Skip to content

This exploit will attempt to execute system commands on SPIP targets.

Notifications You must be signed in to change notification settings

bigb0x/CVE-2024-7954

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2024-7954

This exploit will attempt to execute system commands on SPIP targets (CVE-2024-7954). Banner

Overview

This is a bulk scanning and exploitation tool for CVE-2024-7954: SPIP 4.2.8 allows unauthenticated attackers to launch RCE on SPIP targets. This tool is based on this Security Research.

How to Use

Install the script requirements:

pip install -r requirements.txt

Options:

POC for SPIP 4.2.8 vulnerability

options:
  -h, --help  show this help message and exit
  -u U        Target URL, example http://target:9090
  -f F        File containing list of URLs (one per line)
  -c C        Command to execute on the target, default is id

Contact

For any suggestions or thoughts, please get in touch with me.

Disclaimer

I like to create my own tools for fun, work and educational purposes only. I do not support or encourage hacking or unauthorized access to any system or network. Please use my tools responsibly and only on systems where you have clear permission to test.

References

About

This exploit will attempt to execute system commands on SPIP targets.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages