## https://sploitus.com/exploit?id=441659F4-F1F9-5671-ACF7-AC86311A46B1
# CVE-2024-46987 Exploit - Camaleon CMS Path Traversal
This tool exploits a Path Traversal vulnerability in Camaleon CMS (CVE-2024-46987). It allows for arbitrary file download and includes an automated feature to attempt to retrieve SSH keys from users discovered on the system.
## Features
- **Arbitrary File Download**: Manually download any file from the server (e.g., /etc/passwd).
- **Automated SSH Brute Force**:
- Automatically extracts users from /etc/passwd.
- Brute forces common SSH private key locations for found users.
- Auto-login support using hardcoded or manually provided credentials.
- Session persistence with Cookies.
## Installation
1. Clone the repository.
2. Install dependencies:
```bash
pip install -r requirements.txt
```
## Usage
### Direct Exploit (Interactive Mode)
By default, the script runs in an interactive mode where you can input file paths to download.
```bash
python3 cve-2024-46987.py -u http://target.com -l admin -p password
```
### SSH Key Extraction Mode
Use the `--bruteforce-ssh` flag to automatically mine for SSH keys.
```bash
python3 cve-2024-46987.py -u http://target.com -l admin -p password --bruteforce-ssh
```
### Arguments
- `-u`, `--url`: Target Base URL (Required)
- `-l`, `--login`: Username for login (Default: admin)
- `-p`, `--password`: Password for login (Default: password)
- `-c`, `--cookie`: Manual session cookie (Optional)
- `--bruteforce-ssh`: Enable automated SSH key harvesting mode
## Disclaimer
This tool is for educational purposes and authorized penetration testing only. Usage of this tool for attacking targets without prior mutual consent is illegal.