Exploit for Path Traversal in Apache Http Server CVE-2021-41773

## https://sploitus.com/exploit?id=C67E8849-6A50-5D5F-B898-6C5E431504E0
# SSH Key and RCE PoC for CVE-2021-41773

This repository contains a Proof-of-Concept (PoC) for CVE-2021-41773. This CVE exposes a Local File Inclusion (LFI) and Remote Code Execution (RCE) vulnerability.

---

### Installation

Ensure you have Go version **1.23.0** installed.  
Build the exploit binary with the following command:

```bash
go build -o exploit
```

---

### How to Use

- **Specify the target IP**: Use the `-i` flag to specify the target IP address (include the port). This is **required**.
  - Example:  
    ```bash
    ./exploit -i 10.0.0.1:8080
    ```

- **Specify the SSH wordlist size**: Use the `-l` flag to choose the size of the SSH wordlist.  
  Options:  
  - `0`: Small (default)  
  - `1`: Medium  
  - `2`: Large  
  This flag is **optional**.  
  - Example:  
    ```bash
    ./exploit -i 10.0.0.1:8080 -l 1
    ```

- **Enable HTTPS**: Use the `-ssl` flag to enable HTTPS (default is HTTP). This flag is **optional**.  
  - Example:  
    ```bash
    ./exploit -i 10.0.0.1:8080 -ssl
    ```

- **Specify a custom SSH key wordlist**: Use the `-k` flag to provide a custom wordlist for SSH keys. This flag is **optional**.  
  - Example:  
    ```bash
    ./exploit -i 10.0.0.1:8080 -k /usr/share/wordlist/SecLists/Discovery/Web-Content/quickhits.txt
    ```

- **Enable Remote Code Execution (RCE)**: Use the `-rce` flag to execute commands remotely. This flag is **optional**.  
  - Example:  
    ```bash
    ./exploit -i 10.0.0.1:8080 -rce
    ```

---

### Why?

I wanted to write something in Golang and learn the language.  
This is the first complete program I have written in Golang.

---

### Notes

- Use this tool responsibly and only on systems you have explicit permission to test.
- CVE-2021-41773 affects Apache HTTP Server 2.4.49 and 2.4.50. Ensure the target is vulnerable before running the exploit.