Share
## https://sploitus.com/exploit?id=840D2F90-CD7E-50EA-92C7-0144AA22A9CC
# Langflow Exploit Tool - CVE-2026-0770

## ๐Ÿ“‹ Table of Contents
- [Overview](#overview)
- [Features](#features)
- [Installation](#installation)
- [Usage Guide](#usage-guide)
- [Menu Options](#menu-options)
- [Configuration](#configuration)
- [Output Examples](#output-examples)
- [File Formats](#file-formats)
- [Requirements](#requirements)
- [Troubleshooting](#troubleshooting)
- [Disclaimer](#disclaimer)
- [Credits](#credits)

---

## Overview
Tool ini digunakan untuk menguji kerentanan **CVE-2026-0770** pada aplikasi **Langflow**.  
Memanfaatkan endpoint `/api/v1/validate/code` untuk melakukan Remote Code Execution (RCE).

**Developer:** Ohang  
**Thanks to:** @C4p333  
**Purpose:** Security Research & Educational Use

---

## Features

### ๐ŸŽฏ Core Features
| Feature | Description |
|---------|-------------|
| **Single Target Mode** | Attack one specific target |
| **Mass Target Mode** | Attack multiple targets from file |
| **Auto Login** | Try default credentials (langflow:langflow) |
| **Multi-threading** | Process many targets simultaneously |
| **Auto Save** | Results saved automatically |
| **Verification** | Check if deface successful |

### ๐Ÿ”ง Attack Types
| Mode | Command | Function |
|------|---------|----------|
| **Auto Deface** | Create `ohang.html` | Replace website page |
| **Scan Index** | Find `index.html` | Locate web directories |

### ๐ŸŽจ UI Features
- Colorized output (success/failed indicators)
- Real-time progress bar
- Thread management
- SSL warning suppression

---

## Installation

### 1. Clone or Download
```bash
git clone 
cd 
python scanner.py