Add vulnerable setup info in mediawiki_syntaxhighlight.md
This commit is contained in:
parent
ca1f8da7e5
commit
1cc00b2944
|
@ -2,6 +2,19 @@
|
||||||
|
|
||||||
Any MediaWiki installation with SyntaxHighlight version 2.0 installed & enabled. This extension ships with the AIO package of MediaWiki 1.27.x & 1.28.x. A fix for this issue is included in MediaWiki version 1.28.2 and version 1.27.3.
|
Any MediaWiki installation with SyntaxHighlight version 2.0 installed & enabled. This extension ships with the AIO package of MediaWiki 1.27.x & 1.28.x. A fix for this issue is included in MediaWiki version 1.28.2 and version 1.27.3.
|
||||||
|
|
||||||
|
## Vulnerable Setup
|
||||||
|
|
||||||
|
To set up the vulnerable environment, please do:
|
||||||
|
|
||||||
|
1. Download [MediaWiki (such as 1.28.0)](https://releases.wikimedia.org/mediawiki/1.28/mediawiki-1.28.0.tar.gz)
|
||||||
|
2. Install MediaWiki on a LAMP setup (ideally)
|
||||||
|
3. Install composer ```curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer```
|
||||||
|
4. Do: ```cd /var/www/html/mediawiki/extensions/SyntaxHighlight_GeSHi```
|
||||||
|
5. Do: ```composer update```
|
||||||
|
6. Open your LocalSettings.php with a text editor, and add this line at the end of the file: ```wfLoadExtension( 'SyntaxHighlight_GeSHi' );```
|
||||||
|
|
||||||
|
At this point, you are ready to test this setup.
|
||||||
|
|
||||||
## Verification Steps
|
## Verification Steps
|
||||||
|
|
||||||
1. `use exploit/multi/http/mediawiki_syntaxhighlight`
|
1. `use exploit/multi/http/mediawiki_syntaxhighlight`
|
||||||
|
@ -35,6 +48,17 @@
|
||||||
In case the wiki is configured as private, a read-only (or better) account is needed to exploit this issue. Provide the password of that account here.
|
In case the wiki is configured as private, a read-only (or better) account is needed to exploit this issue. Provide the password of that account here.
|
||||||
|
|
||||||
## Sample Output
|
## Sample Output
|
||||||
|
|
||||||
|
### The Check command
|
||||||
|
|
||||||
|
The module comes with a check command that allows you to check whether the target might be
|
||||||
|
vulnerable or not, for example:
|
||||||
|
|
||||||
|
```
|
||||||
|
msf exploit(mediawiki_syntaxhighlight) > check
|
||||||
|
[*] 192.168.146.203:80 The target appears to be vulnerable.
|
||||||
|
```
|
||||||
|
|
||||||
### MediaWiki 1.27.1-2 on Ubuntu 16.10
|
### MediaWiki 1.27.1-2 on Ubuntu 16.10
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
Loading…
Reference in New Issue