Share
## https://sploitus.com/exploit?id=CD71799C-A6D9-50BF-AF13-7D17072C83AD
# CVE-2023-30943 Vulnerability Scanner

This tool detects a vulnerability in Moodle as described in the [NVD](https://nvd.nist.gov/vuln/detail/CVE-2023-30943).

## Description

Moodle contains a vulnerability due to the way it handles TinyMCE loaders. The application allows a user to dictate the folder creation path. A remote attacker can exploit this by sending a crafted HTTP request, enabling arbitrary folder creation on the system.

## Installation

1. Ensure you have Python 3.10 installed.
2. Clone or download this repository.
3. Install the required libraries:
```bash
pip install -r requirements.txt
```

## Usage

### Basic Commands:

Scan a single URL for vulnerability:
```bash
python3.10 exploit.py -u [TARGET_URL]
```

Scan multiple URLs from a file:
```bash
python3.10 exploit.py -f [FILE_CONTAINING_URLs]
```

### Using Leakix:

If you want to fetch URLs from Leakix based on leaks, you must first:

1. Modify the `LEAKIX_API_KEY` variable in the script `exploit.py` with your Leakix API Key.
2. If you have a Pro API key, you can use the `--bulk` mode:
```bash
python3.10 exploit.py --leakpy --bulk
```
3. For non-Pro users, specify the number of pages you want to retrieve using the `--pages` argument:
```bash
python3.10 exploit.py --leakpy --pages [NUMBER_OF_PAGES]
```

### Other Options:

- Save results to an output file:
```bash
python3.10 exploit.py -u [TARGET_URL] -o [OUTPUT_FILENAME]
```

- To see a full list of command-line options:
```bash
python3.10 exploit.py -h
```