CVE-2009-1285

phpMyAdmin < 3.1.3.2 - Remote Code Injection via ConfigFile.class.php

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1285. PoCs published by Greg Ose, pagvac, egypt, Tenable, g0tmi1k, including Metasploit module exploits/unix/webapp/phpmyadmin_config.

AI-analyzed exploit summary This Metasploit module exploits a code injection vulnerability in phpMyAdmin's setup feature, allowing arbitrary PHP code execution by writing to the configuration file. It supports versions 2.11.x <= 2.11.9.4 and 3.x <= 3.1.3.1, with automatic detection of setup paths and CSRF token handling.

Description

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files.

Exploits (1)

metasploit WORKING POC EXCELLENT

by Greg Ose, pagvac, egypt, Tenable, g0tmi1k · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/phpmyadmin_config.rb

View Code ZIP pw:eip

This Metasploit module exploits a code injection vulnerability in phpMyAdmin's setup feature, allowing arbitrary PHP code execution by writing to the configuration file. It supports versions 2.11.x <= 2.11.9.4 and 3.x <= 3.1.3.1, with automatic detection of setup paths and CSRF token handling.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: phpMyAdmin 2.11.x <= 2.11.9.4 and 3.x <= 3.1.3.1

No auth needed

Prerequisites: Access to the phpMyAdmin setup directory · Write permissions on the config directory

MITRE ATT&CK