide local IP address and port. (Optional)\n  -c    Custom command mode. Provide command to execute. (Optional)\n  -w    Web shell custom mode. Provide custom PHP file name. (Optional)\n  -h    Show this help menu.\n```\n\n## Download\n[Download exploit-CVE-2020-5844.py from GitHub](https://raw.githubusercontent.com/UNICORDev/exploit-CVE-2020-5844/main/exploit-CVE-2020-5844.py)\n\n[Download exploit-CVE-2020-5844.py from ExploitDB](https://www.exploit-db.com/exploits/50961)\n\n### Searchsploit (ExploitDB)\n```bash\nsearchsploit -u\nsearchsploit -m 50961\n```\n\n## Applies To\nPandora FMS v7.0NG.742\n\n## Exploit Requirements\n- python3\n- python3:requests\n\n## Demos\n### Default Mode with Username and Password\n![default](https://user-images.githubusercontent.com/23003787/169666284-9928f915-4b07-49b0-a835-8b28cbbb9ed3.gif)\n\n### Default Mode with PHPSESSID\n![default_sess](https://user-images.githubusercontent.com/23003787/169666223-de66bc05-f4fb-44d7-af79-e515d13fb25d.gif)\n\n### Custom Command Mode\n![command](https://user-images.githubusercontent.com/23003787/169666226-d9b8ee5f-81fa-4e34-b498-9c817d2bdb40.gif)\n\n### Reverse Shell Mode\n![shell](https://user-images.githubusercontent.com/23003787/169666229-cbf1e366-4c92-4aa7-a8b5-e250fbf8caf8.gif)\n\n### Custom Web Shell Name Mode\n![web](https://user-images.githubusercontent.com/23003787/169666230-fce0e884-2163-40f5-a418-afa6adbe45e8.gif)\n\n## Credits\n- https://nvd.nist.gov/vuln/detail/CVE-2020-5844\n- https://sourceforge.net/projects/pandora/files/Pandora%20FMS%207.0NG/742_FIX_PERL2020/Tarball/pandorafms_server-7.0NG.742_FIX_PERL2020.tar.gz\n- https://app.hackthebox.com/machines/Pandora\n- https://github.com/TheCyberGeek/CVE-2020-5844\n- https://github.com/shyam0904a/Pandora_v7.0NG.742_exploit_unauthenticated\n- https://www.exploit-db.com/exploits/50961\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funicordev%2Fexploit-cve-2020-5844","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Funicordev%2Fexploit-cve-2020-5844","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funicordev%2Fexploit-cve-2020-5844/lists"}