Exploit for Authentication Bypass by Spoofing in Apache Apisix CVE-2022-24112

## https://sploitus.com/exploit?id=D06471EF-3D25-52E0-90E8-5A2B786820E5
# Apache APISIX 2.12.x Remote Code Execution (RCE) Exploit

This Python script is a Proof-of-Concept (PoC) for a remote code execution (RCE) vulnerability in Apache APISIX versions 2.12.0 and 2.12.1.

The vulnerability lies in the misuse of the `filter_func` Lua field within the admin API, allowing an attacker to inject arbitrary Lua code that executes system commands via `io.popen`. The response from the command is returned in the HTTP response using `ngx.say()`.

> ⚠️ **DISCLAIMER**: This tool is intended for authorized testing and educational purposes only. Do not use it on systems you do not own or have explicit permission to test.

---

## 🧰 Requirements

- Python 3.6+
- `requests` library (`pip install requests`)

---

## 🚀 Usage

### 📁 File Name
`exploit.py`

### 🔧 Syntax

```bash
python3 exploit.py -d <target_domain_or_ip> -p <port> -c <command>
```
```bash
python3 exploit.py -d 127.0.0.1 -p 9080 -c id
python3 exploit.py --domain 192.168.1.100 --cmd "uname -a"
python3 exploit.py -d vulnerable.host.local -c "cat /etc/passwd"
```