module
Zimbra Collaboration Server LFI
| Disclosed | Created |
|---|---|
| 12/06/2013 | 05/30/2018 |
Disclosed
12/06/2013
Created
05/30/2018
Description
This module exploits a local file inclusion on Zimbra 8.0.2 and 7.2.2. The vulnerability
allows an attacker to get the LDAP credentials from the localconfig.xml file. The stolen
credentials allow the attacker to make requests to the service/admin/soap API. This can
then be used to create an authentication token for the admin web interface. This access
can be used to achieve remote code execution. This module has been tested on Zimbra
Collaboration Server 8.0.2 with Ubuntu Server 12.04.
allows an attacker to get the LDAP credentials from the localconfig.xml file. The stolen
credentials allow the attacker to make requests to the service/admin/soap API. This can
then be used to create an authentication token for the admin web interface. This access
can be used to achieve remote code execution. This module has been tested on Zimbra
Collaboration Server 8.0.2 with Ubuntu Server 12.04.
Authors
rubina119Mekanismen
Platform
Linux
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use exploit/unix/webapp/zimbra_lfi
msf /(i) > show actions
...actions...
msf /(i) > set ACTION < action-name >
msf /(i) > show options
...show and set options...
msf /(i) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.