![]() In the remote management panel there is a console written in the LUA language, which can be exploited to execute commands in the Operating System through the os.execute() function native to lua.īelow is a remote command execution PoC through the lua console to obtain a reverse shell on the target machine. The C:\Program Files (x86)Wing FTP Server_ADMINISTRATOR\admins.xml file stores the admin credentials by saving the password in an md5 hash, which can be easily deciphered, as shown in the image below: When accessing the Wing FTP Server remote management panel, the credentials are transmitted in clear, as shown in the image below:Īnother vulnerability found is the unprotected storage of the application's admin credentials. ![]() How to run: This exploit will invoke a nishang tcp reverse shell on the target. Tested versions <4.3.8 About the vulnerability This exploit was discovered by Alex Haynes. This exploit requires Wing FTP's admin panel authentication. You can also monitor server performance and online sessions and even receive email notifications about various events taking place on the server. Wing FTP RCE - Authenticated This is an exploit written in Python3 for the Wing FTP Server running on Windows. And it provides admins with a web-based interface to administrate the server from anywhere. It supports multiple file transfer protocols, including FTP, FTPS, HTTP, HTTPS, and SFTP, giving your clients flexibility in how they connect to the server. Wing FTP Server is an easy-to-use, powerful, and free FTP server software for Windows, Linux, Mac OS, and Solaris. Multiple vulnerability was founded on Wing FTP Server 6.3.8: One of this possible arbitrary actions is to download content from a users controlled server, perform port scanning or try to talk to other plain-text based. ![]() ![]() ![]() You can monitor the activities that are taking place on the basis of sessions. The support for various techniques including FTP, SFTP, HTTP, HTTPS and FTPS has increased its flexibility. This PoC explain how to exploit Wing FTP Server 6.3.8 to get Remote Code Execution ( 1) Wing FTP Server is capable of managing the servers that are used for sharing data. Wing FTP Server 6.3.8 - Remote Code Execution ![]()
0 Comments
Leave a Reply. |