nibbleblog file upload vulnerability

All posts tagged nibbleblog file upload vulnerability

Good Evening Friends. Recently Metasploit released an exploit for the Nibbleblog file upload vulnerabiltiy. To those people who don’t know what is Nibbleblog it is a powerful engine for creating blogs. ¬†In fact we can say it is the simplest blog creation system. In this scenario, we will hack a remote system which is using Nibblebog 4.0.3. We will upload a file into the remote system using nibbleblog File upload vulnerabilty. The only downside of this exploit is that it requires credentials. Update Metasploit and start it. Type command “search nibbleblog” to search for all exploits related to nibbleblog as shown below.

nibbleblog1

Load the exploit as shown below.

nibbleblog2

Set all the options required as shown below. I am running nibbleblog on my wamp server on another system. So I am giving its IP address below.

nibbleblog3

Type command “show payloads” to see the payloads available for this system. You will see all the available options as shown below.

nibbleblog4

Choose the payload “php/meterpreter/reverse_tcp”.

nibbleblog5

Set the required options. i.e lhost which is IP address of your Kali machine. As I already told you, we need the credentials of the blog we wanna hack. Type command “exploit“. ¬†Eventhough you get error as shown below, don’t worry, your exploit has successfully run. The file has been uploaded.

nibbleblog6

Now we have start a listener to listen to our reverse_tcp connection. Load the listener exploit as shown below. Set all the required options as shown.

nibbleblog7

Type command “exploit“. The exploit will run and stop at the shown below stage.

nibbleblog8

Now open browser. The file you just uploaded is saved by default as image.php in the remote system. Now go to the exact path as highlighted below. The only thing that may change for you is IP address. Hit on enter.

nibbleblog9

Now if you go back to the terminal, You should have already got meterpreter session as shown below. Happy Hacking.

nibbleblog10

Hope it was helpful.