# CVE-2024-36416
Tool for validating CVE-2024-36416

## Usage
pip3 install -r requirements.txt
python3 --help
python3 --url http://<target>.<tld>/<crm-root> --validate --payload-test
<div align="center"">


## Server-Side Log File Check
Verify the server-side file, if the log file ``\service\example\proxy.log`` is >=25MB, the server is likely vulnerable.

<div align="center"">



## Issues
- Downloading the zipped folder may cause windows defender to yell "Trojan:Script/Wacatac"
- Supply the crm root page (could be '/suite7/docroot/', '/SuiteCRM-7.14.3/', or '/'), if you supply the full path the detection may work but the code isn't programmed to step back through your supplied path
- This exploit is mostly stateless, so while the reported files could respond with a 403/404 the best way to verify is to do a limited upload with the ``--payload-test`` arg