https://github.com/josephgodwinkimani/cyberpanel-2.3.4-file-upload-rce

https://github.com/josephgodwinkimani/cyberpanel-2.3.4-file-upload-rce

Last synced: 7 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/josephgodwinkimani/cyberpanel-2.3.4-file-upload-rce
• Owner: josephgodwinkimani
• Created: 2024-12-30T13:36:07.000Z (9 months ago)
• Default Branch: main
• Last Pushed: 2025-01-06T08:35:38.000Z (9 months ago)
• Last Synced: 2025-01-27T05:28:56.115Z (8 months ago)
• Language: Python
• Homepage:
• Size: 4.88 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# CyberPanel File Manager Upload RCE

## Overview

This repository contains a proof-of-concept (PoC) exploit that allows anyone to use a valid csrf token to upload file to `/filemanager/upload` endpoint. It allows users to upload files to a target server that requires a CSRF token for authentication. It retrieves the CSRF token from the server and uses it to perform a file upload via a multipart/form-data POST request. If the CSRF token cannot be automatically retrieved, the user will be prompted to enter it manually.

## Usage

To utilize this exploit, follow these steps:

1. **Clone the Repository**:

    ```bash

    git clone https://github.com/josephgodwinkimani/cyberpanel-2.3.4-file-upload-RCE.git

    ```

2. **Change to the Directory**:

    ```bash

    cd cyberpanel-2.3.4-file-upload-RCE

    ```

3. **Run the Script**: Follow the prompts provided by the script.

    ```bash

    python file-uploader.py

    ```

## Disclaimer

This code is intended for educational and research purposes only. It must only be used on systems for which you have explicit permission to test. Unauthorized use of this exploit may violate laws and regulations and can lead to severe legal consequences.

## Ethical Considerations

When conducting security research, it is essential to adhere to ethical guidelines:

- Always obtain permission from system owners before testing.

- Avoid causing harm or disruption to systems or users.

- Report any discovered vulnerabilities responsibly.

## Reporting Vulnerabilities

If you discover any vulnerabilities while using this exploit or in related software, please report them responsibly to the appropriate channels or directly to the CyberPanel development team.

By following these guidelines, we can contribute to a safer internet and improve software security for everyone.