# Exploit Title: Raysync - RCE  
# Date: 04/10/2020  
# Exploit Author: XiaoLong Zhu  
# Vendor Homepage:  
# Version: below  
# Tested on: Linux  
step1: run to build a web application on the local  
environment, set admin password to 123456 , which will be write to  
manage.db file.  
step2: curl "file=@manage.db" http://[raysync  
to override remote manage.db file in server.  
step3: login in admin portal with admin/123456.  
step4: create a normal file with all permissions in scope.  
step5: modify ,add arbitrary evil command.  
step6: trigger rce with clicking "reset" button