![atutor exploit atutor exploit](https://3.bp.blogspot.com/-aP4XSCr4ELo/UwNXBpvBzaI/AAAAAAAAAYc/tWIi4q0SjYY/s1600/CrobFTPServer+OVerflow-02.jpg)
#Atutor exploit install
# Note: This was successfully tested against a windows install however it should work with linux. "Referer": " + target + "/ATutor/mods/_core/languages/language_import.php", Print "- Example: %s admin mypassword 'whoami'" % sys.argv Print "- Discovery / PoC by liquidsky (JMcPeters) ^^" Print "- ATutor 2.2.4 Arbitrary File Upload / RCE " # Notes: This application is no longer being maintained so there is no fix for this issue.
#Atutor exploit archive
# resulting in remote code execution via a "." pathname in a ZIP archive to the mods/_core/languages/language_import.php (aka Import New Language) or mods/_standard/patcher/index_admin.php (aka Patcher) component. # Description: ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal
![atutor exploit atutor exploit](https://image.3001.net/images/20190513/1557733285_5cd91fa51eb8d.png)
# Tested on: Windows 8 / Apache / MySQL (XAMPP) # Exploit Author: liquidsky (JM #!/usr/bin/env python # Exploit Title: ATutor 2.2.4 'language_import' Arbitrary File Upload / RCE ATutor 2.2.4 Arbitrary File Upload Command Execution