Posted on Leave a comment

ManageEngine Desktop Central 9 FileUploadServlet Exploit

Good Evening friends. Today we will see how to hack a remote PC with ManageEngine Desktop Central 9 FileUploadServlet exploit.  Desktop Central is an integrated desktop and mobile device management software that helps in managing servers, laptops, desktops, smartphones, and tablets from a central location. This exploit exploits  a vulnerability in ManageEngine Desktop Central  9 which when uploading a 7z file, the FileUploadServlet class does not check the user-controlled ConnectionId parameter in the FileUploadServlet class. Start Metasploit and load the exploit as shown below.  Set the required options. By default, Desktop Central 9 runs on port 8020. Leave the targeturi as default only.

deskcen91

Set the payload as shown below. I am trying to get the shell on remote system. To select a suitable payload, you can type “show payloads” and  choose the payload you want.  Set the required options as shown below.

deskcen92

When all the options are set, type command “exploit“. You should get shell on the remote windows PC as shown below. Hence we have successfully hacked a remote Windows PC with ManageEngine Desktop Central 9 FileUploadServlet exploit.

deskcen93

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.