# MSAPer | CVE-2023-3076 - MStore API 
Automatic Mass Tool for check and exploiting vulnerability in CVE-2023-3076 - MStore API < 3.9.9 - Unauthenticated Privilege Escalation (Mass Add Admin + PHP File Upload)<br><br>
<img src="" width=600></img><br>
- Using GNU Parallel. You must have parallel for run this tool.<br>
- <b>If you found error like "$'\r': command not found" just do "dos2unix"</b>
# Install Parallel
- Linux : <code>apt-get install parallel -y</code><br>
- Windows : You can install WSL (windows subsystem linux) then do install like linux<br>if you want use windows (no wsl), install <a href="">GitBash</a> then do this command for install parallel: <br>
[#] <code>curl > </code><br>[#] <code>sha1sum | grep 12345678 </code><br>[#] <code>md5sum </code><br>[#] <code>sha512sum </code><br>[#] <code>bash</code><br>
# How To Use
- <b>Make sure you already install Parallel!</b> Then do:
- [#] <code>git clone</code>
- [#] <code>cd MSAPer && chmod +x</code>
- [#] For Linux or WSL: <code>./ list.txt thread</code>
- [#] For Gitbash: <code>TMPDIR=/tmp ./ list.txt thread</code>
# Reference
# Disclaimer:
- <b><i>This tool is for educational purposes only. Use it responsibly and with proper authorization. The author is not responsible for any misuse.</b></i>