https://github.com/chocapikk/cve-2022-44877
Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)
https://github.com/chocapikk/cve-2022-44877
Last synced: about 1 year ago
JSON representation
Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)
- Host: GitHub
- URL: https://github.com/chocapikk/cve-2022-44877
- Owner: Chocapikk
- Created: 2023-02-11T20:45:08.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2023-02-11T22:03:19.000Z (over 3 years ago)
- Last Synced: 2025-02-05T21:53:35.766Z (over 1 year ago)
- Language: Shell
- Size: 8.79 KB
- Stars: 2
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# CVE-2022-44877
## Overview
This bash script is used to test the vulnerability of web servers to CVE-2022-44877. The script performs a curl request to a target URL with a payload encoded in base64. If the target is vulnerable to the CVE-2022-44877 vulnerability, the elapsed time of the curl request will be greater than 3.5 seconds.
## Installation
```bash
sudo apt-get update
sudo apt-get install curl bc
git clone https://github.com/Chocapikk/CVE-2022-44877
cd CVE-2022-44877
chmod +x script.sh
```
## Usage
The script can be used in three different ways:
`scan`: To scan a single URL, run the following command:
```bash
./script.sh scan
```
`exploit`: To exploit a single URL, run the following command:
```bash
./script.sh exploit
```
`masscan`: To scan a list of URLs, either provide a file containing the list of URLs or pipe the list of URLs to the script:
```bash
./script.sh masscan
or
echo | ./script.sh masscan
```
# Requirements
The script requires `curl` to be installed on the system.
# Disclaimer
This script is for educational purposes only and should not be used for malicious purposes. The user is solely responsible for any actions taken with the script.