Share
## https://sploitus.com/exploit?id=840D2F90-CD7E-50EA-92C7-0144AA22A9CC
# Langflow Exploit Tool - CVE-2026-0770
## ๐ Table of Contents
- [Overview](#overview)
- [Features](#features)
- [Installation](#installation)
- [Usage Guide](#usage-guide)
- [Menu Options](#menu-options)
- [Configuration](#configuration)
- [Output Examples](#output-examples)
- [File Formats](#file-formats)
- [Requirements](#requirements)
- [Troubleshooting](#troubleshooting)
- [Disclaimer](#disclaimer)
- [Credits](#credits)
---
## Overview
Tool ini digunakan untuk menguji kerentanan **CVE-2026-0770** pada aplikasi **Langflow**.
Memanfaatkan endpoint `/api/v1/validate/code` untuk melakukan Remote Code Execution (RCE).
**Developer:** Ohang
**Thanks to:** @C4p333
**Purpose:** Security Research & Educational Use
---
## Features
### ๐ฏ Core Features
| Feature | Description |
|---------|-------------|
| **Single Target Mode** | Attack one specific target |
| **Mass Target Mode** | Attack multiple targets from file |
| **Auto Login** | Try default credentials (langflow:langflow) |
| **Multi-threading** | Process many targets simultaneously |
| **Auto Save** | Results saved automatically |
| **Verification** | Check if deface successful |
### ๐ง Attack Types
| Mode | Command | Function |
|------|---------|----------|
| **Auto Deface** | Create `ohang.html` | Replace website page |
| **Scan Index** | Find `index.html` | Locate web directories |
### ๐จ UI Features
- Colorized output (success/failed indicators)
- Real-time progress bar
- Thread management
- SSL warning suppression
---
## Installation
### 1. Clone or Download
```bash
git clone
cd
python scanner.py