Share
## https://sploitus.com/exploit?id=A7814E4B-136E-50BC-AF6E-D5FFFD1156D9
# CVE-2023-27372 SPIP < 4.2.1 - Remote Code Execution Vulnerability Scanner ๐Ÿ›ก๏ธ๐Ÿ’ป

This Python script scans for the CVE-2023-27372 vulnerability in SPIP applications under version 4.2.1. It uses the remote code execution model to test for the vulnerability. ๐Ÿ•ต๏ธโ€โ™‚๏ธ๐Ÿ”

### Installation ๐Ÿ“ฅ

To install this script, follow these steps:

1. Clone this repository: `git clone https://github.com/Chocapikk/CVE-2023-27372` ๐Ÿ“‹

2. Navigate into the project directory: `cd CVE-2023-27372` ๐Ÿ“

3. Install necessary Python packages using pip: `pip install -r requirements.txt` ๐Ÿ

### Usage ๐Ÿ’ป

To use the script, you can run the following command: `python CVE-2023-27372.py [arguments]` ๐Ÿ–ฅ๏ธ

The arguments that can be used are:

* `-u` or `--url` : Provide the SPIP application base URL ๐ŸŒ
* `-v` or `--verbose` : Enable verbose mode. (default: False) ๐Ÿ“ฃ
* `-l` or `--list` : Provide a file with a list of SPIP application base URLs ๐Ÿ“ƒ
* `-o` or `--output` : Write the output to a file ๐Ÿ“

An example of usage: `python CVE-2023-27372.py -u <SPIP_URL> -v -o output.txt` ๐Ÿ”

### Dork ๐ŸŽฏ

For finding potential SPIP websites that could be tested for the vulnerability, the ZoomEye search engine can be used with the following dork:

`zoomeye search "spip.php?page=" -num 2000 -filter=ip,port` ๐Ÿ‘€

Please note that this is meant for research and educational purposes. Do not use it on websites without obtaining proper permissions. ๐Ÿ“šโœ…

### Disclaimer โš ๏ธ

This tool is intended for academic purposes and testing your own systems for these vulnerabilities. Do not use it to cause harm or without proper authorization from the owner of the target system. The user of this software is solely responsible for obeying local laws and regulations. The authors are not liable for any damage or violations caused by this tool. ๐Ÿšซ๐Ÿšจ