CVE-2023-24078

This exploit demonstrates a remote code execution vulnerability in FuguHub 8.1 by leveraging an unauthenticated user creation flaw and file upload functionality to deploy a Lua-based reverse shell. The script automates account creation, login, and payload delivery via a crafted LSP file.

This repository contains a functional exploit for CVE-2023-24078, targeting FuguHub/BarracudaDrive. The exploit automates the creation of an admin user, logs in, and deploys a Lua-based reverse shell via a crafted LSP script.

This PoC exploits CVE-2023-24078 in BarracudaDrive/FuguHub by creating an admin user, logging in, and uploading a malicious Lua script to achieve remote code execution via a reverse shell. It uses Selenium for browser automation and requires manual interaction for the final payload execution.

This repository contains a functional exploit PoC for CVE-2023-24078, which targets Barracuda Drive. The exploit registers an admin account, logs in, uploads a malicious LSP file, and executes it to achieve remote code execution via a reverse shell.