Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)# CVE-2022-44877
## Overview
This bash script is used to test the vulnerability of web servers to CVE-2022-44877. The script performs a curl request to a target URL with a payload encoded in base64. If the target is vulnerable to the CVE-2022-44877 vulnerability, the elapsed time of the curl request will be greater than 3.5 seconds.
## Installation
```bash
sudo apt-get update
sudo apt-get install curl bc
git clone https://github.com/Chocapikk/CVE-2022-44877
cd CVE-2022-44877
chmod +x script.sh
```
## Usage
The script can be used in three different ways:
`scan`: To scan a single URL, run the following command:
```bash
./script.sh scan <URL>
```
`exploit`: To exploit a single URL, run the following command:
```bash
./script.sh exploit <URL> <payload>
```
`masscan`: To scan a list of URLs, either provide a file containing the list of URLs or pipe the list of URLs to the script:
```bash
./script.sh masscan <file>
or
echo <URLs> | ./script.sh masscan
```
# Requirements
The script requires `curl` to be installed on the system.
# Disclaimer
This script is for educational purposes only and should not be used for malicious purposes. The user is solely responsible for any actions taken with the script.
Log in to view the POC file snapshot cached by Shenlong Bot
Log in to view