This repository contains a Proof-of-Concept for the CVE-2021-41773. This CVE contains a LFI and RCE vulnerablity.# SSH Key and RCE PoC for CVE-2021-41773
This repository contains a Proof-of-Concept (PoC) for CVE-2021-41773. This CVE exposes a Local File Inclusion (LFI) and Remote Code Execution (RCE) vulnerability.
---
### Installation
Ensure you have Go version **1.23.0** installed.
Build the exploit binary with the following command:
```bash
go build -o exploit
```
---
### How to Use
- **Specify the target IP**: Use the `-i` flag to specify the target IP address (include the port). This is **required**.
- Example:
```bash
./exploit -i 10.0.0.1:8080
```
- **Specify the SSH wordlist size**: Use the `-l` flag to choose the size of the SSH wordlist.
Options:
- `0`: Small (default)
- `1`: Medium
- `2`: Large
This flag is **optional**.
- Example:
```bash
./exploit -i 10.0.0.1:8080 -l 1
```
- **Enable HTTPS**: Use the `-ssl` flag to enable HTTPS (default is HTTP). This flag is **optional**.
- Example:
```bash
./exploit -i 10.0.0.1:8080 -ssl
```
- **Specify a custom SSH key wordlist**: Use the `-k` flag to provide a custom wordlist for SSH keys. This flag is **optional**.
- Example:
```bash
./exploit -i 10.0.0.1:8080 -k /usr/share/wordlist/SecLists/Discovery/Web-Content/quickhits.txt
```
- **Enable Remote Code Execution (RCE)**: Use the `-rce` flag to execute commands remotely. This flag is **optional**.
- Example:
```bash
./exploit -i 10.0.0.1:8080 -rce
```
---
### Why?
I wanted to write something in Golang and learn the language.
This is the first complete program I have written in Golang.
---
### Notes
- Use this tool responsibly and only on systems you have explicit permission to test.
- CVE-2021-41773 affects Apache HTTP Server 2.4.49 and 2.4.50. Ensure the target is vulnerable before running the exploit.
[4.0K] /data/pocs/9f77e1dac47d510bdbf19a2f899e7ee918e63a22
├── [ 26] go.mod
├── [6.4K] main.go
└── [1.8K] README.md
0 directories, 3 files