Exploit for Path Traversal in Apache Http Server CVE-2021-41773

## https://sploitus.com/exploit?id=4B44115D-85A3-5E62-B9A8-5F336C24673F
# CVE-2021-41773
<p align="center">
<img width="927" alt="top" src="https://user-images.githubusercontent.com/58662599/136872314-f49192b7-00f2-428b-a9d5-b026ab53db21.png">
</p>

> Quick proof of concept

[![Python Version][python-image]][python-url]

The script check for LFI and RCE in Apache 2.4.49, you can test a single target or a list. Make sure you specify HTTP or HTTPS for a single target.

Test only if you're authorized, be smart.

#### Example usage: 
```
python3 cve2021-41773.py -target DOMAIN/IP -protocol HTTP/HTTPS -file domain_list.txt
```
#### Using a list of targets:
```
python3 cve2021-41773.py -file domain_list.txt
```
#### Testing a single target:
```
python3 cve2021-41773.py -target example.com -protocol HTTP
```
### Contact:

Twitter – [@0xAlmighty](https://twitter.com/0xAlmighty) – MHhhbG1pZ2h0eUBwcm90b25tYWlsLmNvbQ==

<!-- Markdown link & img dfn's -->
[python-image]: https://img.shields.io/badge/python-3+%20%20-blue
[python-url]: https://www.python.org/downloads/