Share
## https://sploitus.com/exploit?id=441659F4-F1F9-5671-ACF7-AC86311A46B1
# CVE-2024-46987 Exploit - Camaleon CMS Path Traversal

This tool exploits a Path Traversal vulnerability in Camaleon CMS (CVE-2024-46987). It allows for arbitrary file download and includes an automated feature to attempt to retrieve SSH keys from users discovered on the system.

## Features

- **Arbitrary File Download**: Manually download any file from the server (e.g., /etc/passwd).
- **Automated SSH Brute Force**:
  - Automatically extracts users from /etc/passwd.
  - Brute forces common SSH private key locations for found users.
  - Auto-login support using hardcoded or manually provided credentials.
  - Session persistence with Cookies.

## Installation

1. Clone the repository.
2. Install dependencies:
   ```bash
   pip install -r requirements.txt
   ```

## Usage

### Direct Exploit (Interactive Mode)
By default, the script runs in an interactive mode where you can input file paths to download.

```bash
python3 cve-2024-46987.py -u http://target.com -l admin -p password
```

### SSH Key Extraction Mode
Use the `--bruteforce-ssh` flag to automatically mine for SSH keys.

```bash
python3 cve-2024-46987.py -u http://target.com -l admin -p password --bruteforce-ssh
```

### Arguments

- `-u`, `--url`: Target Base URL (Required)
- `-l`, `--login`: Username for login (Default: admin)
- `-p`, `--password`: Password for login (Default: password)
- `-c`, `--cookie`: Manual session cookie (Optional)
- `--bruteforce-ssh`: Enable automated SSH key harvesting mode

## Disclaimer

This tool is for educational purposes and authorized penetration testing only. Usage of this tool for attacking targets without prior mutual consent is illegal.