Exploit for CVE-2025-30208

Name: Exploit for CVE-2025-30208
Rating: 5 (170 reviews)
2025-04-02 | CVSS 5.3
## https://sploitus.com/exploit?id=4551D78D-4BB7-5690-8D90-391D0A8EED56
# CVE-2025-30208

This repository contains a Bash script that automates the process of detecting and scanning CVE-2025-30208 from a list of URLs. The script integrates Discord notifications for tracking execution status.

## Features
- Runs `detect_vite.py` to identify Vite servers from a list of URLs.
- Generates `hosts.txt` containing identified Vite servers.
- Runs `scan_vite.py` to scan the detected CVE-2025-30208.
- Sends a Discord notification when the script starts and completes execution.
- Handles missing files with proper error handling.

## flow
run script.sh
`detect_vite.py` starts on `urls.txt` --> generate `hosts.txt` (identified vulnerable vite server) --> `scan_vite.py` starts on `hosts.txt`

## for single url scan
insert url in `hosts.txt` file and then 
`python3 scan_vite.py`

## Prerequisites
- Python 3 installed
- `detect_vite.py` and `scan_vite.py` scripts in the same directory
- `urls.txt` containing URLs to scan for CVE-2025-30208
- A Discord webhook for notifications

## Installation
1. Clone the repository:
   ```sh
   git clone https://github.com/your-username/your-repo.git
   cd your-repo
   ```
2. Make the script executable:
   ```sh
   chmod +x script.sh
   ```
3. Replace `YOUR_DISCORD_WEBHOOK_URL` in `scan_vite.py` with your actual Discord webhook URL.

## Usage
Run the script using:
```sh
./script.sh
```

## Expected Behavior
- If all required files are available, the script will execute and send notifications to Discord.
- If any file is missing (`detect_vite.py`, `scan_vite.py`, `urls.txt`), the script will notify the error and exit.
- If `hosts.txt` is not generated after `detect_vite.py`, the script will notify an error and stop execution.

## Script Workflow
1. Sends a Discord message indicating script execution has started.
2. Checks for the existence of required files.
3. Runs `detect_vite.py` on `urls.txt`.
4. Verifies that `hosts.txt` was created.
5. Runs `scan_vite.py` on `hosts.txt`.
6. Sends a Discord message upon successful completion.

## Example Discord Messages
- 🟢 **Script started:** Running detect_vite and scan_vite.
- ❌ **Error:** Missing file (detect_vite.py, scan_vite.py, or urls.txt)
- ❌ **Error:** `hosts.txt` was not generated.
- ✅ **Scan completed successfully!**

## reference
[advisory!](https://github.com/advisories/GHSA-x574-m823-4x7w)

## Author
[sumeet-darekar](https://github.com/sumeet-darekar)