Posted on Leave a comment

Hacking Remote PC with Nibbleblog file upload vulnerability

Good Evening Friends. Recently Metasploit released an exploit for the Nibbleblog file upload vulnerability. To those people who don’t know what is Nibbleblog it is a powerful engine for creating blogs.  In fact we can say it is the simplest blog creation system. In this scenario, we will hack a remote system which is using Nibblebog 4.0.3. We will upload a file into the remote system using nibbleblog File upload vulnerability. The only downside of this exploit is that it requires credentials. Update Metasploit and start it. Type command “search nibbleblog” to search for all exploits related to nibbleblog as shown below.

Load the exploit as shown below.

Set all the options required as shown below. I am running nibbleblog on my wamp server on another system. So I am giving its IP address below.

Type command “show payloads” to see the payloads available for this system. You will see all the available options as shown below.

Choose the payload “php/meterpreter/reverse_tcp”.

Set the required options. i.e lhost which is IP address of your Kali machine. As I already told you, we need the credentials of the blog we wanna hack. Type command “exploit“.  Eventhough you get error as shown below, don’t worry, your exploit has successfully run. The file has been uploaded.

Now we have start a listener to listen to our reverse_tcp connection. Load the listener exploit as shown below. Set all the required options as shown.

Type command “exploit“. The exploit will run and stop at the shown below stage.

Now open browser. The file you just uploaded is saved by default as image.php in the remote system. Now go to the exact path as highlighted below. The only thing that may change for you is IP address. Hit on enter.

Now if you go back to the terminal, You should have already got meterpreter session as shown below. Happy Hacking.

Hope it was helpful.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.