exploit-eyesofnetwork Version 5.3.5 up to 5.3.10
```
CVE-2021-27513 / CVE-2021-27514
#The brute-forcing can take a very long time on non production environement cause "session_id" is created at every login (but every session_id generated by the app are valide)
#for the PoC i deployed an EyesOfNetwork solution and I've simulate an daily use with 300 login (on production environement, I've found 230 entry in de "sessions" table in 3 months)
#All session-id are created with only 8 to 10 DIGIT, so, that's easy on production environement to break one of them...
#For testing usage, change de "sessid" in the line .43 with an approached value of valide session_id (you find this in your cookie section or in eonweb database - "sessions_id" table (login:eonweb password:root66 on every instance of eyesofnetwork))
#Note : You can not upload more than 1 file withe the same name and the same URL, if the exploit fail, you have to edit the requests with another URL and filename (Orginal file name:shell2.xml.php original URL:https://ImSo.Famous)
```
[4.0K] /data/pocs/8087f474adb90d6cb47e9cc44ca99e7ed105700e
├── [6.5K] PoC-BruteForceID-arbitraty-file-upload-RCE-PrivEsc.py
└── [1.0K] README.md
0 directories, 2 files