Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)# CVE-2022-44877
## Overview
This bash script is used to test the vulnerability of web servers to CVE-2022-44877. The script performs a curl request to a target URL with a payload encoded in base64. If the target is vulnerable to the CVE-2022-44877 vulnerability, the elapsed time of the curl request will be greater than 3.5 seconds.
## Installation
```bash
sudo apt-get update
sudo apt-get install curl bc
git clone https://github.com/Chocapikk/CVE-2022-44877
cd CVE-2022-44877
chmod +x script.sh
```
## Usage
The script can be used in three different ways:
`scan`: To scan a single URL, run the following command:
```bash
./script.sh scan <URL>
```
`exploit`: To exploit a single URL, run the following command:
```bash
./script.sh exploit <URL> <payload>
```
`masscan`: To scan a list of URLs, either provide a file containing the list of URLs or pipe the list of URLs to the script:
```bash
./script.sh masscan <file>
or
echo <URLs> | ./script.sh masscan
```
# Requirements
The script requires `curl` to be installed on the system.
# Disclaimer
This script is for educational purposes only and should not be used for malicious purposes. The user is solely responsible for any actions taken with the script.
[4.0K] /data/pocs/1e88e61078955dfb2e86e6d75cb0fb0858bec5a2
├── [1.2K] README.md
└── [2.6K] script.sh
0 directories, 2 files