https://github.com/chocapikk/cve-2023-30943

A Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.
https://github.com/chocapikk/cve-2023-30943

Last synced: 12 months ago
JSON representation

A Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.

• Host: GitHub
• URL: https://github.com/chocapikk/cve-2023-30943
• Owner: Chocapikk
• Created: 2023-09-07T13:25:55.000Z (almost 3 years ago)
• Default Branch: main
• Last Pushed: 2023-09-07T13:27:09.000Z (almost 3 years ago)
• Last Synced: 2025-04-20T17:22:47.930Z (about 1 year ago)
• Language: Python
• Size: 3.91 KB
• Stars: 11
• Watchers: 2
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# CVE-2023-30943 Vulnerability Scanner

This tool detects a vulnerability in Moodle as described in the [NVD](https://nvd.nist.gov/vuln/detail/CVE-2023-30943).

## Description

Moodle contains a vulnerability due to the way it handles TinyMCE loaders. The application allows a user to dictate the folder creation path. A remote attacker can exploit this by sending a crafted HTTP request, enabling arbitrary folder creation on the system.

## Installation

1. Ensure you have Python 3.10 installed.

2. Clone or download this repository.

3. Install the required libraries:

```bash

pip install -r requirements.txt

```

## Usage

### Basic Commands:

Scan a single URL for vulnerability:

```bash

python3.10 exploit.py -u [TARGET_URL]

```

Scan multiple URLs from a file:

```bash

python3.10 exploit.py -f [FILE_CONTAINING_URLs]

```

### Using Leakix:

If you want to fetch URLs from Leakix based on leaks, you must first:

1. Modify the `LEAKIX_API_KEY` variable in the script `exploit.py` with your Leakix API Key.

2. If you have a Pro API key, you can use the `--bulk` mode:

```bash

python3.10 exploit.py --leakpy --bulk

```

3. For non-Pro users, specify the number of pages you want to retrieve using the `--pages` argument:

```bash

python3.10 exploit.py --leakpy --pages [NUMBER_OF_PAGES]

```

### Other Options:

- Save results to an output file:

```bash

python3.10 exploit.py -u [TARGET_URL] -o [OUTPUT_FILENAME]

```

- To see a full list of command-line options:

```bash

python3.10 exploit.py -h

```