Published: 16/09/2015 Updated: 17/09/2015

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 657

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog prior to 4.0.5 allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in content/private/plugins/my_image/image.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nibbleblog nibbleblog

## # This module requires Metasploit: wwwmetasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initialize(info = {}) super ...

ExploitDev Journey #9 | CVE-2015-6967 | Nibbleblog 403 - Arbitrary File Upload Original Exploit: wwwexploit-dbcom/exploits/38489 Exploit name: Nibbleblog 403 RCE CVE: 2015-6967 Lab: Nibbles - HackTheBox Description There is a flaw in Nibbleblog 403 that allows an authenticated user to upload shells Uploading shells here is kind of different from what you hav

A collection of scripts that exploit the CVE's I stumble upon

CVE A collection of scripts that exploit the CVEs I stumble upon Some of the CVEs I upload will be heavily inspired by other people and their code I will mention them below: CVE-2015-6967 by dix0nym

An exploit for the Nibbles manager version 4.0.3. This exploit allows RCE to be performed.

CVE-2015-6967 An exploit for the Nibbles manager version 403 This exploit allows RCE to be performed Requirements optparse, signal, requests Usage python3 CVE-2015-6967py --url 10129156150/ --username admin --password nibbles [ + ] Login Succesfuly! [+] Uploading shell [ * ] Shell has been uploaded! -------------------------------------------------------------

Nibbleblog 4.0.3 - Arbitrary File Upload (CVE-2015-6967)

CVE-2015-6967 Nibbleblog 403 - Arbitrary File Upload (CVE-2015-6967) requirements python 3 requests usage usage: exploitpy [-h] --url URL --username USERNAME --password PASSWORD --payload PAYLOAD optional arguments: -h, --help show this help message and exit --url URL, -l URL --username USERNAME, -u USERNAME --password PASSWORD, -p PASSWORD --payload

Resolucion de la maquina

Nibbles-HTB Resolucion de la maquina NMAP nmap -sS -Pn -p- -vvv 101297848 -oG ports nmap -sSV -p22,80 101297848 -oN Scan FFUF ffuf -fc 404 -t 100 -w /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-23-mediumtxt -u 101297848/nibbleblog/FUZZ WFUZZ wfuzz -c --hc=404

In this repository you will find the technical report of Nibbles, the exploit to abuse the CVE-2015-6967 and an autopwn tool in case you want to resolve the machine in HackTheBox

HTB_Nibbles In this repository you will find the technical report of Nibbles, the exploit (pwnedpy) to abuse the CVE-2015-6967 and an autopwn tool (autopwnpy) in case you want to resolve the machine in HackTheBox Pwnedpy tool: This file will help you to exploit CVE-2015-6967 If you want to run this exploit you will need to satisfy 3 requirements: You will need to create

CVEs Exploits I'm adding exploits for some CVEs that I wrote 2023 CVE-2023-4911 Buffer Overflow in glibc's ldso CVE-2021-3156 Heap-Based Buffer Overflow in Sudo 2021 CVE-2015-6967 Nibbleblog 403 CVE-2020-28038 WordPress before 552

NVD-CWE-Other http://packetstormsecurity.com/files/133425/NibbleBlog-4.0.3-Shell-Upload.html http://seclists.org/fulldisclosure/2015/Sep/5 http://blog.nibbleblog.com/post/nibbleblog-v4-0-5/http://blog.curesec.com/article/blog/NibbleBlog-403-Code-Execution-47.html https://nvd.nist.gov https://www.exploit-db.com/exploits/38489/https://github.com/EchoSl0w/CVE

CVE-2015-6967

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect